Appendix B — Platform Maturity Framework
Quick Reference — The Six Maturity Levels
The framework evaluates four dimensions:
- Personal Readiness (team skills)
- Organisational Readiness (IT structure)
- Application Readiness (workload types)
- Technology Readiness (deployed tooling).
Each level below describes the composite profile across all four.
| Level | Name | Description | Personal | Organisation | Applications | Technology |
|---|---|---|---|---|---|---|
| 5 | Advanced | Vast majority of apps containerised. Mission-critical. Five-nines availability. Specialist SRE team in place. | Advanced Kubernetes Knowledge | Site Reliability Engineering (SRE) | Container-Native 12-Factor Applications | Advanced Container Service Platform |
| 4 | Capable | Multiple business-critical apps in containers. High SLA commitments. Dedicated platform team. | Basic Kubernetes Knowledge | Platform Engineering | Container-Native 3-Tier Applications | "Containers as a Service" Platform |
| 3 | Emerging | Multiple important apps being containerised. Some customer-facing. DevOps or platform engineering function forming. | Advanced Docker Knowledge | DevOps Adoption | Containerisable Modern 3-Tier Applications | Centralised Container Operations Platform |
| 2 | Opportunistic | One or a few non-critical apps containerised to test the model. Champion-driven rather than organisational. | Basic Docker Knowledge | Champion-Based Adoption | Containerizable LAMP Applications | Discrete Container Operations |
| 1 | Ad-Hoc | Early experimentation only. No production workloads in containers. Individuals learning, org not committed. | Advanced Linux & Infra | Traditional Platform Support | Containerizable Monolith Applications | Container Experimentation |
| 0 | Traditional | No containers in use today. Beginning to think about containerisation. | Basic Linux Knowledge | Traditional IT Ops | Traditional Software Applications | Traditional IT Monitoring |
How the Assessment Works
The assessment covers four dimensions independently. Within each dimension, the questions are grouped into named sections — each section corresponds to a specific maturity level . If you answer YES to most questions in a section, that section represents your current level for that dimension.
Work through each dimension from the highest level downward. Stop at the first section where you can answer YES to most questions — that is your level for that dimension. Your lowest-scoring dimension determines your composite maturity level, because strength in one area does not compensate for a gap in another.
Using This Framework
To find your current level: Work through each dimension's questions from Level 5 downward. Stop at the first section where you can honestly answer YES to most questions. Your lowest dimension score is your composite level.
To choose a target level: Be realistic about business need. Targeting too high too soon leads to over-investment ahead of value. A well-executed Level 3 delivers more than a poorly executed Level 5.
To select scenarios: Navigate to any chapter and look for the scenario heading that matches your target level. Each scenario heading includes its level label, for example Scenario C (Level 3 — Emerging) . Read that scenario as your implementation target for that chapter.
The gap is the programme: The delta between current and target level, mapped across the chapters relevant to your environment, defines your implementation project. Use the Key Decisions Addressed sections in each chapter to understand the specific architectural choices at each level.
Self-Assessment Questions
Personal Readiness
Score the technical skills of the people responsible for managing your container platform. Both theoretical and applied knowledge count.
→ Level 0–1: Linux and Infrastructure Foundation
- Can you configure SSH servers, manage SSL/TLS, and handle iptables/IPFW?
- Do you understand storage: NFS/CIFS, block storage, RWO vs RWX?
- Do you understand networking: NAT, VLAN, overlay networking (VXLAN)?
→ Level 2: Basic Docker Knowledge
- Do you understand how a container runtime works?
- Do you know the differences between stateless and stateful containers?
- Do you understand the difference between VMs and containers?
- Do you understand how Docker volumes work vs bind mounts?
- Can you write Docker Compose files to manage groups of containers?
- Do you know how to build and distribute Docker images?
→ Level 3: Advanced Docker Knowledge
- Have you managed performance and troubleshooting in distributed microservices?
- Have you configured highly available Docker Swarm clusters?
- Do you know how to maintain data persistence across nodes?
- Have you worked with overlay networking and tunnelling in Docker?
- Are you familiar with reverse proxies and ingress controllers?
→ Level 4: Basic Kubernetes Knowledge
- Do you understand the basic concept of Kubernetes orchestration?
- Are you familiar with deployments, pods, containers, and services?
- Do you understand the resource overhead of running Kubernetes?
- Have you built and managed a Kubernetes cluster using bootstrap tooling?
- Do you know how to construct a basic Kubernetes YAML manifest?
