Overview
Many organizations face a fundamental dilemma:
The cloud provides flexibility —
but also introduces rising costs, increasing dependencies and loss of control.
OpenKubes was designed as an alternative:
A modern, Kubernetes-based platform that runs fully on-premises or in controlled environments — without vendor lock-in.
Platform Vision
OpenKubes follows a clear platform-first approach:
- Full control over infrastructure and data
- Standardized and automated platform environments
- Reliable operation of mission-critical workloads
- Integration of modern cloud-native technologies
- Reduced operational complexity
The platform is specifically designed for organizations with high requirements in:
- Security
- Compliance (e.g. KRITIS, DORA)
- Availability
- Data sovereignty
Architecture: Kubernetes on Open Infrastructure
Unlike traditional cloud setups, OpenKubes is built on an open and interchangeable infrastructure architecture.
Core components
- Proxmox as virtualization and infrastructure layer
- Kubernetes as the workload platform
- HAProxy / Kong for traffic management
- Keycloak for identity and access management
- OpenSearch & Grafana for observability
Key advantages
- Independence from hyperscalers
- Use of proven open-source technologies
- Flexible scaling within own data centers
Alternative Infrastructure: OpenStack for Scaled Private Cloud Environments
In addition to Proxmox, OpenKubes can also be deployed on OpenStack — particularly in large-scale, distributed or highly regulated environments.
OpenStack is well suited for scenarios requiring:
- Infrastructure-level multi-tenancy
- Software-defined networking (SDN)
- Complex network and security architectures
- Integration into existing private cloud environments
- Scaling across multiple data centers
In these setups, OpenStack acts as a private cloud infrastructure layer, with Kubernetes operating on top as the application platform.
Proxmox vs. OpenStack — A Deliberate Architectural Choice
OpenKubes follows a pragmatic, requirement-driven approach:
- Proxmox for simple, robust and efficient platform environments
- OpenStack for complex, large-scale enterprise deployments
The infrastructure layer is not chosen based on technology preference, but on actual requirements such as:
- Scalability
- Network architecture
- Operating model
- Organizational complexity
This results in a platform architecture suitable for both mid-sized organizations and large, regulated enterprises.
Platform as a Product
OpenKubes is not treated as a project — but as a continuously operated platform.
This includes:
- Continuous evolution and improvements
- Security updates and hardening
- Monitoring and incident management
- 24/7 support for production environments
The platform is operated as a managed environment — internally or by a trusted partner.
Security by Design
Security is a foundational element of the platform architecture.
Key capabilities include:
- Network segmentation and access control
- Integrated identity management (Keycloak)
- Secure API and service exposure
- Runtime-oriented security approaches
- Centralized policy enforcement
The goal is clear:
Security is built into the platform — not added later.
Platform Automation
A high degree of automation is essential for scalability and operational reliability.
OpenKubes leverages:
- Infrastructure as Code (e.g. Terraform, Ansible)
- GitOps-based deployment workflows
- Standardized cluster and service templates
- Automated provisioning and updates
Outcome
- Reduced manual effort
- Lower risk of operational errors
- Fully reproducible environments
Use Cases
OpenKubes is particularly suited for:
- Mission-critical production systems
- Industrial and automotive environments
- Banking and insurance sectors
- Healthcare systems
- Organizations with strict compliance requirements
Outcome & Value
OpenKubes delivers a platform that:
- Brings cloud-native capabilities on-premises
- Eliminates vendor lock-in
- Improves cost control
- Integrates security and compliance
- Provides a stable foundation for modern applications
It combines the advantages of cloud-native technologies with the control of traditional infrastructure.