Why Compliant Kubernetes?

Compliant Kubernetes is an open source Kubernetes distribution for regulated industries. It addresses the needs of companies seeking ISO 27001, HIPAA, or PCI DSS certifications, while offering a great DevOps experience. It is compatible with a growing list of public and private cloud offerings. Supported cloud infrastructure providers include industry giants such as AWS and EU jurisdiction-specific ones such as Exoscale and CityCloud. The project was founded by Elastisys, a commercial entity that offers fully-managed Compliant Kubernetes on your supported hosting provider of choice.

The power of Kubernetes tailored to your needs and compliance requirements

Compliant Kubernetes turns your computer infrastructure, physical or virtual, into production-grade Kubernetes clusters tailored to your needs and compliance requirements. Powerful integrations with identity providers, compliant handling of audit logs and role-based access control, and continuous proactive security features and policies help you achieve the certifications your business requires. As a Certified Kubernetes distribution, compatibility with the growing cloud-native landscape is guaranteed. You can install apps using Helm, perform rolling app upgrades with ease, and integrate with CI/CD to get a GitOps deployment flow.

Actionable insights via Compliant Kubernetes Dashboard

Compliant Kubernetes combines powerful monitoring, logging, and observability features into a single cohesive dashboard. Your software reliability engineers, developers, or data scientists get permission-protected access to data driving actionable insights, complete with a full audit trail for compliance.

Compliant Kubernetes is Open Source

Elastisys offers Compliant Kubernetes under the permissive Apache 2 license. Because it is open source, customers can perform a full inspection and audit of the software that runs on their infrastructure. Compliant Kubernetes is frequently updated to pull in the latest and greatest stable features offered by the underlying components that are at the core of Compliant Kubernetes, such as Kubernetes itself.

Private, public, or hybrid cloud infrastructure

Compliant Kubernetes empower your multi-cloud strategy whether using private, public, and hybrid cloud infrastructure. Production-ready software support is available for Amazon Web Services, Exoscale, Safespring, and CityCloud and support for VMware and Azure is coming in the future. Not tied to any particular cloud provider, Compliant Kubernetes offers the same great user experience and focus on compliance across all deployment scenarios. Unlike some more opinionated distributions, Compliant Kubernetes stays true to the upstream Kubernetes project and the cloud-native ecosystem that surrounds it and does not impose its own concepts and tool chains on your DevOps teams. This As a Certified Kubernetes distribution, Compliant Kubernetes is compatible with all the latest and greatest developments in the cloud-native software field.

Maximize productivity in regulated environments

Compliant Kubernetes brings the benefits of Kubernetes to regulated industries and provides a rock-solid platform for your applications. Customers depending on Compliant Kubernetes maximize their productivity by not having to worry about the security or performance of the platform. Instead, they can move ahead with agility and dependable frequent software delivery processes. Integration with CI/CD software makes releasing new software a breeze.

Continuous compliance

Security is not a one-time item to be checked off a list. Compliant Kubernetes ships with software to continuously enforce that your entire application delivery process is secure. A private container registry, container vulnerability scanning, intrusion detection, network segregation, and policy definition and enforcement all work around the clock to keep your applications and platform secure. Additionally, all operations against the platform are authorized using role-based access control (RBAC) every single one leaves a trail in the securely handled audit logs, protecting you against insider threats. This way, your organization maintains full control over and insight into every operation in the platform.

Compliance at DevOps speed and flexibility

Compliant Kubernetes brings fast and modern DevOps processes to regulated industries. Once code is committed, best practices during the build process such as code and composition analysis are combined with container image signing during the CI/CD process. Cryptographical certificates for your applications are managed and rotated frequently automatically. Leveraging Compliant Kubernetes continuous security features and automatic policy enforcement, developer productivity remains high even under strict regulatory requirements. 

Empowering operations teams

Compliant Kubernetes offers a great dashboard for visibility into your cluster, comes with frequent updates, and has dependable disaster recovery features. Frequent backups of the cluster’s control plane ensures that even in case of disaster, your cluster and applications will be back up and running in no time. Compliant Kubernetes integrates with, among others, Slack, PagerDuty, and email to send notifications to keep your operations team on top of things.

Use cloud vendors you can trust

Compliant Kubernetes is compatible with several cloud technologies, both private and public. With Compliant Kubernetes, you fully own your data, and you can use cloud vendors that you can trust. For European customers, the recent Schrems II ruling states that Privacy Shield does not offer adequate data protection under GDPR. Elastisys works together with European cloud providers to offer a great Kubernetes experience in European clouds.