Back to all news

Case Study: Deutsche Telekom – Open Sovereign Cloud

Motivation and Objectives

The project was driven by two primary principles: openness and sovereignty. By leveraging open-source components, the platform ensures transparency and flexibility. Sovereignty is achieved by adhering to the guidelines set by the GAIA-X initiative, which promotes data and operational sovereignty within the European Union. This ensures compliance with EU laws, providing users with freedom of choice and interoperability across multiple cloud providers.

Key Features and Architecture

The cloud platform is structured into three main layers, each with its unique features and capabilities:

1. Infrastructure Layer:
   • MetalStack Technology: The infrastructure is based on a modern, Kubernetes-native technology called MetalStack. This offers essential infrastructure services like compute resources (virtual machines), storage (using Ceph), and networking (based on SONiC).
   • Kubernetes Integration: MetalStack leverages Kubernetes for resource management, providing a cloud-native, scalable, and efficient infrastructure solution.
2. Platform as a Service (PaaS):
   • Gardener: This orchestration tool manages Kubernetes clusters, allowing for seamless integration with various infrastructures. It supports multiple Kubernetes versions and offers geo-redundancy through its garden, seed, and shoot cluster architecture.
   • Automated Management: Users can easily create and manage Kubernetes clusters via a user-friendly dashboard or APIs, supporting CI/CD pipelines for automated deployments.
3. Software as a Service (SaaS):
   • Kyma Runtime: Kyma enhances Kubernetes with additional tools for serverless functions, API gateway, service mesh (Istio), and observability (Prometheus, Grafana, Loki, Jaeger).
   • Service Catalog: A comprehensive catalog of ready-made services like PostgreSQL, Kafka, Redis, and more, allowing developers to build applications quickly using these pre-configured components.

Innovation and Security

One of the most innovative aspects of the platform is its support for confidential computing. This technology addresses the challenge of securing in-memory data by encrypting the entire memory context of running containers. Leveraging Intel’s SGX technology, the platform ensures that even memory snapshots remain encrypted, preventing unauthorized access to sensitive data. This level of security makes the platform suitable for high-stakes applications in sectors like healthcare and defense.

Development Process and Team Culture

The development of this platform follows agile methodologies, with cross-functional teams working collaboratively across different layers of the stack.

Key technologies and tools used include:

• Programming Languages: Go, shell scripting, C (for network acceleration), and Python (for testing).
• Operating Systems: A customized Debian-based Linux distribution called Garden Linux.
• Development Tools: Git and GitLab for version control, task management, and CI/CD pipelines.

The team’s culture emphasizes transparency, collaboration, and continuous improvement, with regular sprint reviews and quarterly face-to-face meetings to align on priorities and address challenges.

Conclusion

The open-source and sovereign cloud platform developed by our client represents a significant advancement in cloud technology, combining compliance, security, and interoperability. By adhering to GAIA-X principles and leveraging cutting-edge technologies, the platform offers a robust solution for businesses seeking a secure and flexible cloud environment. This project not only sets a new standard for cloud services in Europe but also provides a model for future innovations in the industry.

Provided services

• Cloud services
• DevOps services

Key Technologies

• Kubernetes
• MetalStack
• Ceph
• Gardener
• Kyma
• Go
• GitLab

Back to all news

Case study: SoftPoint – Enhancing Infrastructure and Deployment Efficiency

Overview

Softpoint sought assistance with system infrastructure, monitoring, integration, and deployment processes. We conducted a comprehensive analysis of key areas to effectively address their needs.

Analysis Areas

• Infrastructure: Reviewed and optimized Kubernetes, virtual machines, and PostgreSQL setups.
• Monitoring: Developed dashboards to identify performance bottlenecks.
• Resource Limitation: Implemented tenant-based resource limits.
• Auto-Deployment and GitLab CI: Streamlined deployment processes.
• Cost Analysis: Identified opportunities for cost savings.
• Auto-Scaling Pods: Planned for future scalability.

Implementation

We integrated auto-deployment scripts with GitLab CI, addressed pipeline issues, and enhanced deployment processes. The infrastructure was upgraded, including Kubernetes and PostgreSQL tweaks, and new instance pools were configured for cost efficiency.

Infrastructure Changes

• Upgraded Kubernetes and optimized worker configurations.
• Implemented cost-saving measures, reducing expenses by hundreds of EUR per month

Additional Improvements

• Enabled security features like WAF and session stickiness.
• Optimized PostgreSQL settings and addressed memory management issues.

Outcome

The collaboration resulted in streamlined automated deployment, improved operational efficiency, scalability, and cost savings. Our partnership with Softpoint led to infrastructure and process improvements, setting the stage for future growth and scalability.

Contact Person

Peter Jakubík, CEO SoftPoint

Provided services

• Cloud services
• DevOps services
• Consulting

Key Technologies

• MS Azure
• Kubernetes
• WAF
• PostgreSQL
• GitLab