Securing your Kubernetes Cluster with SSO When you are using Kubernetes in your company you are wondering how to secure your Kubernetes Cluster against an unauthorized access of users. Most user of Kubernetes don’t know that the Access Tokens used in Kubeconfig files are stored as secrets within Kubernetes in plain text. To secure these secrets you must block the reading of secrets for your developer. This sound easier as it is in reality, because Kubernetes RBAC does not know deny permissions.

IONOS SE as part of United Internet Group has the approach to anchoring their own services provided by IONOS more deeply in the company. One aspect of that approach is the usage of their own Cloud provider “IONOS Cloud”. YOTRON supports the BI/BigDate-department in the usage of the Cloud for their services. YOTRON supports the advent of DevOps, Cloud and Kubernetes Goal of the usage of Kubernetes and IONOS Cloud is the seamless integration into the IONOS network.

VERBI GmbH is the software provider of MAXQDA, a software to support academic, scientific and business institutions in their daily research with worldwide distributed teams. To support the team work of their customers, VERBI developed with MAXQDA TeamCloud a cloud strategy for a frictionless collaborate work on common research tasks between members of the research teams. This strategy shall be developed entirely in the public cloud. VERBI chose YOTRON as their consultant to introduce the public cloud into their strategy because of our experience in Cloud topics.

YOTRON launched a new free to use service KubeAuth.io for Kubernetes which allows the authentication of your customer without the need of coding, only per configuration. Goal of KubeAuth.io Almost all application running in Kubernetes needs a mechanism to authenticate users which are using the application. The form for authentication which is mostly used based on OAuth 2.0 and OpenID Connect which are known for using tokens instead of simple Name and Password when a users want to authenticate themselves.

Mit dem Projekt Access 4.0 der Deutschen Telekom AG (DTAG) wird ein neuer Weg beschritten um den Zugang der Kunden der DTAG zu deren Gigabit-Produkte wie Telefon, Internet oder MagentaTV zu ermöglichen. Statt wie bisher auf monolithische Systeme zu setzen wird die Zugangsplattform mit normalen Standardkomponenten wie Switches und Server sowie einem breiten Softwareeinsatz ermöglicht das ausschließlich auf OpenSource-Produkte setzt. Automation und hochmoderner Softwareeinsatz Ziel des Projektes ist es mehrere hundert Standorte automatisiert mit aller relevanten Software und fachlichen Informationen zu bestücken und auch den Aktualisierungsprozess über moderne CI/CD Prozesse zu steuern ohne manuell eingreifen zu müssen (“Zero-Touch-Provisioning”).