The DENIC-Owned Cloud

The DENIC-Owned Cloud

A concise overview

DENIC has been pursuing the cloud issue already for some years and has decided to continue relying on an own operating platform that extends across several locations. Also in this case, our decision was driven by security and data privacy considerations, so we chose to run our cloud on DENIC's own servers. Our core locations are our two independent computer centers in Frankfurt and Amsterdam. This arrangement guarantees perfect redundancy.

To make the infrastructure future-proof and able to flexibly handle any requirements to come, we started in 2022 to completely redesign the computer center infrastructure as well as our operating platform. A particular focus lay on the concept to be cloud native. It is based on a hyper converged infrastructure (HSCI), i.e. a software-defined system that combines all the elements of a conventional data center such as storage, computing, networking and management. The corresponding new HCI hardware was purchased for all our locations. Compared to the previous blade-based architecture, the new design offers more possibilities to extend the existing infrastructure. Comfortable exchange and replacement options make it easy to adapt to and grow with new hardware requirements.

Moreover, we have invested in new components for networking within and between the various locations, so that we can consistently guarantee optimal connectivity and highest possible availability. Another safety feature is the new backup storage, fit to meet the requirements of the new platform.

Proven virtualisation technologies are maintained and DENIC provides corresponding clusters as a virtualisation environment at all locations. It is controlled via a central management software, which makes it possible to build and configure virtual machines fully automatically. In addition to the local infrastructure, this software also allows to address various public cloud providers and thus to make machines available in the public cloud if required. Thus. we are also prepared for a future with hybrid or public cloud operation.

The new operating platform is focussed on a containerised environment in which the two data centers in Frankfurt and Amsterdam run in active-active mode. For migrating the applications, DENIC is consequently pursuing the strategy of a refurbishment from scratch and of tailoring them to the new operational environment. The change to so-called microservices, i.e. sub-applications that are as small as possible, has several advantages, such as better distribution, scalability and higher reliability. This also simplifies the autoscaling of applications and helps to automatically make available exactly the resources that are required. Additional efficiency is achieved by the possibility of automatically deploying not only individual containers, but also entire machines as needed.

Moreover, the platform provides basic services such as logging and monitoring as well as the automatic management of secrets and backups. Comprehensive vulnerability management ensures extensive security management. DENIC continues to use Continuous Integration and Continuous Deployment (CI/CD) to keep software and services up to date with minimal effort, to make features available promptly and to test applications automatically. In the future, we will no longer rely on individual large CI/CD pipelines in this context but use so-called micro-pipelining, which means that only individual applications and their dependencies are rolled out. This reduces dependencies and thus accelerates the entire development process.

Jan Henzel

Product Owner DENIC eG