AKS unlighted, but what about Compliancy, cost and Multi-tenancy?

The business case from City of Amsterdam is to overcome the challenges in setting up Azure Kubernetes Service (AKS) in such a way that it is secure, cost control, multi-tenant and compliant with the local government regulations. The goal is to empower the workload teams with the latest technology and the DevOps way of working. On their journey, the Cloud-Ops and Workload teams concluded that it isn’t just enabling “AKS”. It also requires a lot of management and Kubernetes knowledge, which is currently not present by most of the workload teams.


Sharing a Real-life use case in setting up a Multi-tenant Kubernetes with experience out of the field in a complex environment which is limited by compliant government regulations. It is not just “enabling” AKS and you are finished.  This talk helps bring clarity to create a Multi-tenant Kubernetes Environment based on agentpools in a secure, segmented and compliance way to all your workload teams, facilitating them in the needed protected cloud environment and a self-service offering.

This solution is based on Azure Kubernetes Service, enriched with technologies like Nginx, Calico and Open Policy Agent.

In the end the environment is deployable by infrastructure as code pipelines, protected, compliant and gives the possibility to use the power of Kubernetes and the Public Cloud like scaling on demand. This gives the needed flexibility to the City of Amsterdam, to follow the OpenSource strategy, using the latest technology and implementing the DevOps way of working.

Speakers

dinant-paardenkooper

Dinant Paardenkooper

 
Dinant is an enthusiastic, result-driven and experienced IT architect at IT-Impressive, with a big eagerness to learn and implement new technologies. With his hands-on mentality, a big dose of humor, ...jurgen-allewijn

Jurgen Allewijn

  
Jurgen is an experienced and enthusiastic IT architect at Luminis. In the last 20+ years he has accumulated a lot of knowledge and experience in IT. He likes to operate on the intersection of IT and ...