Compliant Kubernetes - by Elastisys
Elastisys Compliant Kubernetes (CK8s) is a container platform built for strong security and full lifecycle compliance with ISO-27001, GDPR and PCI-DSS.
Compliant Kubernetes is a proven, stable and a cost-efficient Kubernetes platform that is managed by Elastisys and fully built on cloud-native open-source components.
- Operated 24/7 in ISO certified, European data centers.
- Facilitates compliance with frameworks such as ISO-27001, GDPR and PCI-DSS.
- Makes it easier to stay secure and compliant by enforcing policies across the whole software development lifecycle without restricting developers.
- Lessens the audit burden by providing detailed and easy to access audit trails.
- Provides an enterprise UI that acts as a single point of entry to all relevant tools, policies, and configuration.
- Comes complete with observability (logging, monitoring, audit traces), authentication, secret management, intrusion detection, and vulnerability scanning through a private container registry.
Elastisys delivers managed services and professional services focused on cloud native software development and operations.
Extending on decades of internationally leading cloud research, Elastisys helps organizations build and run scalable applications in modern, dynamic container environments.
Elastisys is an active open source contributor and Cloud Native Computing Foundation (CNCF) member.
The Compliant Kubernetes platform includes the following components:
Compliant Kubernetes is delivered as a security-hardened Kubernetes Cluster. In addition to the standard Kubernetes control plane, Compliant Kubernetes includes a set of Cluster Services that run inside the Cluster as well as a set of External Services that run outside the Cluster. The above image illustrates the managed Kubernetes Service (with the Cluster Services and External Services shown in green color) and the Cluster where the customer can run applications (blue color).
Read more about the full specifications in the fact sheet
Compliant cluster1 day setup
Nodesup to 20
Backup and DRTrue
Application Logs30 days or 50 GB - Extension possible
Metrics retention30 days or 50 GB - Extension possible
Usage & Technical Prerequisites
Sizing your Compliant Kubernetes Cluster
To estimate and size your required infrastructure apply the formula below:
+ Minimum Compliant Kubernetes Infrastructure + Compliant Kubernetes Managed Service + Worker nodes (e.g. 25 Huge instances) + [Optional] Additional nodes Managed Service (e.g. 25 - 20 = 5) = Total Monthly fee
Minimum Compliant Kubernetes Infrastructure requirements on Exoscale:
|Workload cluster (Customer)||Masters||3 x Medium with 50 GB SSD|
|Service cluster||Masters||3 x Medium with 50 GB SSD|
|Service cluster||Worker ES||3 x large with 50 GB SSD|
|Service cluster||Worker InfluxDB||1 x large with 50 GB SSD|
|Service cluster||Worker rest||2 x large with 50 GB SSD|
- Elastic IP for the ingress in the service cluster: 1
- Object Storage: 500 GB
To subscribe to the Compliant Kubernetes the follow the steps below
- Determine the initial size of your cluster
- Fill our the onboarding form
- Submit your request
- Exoscale will confirm the request by adding the subscription to your Organization
- Your cluster will be provisioned and details sent back via email
Provisioning of a new Cluster, is performed within 1 business day after the customer submitted a completed onboarding form.
Service and Support
Elastisys support is available 24/7 over Slack, e-mail (firstname.lastname@example.org) or phone.
Target response time for incidents is 1 hour, 24/7.
The following actions can be requested through the Service Desk:
- Provision a new Cluster.
- Scale Cluster out or in by adding or removing Nodes.
- Scale Cluster up or down by resizing Nodes.
- Increase storage for Cluster Services or External Services.
- Decommission Cluster.
- Handle incidents: investigate, classify, and resolve whenever applicable.
Target response time for service requests is 1 hour. Service requests are handled during 8 am to 5 pm CET.