At OSAD 2021, Matthias Kanzog from IT-DLZ Bayern gave an insight into the container technology used.
“In order to be able to deploy applications faster and more flexible in the future while ensuring data security, the IT-DLZ decided to set up its own container operation.” This is Matthias’ answer to the “crucial question” about agility and flexibility in public authorities.
The customers of the IT-DLZ, for example ministries and the state chancellery, can choose between several usage scenarios. They can purely use the container infrastructure, the complete container infrastructure and provided applications, or mixed forms. Rancher is used as the basis for container operation as an orchestration platform.
The IT-DLZ is also responsible for specifying best practices and minimum requirements for containerized applications. Security is paramount, because it involves citizens’ highly personal data.
Currently, several Kubernetes clusters based on Rancher are in operation, which are deployed using Ansible. Harbor is used as the image registry, with the advantage that the Clair and Trivy vulnerability scanners are already integrated.
Quite new is the switch from scripts with
kubectl commands to automated deployments using pipelines in ArgoCD. With this, the IT-DLZ is taking a further step towards automating its IT infrastructure.
Finally, the constant evolution and change of the Kubernetes ecosystem was cited as an ongoing challenge. Likewise, organizational changes and adaptations of existing processes and responsibilities to the new framework conditions of container technology are necessary, which can be summarized under the keyword ‘DevOps’.
We would like to thank Matthias for his presentation at OSAD 2021. If you’d like to learn more about Matthias’ talk, you can find his slides and talk via our OSAD 2021 website.
This post is also available in: German