I’m leading Platform team in SUSE IT, we are now working on scalable setup for kubernetes clusters (we have Rancher, yes) on on-premise environment (we have various certifications, which block us to move to cloud with several applications - but I’m also working closely with AWS to fix the confidential computing in cloud, as the current options are not fulfilling the regulator requirements…).
currently we are working on high-level designs of our platform components (authentication / authorization, cluster deployment, observability, secrets management, and more will follow, I’m sure), while already deploying prototypes/MVPs here and there…
another side product we have is Cloud Landing Zones, where our customers (= SUSE employees) can request access to AWS, Azure, GCP, and they will just get assigned Okta role (owner / contributor / reader) which allows them to access cloud account / subscription / project (😒igh: on the naming convention). on top of them, we are using Flexera for providing spend reports to the owners of the accounts (here we want to have more features, like automated reporting of idling / not-enough-secure resources, but it’s not always easy to kill three birds with one stone…)
anyway, I came here for some ideas, and possibly also to share my experience.
and I’m definitely interested in the PlatformCon 😛latformcon23: