Sie sind hier:
Structure of the Kubernetes platform
We build the Kubernetes platform on a VMware cluster or on a Hyper-V cluster. The clusters run in one data center or are distributed across two data centers.
In principle, there is a VPN connection between the admin client and the master nodes. In front of the worker nodes we connect ingress controllers for load balancing. The system is protected from the Internet by a firewall cluster.
In the variant of one cluster in one data center we use Pure Storage SSD on the one hand and Rubrik Backup with a 10 Gbit redundant connection to another backup storage on the other hand.
In the variant with two data center locations, Pure Storage SSD and Rubrik Backup are also used on one side. On the other side, Pure Storage SSD and Archive Storage are used. Both sites are separated from the Internet by firewall, VPN and DDOS protection. Data is mirrored from one Pure Storage to the other. The backup also works redundantly via 10 Gbit.
Structure Ingress Cluster:
The basis for this is an F5 Ingress Gateway. Here, the user is authenticated upstream and the credentials are forwarded to the application using headers, SAML or oAuth.
At this point there is also the load balancing, the WAF and a DDOS protection. The firewall service and NGINX could be replaced by this.
The Kubernetes platform is multi-tenant. This guarantees the separation of clients on the platform.
Find more information in out presentation (pdf): Kubernetespräsentation2022_4-3_final_06_05_2022
Building the Kubernetes Platform
Kubernetes aaS: The Advantages of our Service
Is my data in a shared cloud (shared VM) safe from unauthorized access?
Availability of our data centers in the event of a blackout
What is a Virtual Datacenter in the vCloud?
Möchten Sie über Neuigkeiten immer gleich informiert werden? Dann melden Sie sich hier zum Newsletter an: