Compliant Kubernetes - by Elastisys

Product Overview

Elastisys Compliant Kubernetes (CK8s) is a container platform built for strong security and full lifecycle compliance with ISO-27001, GDPR and PCI-DSS.

Compliant Kubernetes is a proven, stable and a cost-efficient Kubernetes platform that is managed by Elastisys and fully built on cloud-native open-source components.

Highlights

• Operated 24/7 in ISO certified, European data centers.
• Facilitates compliance with frameworks such as ISO-27001, GDPR and PCI-DSS.
• Makes it easier to stay secure and compliant by enforcing policies across the whole software development lifecycle without restricting developers.
• Lessens the audit burden by providing detailed and easy to access audit trails.
• Provides an enterprise UI that acts as a single point of entry to all relevant tools, policies, and configuration.
• Comes complete with observability (logging, monitoring, audit traces), authentication, secret management, intrusion detection, and vulnerability scanning through a private container registry.

Editor Details

Elastisys delivers managed services and professional services focused on cloud native software development and operations.

Extending on decades of internationally leading cloud research, Elastisys helps organizations build and run scalable applications in modern, dynamic container environments.

Elastisys is an active open source contributor and Cloud Native Computing Foundation (CNCF) member.

https://elastisys.com/

Technical Documentation

The Compliant Kubernetes platform includes the following components:

Compliant Kubernetes is delivered as a security-hardened Kubernetes Cluster. In addition to the standard Kubernetes control plane, Compliant Kubernetes includes a set of Cluster Services that run inside the Cluster as well as a set of External Services that run outside the Cluster. The above image illustrates the managed Kubernetes Service (with the Cluster Services and External Services shown in green color) and the Cluster where the customer can run applications (blue color).

Read more about the full specifications in the fact sheet

Plans

• Compliant Kubernetes Managed Service 5333.33 EUR / Monthly
• Additional nodes 37.50 EUR / Monthly

• Compliant cluster
  1 day setup
• Nodes
  up to 20
• Enterprise support
  Unlimited
• Upgrades
  True
• Backup and DR
  True
• Security patching
  True
• SLA
  99.95 %
• Continuous compliance
  True
• Policy enforcement
  True
• Audit reports
  True
• Application Logs
  30 days or 50 GB - Extension possible
• Metrics retention
  30 days or 50 GB - Extension possible

• Compliant cluster
  On demand
• Nodes
  From Medium to Titan
• Enterprise support
  Included
• Upgrades
  True
• Backup and DR
  True
• Security patching
  True
• SLA
  99.95 %
• Continuous compliance
  True
• Policy enforcement
  True
• Audit reports
  True
• Application Logs
  30 days or 50 GB - Extension possible
• Metrics retention
  30 days or 50 GB - Extension possible

Usage & Technical Prerequisites

Sizing your Compliant Kubernetes Cluster

To estimate and size your required infrastructure apply the formula below:

+ Minimum Compliant Kubernetes Infrastructure
+ Compliant Kubernetes Managed Service
+ Worker nodes (e.g. 25 Huge instances)
+ [Optional] Additional nodes Managed Service (e.g. 25 - 20 = 5)
= Total Monthly fee

Minimum Compliant Kubernetes Infrastructure requirements on Exoscale:

Environment	Role	Instance type
Workload cluster (Customer)	Masters	3 x Medium with 50 GB SSD
Service cluster	Masters	3 x Medium with 50 GB SSD
Service cluster	Worker ES	3 x large with 50 GB SSD
Service cluster	Worker InfluxDB	1 x large with 50 GB SSD
Service cluster	Worker rest	2 x large with 50 GB SSD

Additional requirements:

• Elastic IP for the ingress in the service cluster: 1
• Object Storage: 500 GB

To subscribe to the Compliant Kubernetes the follow the steps below

1. Determine the initial size of your cluster
2. Fill our the onboarding form
3. Submit your request
4. Exoscale will confirm the request by adding the subscription to your Organization
5. Your cluster will be provisioned and details sent back via email

Provisioning of a new Cluster, is performed within 1 business day after the customer submitted a completed onboarding form.

Service and Support

Support

Elastisys support is available 24/7 over Slack, e-mail (support@elastisys.com) or phone.

Target response time for incidents is 1 hour, 24/7.

Service requests

The following actions can be requested through the Service Desk:

• Provision a new Cluster.
• Scale Cluster out or in by adding or removing Nodes.
• Scale Cluster up or down by resizing Nodes.
• Increase storage for Cluster Services or External Services.
• Decommission Cluster.
• Handle incidents: investigate, classify, and resolve whenever applicable.

Target response time for service requests is 1 hour. Service requests are handled during 8 am to 5 pm CET.

Terms of Service

• Privacy Policy
• Terms and Conditions
• DPA: on demand