OC3 registrations are now open! Join the premier event for confidential computing online or in Berlin on March 27.

cloud

Case study: STACKIT

STACKIT integrates Constellation into its sovereign cloud offering

Stackit logo color

STACKIT is the German cloud platform owned by Schwarz Group, Europe's largest retailer encompassing brands like Lidl and Kaufland. Schwarz Group has annual revenues of over €130 billion and 575,000 employees. STACKIT’s vision is a secure, simple, and stable cloud for European companies.  

Challenge

STACKIT is building a sovereign European cloud. By keeping data always encrypted and verifiably secure, even when running workloads on third-party infrastructure, confidential computing fits perfectly with STACKIT’s mission and customer requirements.

The company already had the right hardware with confidential-computing CPUs from AMD. For enabling these features on OpenStack at scale and with a user-friendly Kubernetes-based, STACKIT partnered with Edgeless Systems.

Solution

Edgeless Systems supported STACKIT to set up confidential VMs (CVMs) on OpenStack. Next, the two partners integrated Constellation, the always-encrypted Kubernetes, into the cloud user portal with full billing and support integration. Constellation is a CNCF-certified Kubernetes engine that leverages confidential computing to isolate entire Kubernetes deployments from the underlying infrastructure. Constellation makes sure that data is always encrypted: in-use with CVMs, at-rest by adding transparently encrypted storage, and in-transit with attested TLS. For DevOps teams, Constellation provides a simple Kubernetes user experience without any code changes. It even comes with a dedicated Terraform provider. The security of a Kubernetes cluster can also be verified, using CPU-based remote attestation.

Result

By working with Edgeless Systems, STACKIT was able to launch leading confidential-computing solutions from scratch in only a few months, providing complete infrastructure isolation, and adding more features to its sovereign cloud offering. STACKIT now offers STACKIT Confidential Kubernetes and STACKIT Confidential Server. If you want to learn more, please contact us or the great team at STACKIT.

Thanks to the successful collaboration with Edgeless Systems, our new products STACKIT Confidential Server and STACKIT Confidential Kubernetes were created. In this way, we are providing our customers with another innovative security component to support them in their use of a sovereign cloud.

Matthias Sutter, Chief Product Owner at STACKIT

Watch our presentation on scaling confidential clusters on OpenStack with Samuel Kunkel & Moritz Eckert

Want to learn more? Contact us!

The form failed to load. Please send an email to contact@edgeless.systems. Loading likely fails because you are using privacy settings or ad blocks.