OpenShift Configuration Platform

One customer came to us with the order to build an OpenShift platform that works independently of direct Internet access (“AirGapped”). OpenShift is a container platform developed by Redhat based on Kubernetes, which is particularly impressive due to its extensive additional functionality, integrability in companies and operational security.

Configurationplatform for OpenShift

When setting up OpenShift, integration into a company is a key part of the task. This is independent of the type of OpenShift installation (bare metal, in the cloud, etc.). In the case of an AirGapped installation, additional steps must also be taken during configuration in order to obtain an executable and updatable OpenShift environment.

Rapid Application Development is a software development principle to use pre-given and frequently needed components of a software application to accelerate the software development process massively. These components are for example functions for user authentication and authorization, user management (self-registration of a user, deactivating an account) but also application designs. With the usage of pre-given component, a lot of development tasks are omitted what rapidly accelerates the software development.

YOTRON put these development principles one step ahead and uses a Kubernetes-ready Rapid Application Development framework. The Kubernetes deployment is an integrated part of the software development, means the software we provide for you is Kubernetes-Ready out-of-the-box.

Kubernetes native BigData platform with S3

There is a wide range of tools which allows the analysis of BigData, like Hadoop or other NoSQL databases like MongoDB. All have in common that they are providing functionality for preparing (enrichment, analysing) and persisting data for exploration and visualization.

With the usage of cloud services like AWS, other cloud based persistent layer are used to store the data. Amazon S3 (SimpleStorageService) in AWS is one of these newly used layer. Nowadays, there are more provider of S3-compatible storages apart from AWS. To list some of them we see Cloudian and Ceph to provide private (self-hosted) S3-compatible storages.

Securing your Kubernetes Cluster with SSO

When you are using Kubernetes in your company you are wondering how to secure your Kubernetes Cluster against an unauthorized access of users. Most user of Kubernetes don’t know that the Access Tokens used in Kubeconfig files are stored as secrets within Kubernetes in plain text. To secure these secrets you must block the reading of secrets for your developer. This sound easier as it is in reality, because Kubernetes RBAC does not know deny permissions. Such scenarios like allowing the reading of secrets in the developer project but deny the reading of secretes with the user tokens is complicated und must be organized per Kubernetes namespace.

IONOS SE as part of United Internet Group has the approach to anchoring their own services provided by IONOS more deeply in the company. One aspect of that approach is the usage of their own Cloud provider “IONOS Cloud”. YOTRON supports the BI/BigData-department in the usage of the Cloud for their services.

YOTRON supports DevOps, Cloud and Kubernetes

Goal of the usage of Kubernetes and IONOS Cloud is the seamless integration into the IONOS network. All BI/BigData-applications running in the Cloud shall be reachable in the usual manner. We support IONOS to reach that goal successfully.