→ Level 5: Advanced Kubernetes Knowledge
- Do you understand Kubernetes architecture: control-plane, API server, kubelet, networking, storage, and service discovery?
- Do you have deep knowledge of Kubernetes container orchestration internals?
- Have you worked with Kubernetes extensibility: CNI, CSI, Service Mesh, Operators, Admission Controllers?
- Can you write comprehensive Kubernetes RBAC Roles and Cluster Roles?
- Have you worked with autoscaling (Pod and Cluster) and per-namespace resource quotas?
- Do you write advanced Kubernetes manifests and Helm charts?
- Do you have deep working knowledge of GitOps and policy management in Kubernetes?
Organisational Readiness
Score your IT operational structure. Look at how your team actually operates, not just what the org chart says.
→ Level 0–1: Traditional IT Foundation
- Does your organisation have dedicated infrastructure and application support teams?
- Is service delivery primarily ticket-based?
→ Level 2: Champion-Based Adoption
- Was containerisation initially adopted by a single developer or technical lead?
- Are there operational controls and visibility for containerised workloads?
→ Level 3: DevOps Adoption
- Does your development team follow a "You Build It, You Support It" approach?
- Does containerisation underpin certain discrete production services?
- Are development and operations teams working collaboratively on container deployments?
→ Level 4: Platform Engineering
- Has your organisation transitioned from a DevOps model to Platform Engineering?
- Does your organisation treat container platforms as business-critical infrastructure?
- Is there centralised policy, control, security, and operations for container platforms?
- Do developers have a self-service platform where devs are treated as the customer?
→ Level 5: Site Reliability Engineering (SRE)
SRE is an advanced model reserved for mission-critical, high-uptime deployments.
- Does your organisation have a dedicated full-stack engineering team focused on SRE?
- Is this team exclusively focused on preventative engineering, uptime, resilience, and incremental improvement?
- Does the team engage in proactive monitoring and automated remediation?
Application Readiness
Score the applications you plan to run in containers. Answer based on your most important or largest application portfolio.
→ Level 1: Containerizable Monolith / Traditional Software
- Do you have monolith applications built on common frameworks with available container base images?
- Do you use purchased vendor software that can potentially be repackaged into a container?
→ Level 2: Containerizable Traditional Applications
- Do you have three-tier web apps that can run containerised on a single server?
- Do you have COTS software that can be repackaged into containers on a single host?
→ Level 3: Containerizable Modern Three-Tier Applications
- Do you have three-tier web apps that can run distributed across multiple servers without performance impact?
- Do you use COTS software that can be repackaged into containers across a cluster?
→ Level 4: Container-Native Three-Tier Applications
- Does your organisation use ISV-provided container images and deployment manifests?
- Do your internal developers provide container images and deployment manifests?
→ Level 5: Container-Native 12-Factor Applications
- Are your applications built on a micro-service architecture?
- Are your applications stateless by design?
- Are your applications horizontally scalable?
Technology Readiness
Score your current container tooling and platform deployment against the Container Management Platform standard.
→ Level 0–1: Container Experimentation / Traditional Tooling
- Are containers used primarily in dev environments or developer laptops?
- Do you use tools like Docker Desktop, Podman Desktop, or Minikube?
- Do you rely on traditional VM monitoring, APM tools, and threshold-based alerting?
→ Level 2: Discrete Container Operations
- Are containers deployed in production primarily led by developers without central oversight?
- Do you have per-project deployments rather than a shared platform?
- Are environments managed independently and treated as "pets"?
→ Level 3: Centralised Container Operations Platform
This is where most Portainer customers operate.
- Has your organisation migrated from discrete deployments to a centralised deployment model?
- Is there centralised access, authorisation, policy, and security management?
- Do you treat clusters as "cattle" rather than "pets"?
- Do you combine GitOps and UI-based operations in a single workflow?
- Do you have basic real-time observability across your container environments?
→ Level 4: "Containers as a Service" Platform
- Do you provide a self-service developer portal with predefined golden paths?
- Do you manage applications across multi-cluster, multi-cloud, or hybrid-cloud environments?
- Is Infrastructure as Code (IaC) a standard practice?
- Do you use GitOps as your preferred deployment model?
- Do you have a full observability suite with real-time and historical monitoring?
→ Level 5: Advanced Container Service Platform
- Does your organisation use a service mesh for managing microservices network access?
- Are your applications geo-distributed across multiple locations?
- Do you utilise advanced observability, security, and compliance tooling?