KRZN Logo
業種: Public Sector
所在地: Germany
全文をダウンロード

KRZN drives digital transformation in government institutions and schools with SUSE Rancher

ハイライト

  • Roll out innovative digital services in minutes instead of days.
  • Rapidly deploy Kubernetes clusters with integrated storage for developers.
  • Centrally manage and monitor production and development clusters from a single interface.
  • Minimize operational overhead with end-to-end visibility and high levels of automation.
  • Flexible scalability of the infrastructure according to the current system load.
  • High security standard through uniform user authentication and access control.

製品

Kommunales Rechenzentrum Niederrhein (KRZN), headquartered in Kamp-Lintfort, was founded in 1971 as a municipal, special purpose association for data processing. The special purpose association supports the cities of Bottrop and Krefeld and the districts of Kleve, Mettmann, Viersen and Wesel, totaling 46 municipal administrations who use KRZN’s IT services.

The tasks of the special purpose association include the development, introduction, maintenance and operation of IT applications, as well as data protection and data security measures. KRZN supports more than 18,000 office workstations in city halls and district administrations, making it one of the ten largest municipal IT service providers in Germany. As part of the Rhine-Ruhr IT cooperation, the organization also performs tasks for the cities of Düsseldorf, Duisburg, Mönchengladbach and Bochum. In total, KRZN now processes the municipal data of over four million residents in North Rhine-Westphalia.

At-a-Glance

Kommunales Rechenzentrum Niederrhein (KRZN) has been processing data for government institutions for more than 50 years. Today, the municipal IT service provider is one of the pioneers of containerized applications and operates a rapidly growing Kubernetes landscape with Rancher Prime. This enables KRZN to deliver innovative services, such as web conferencing systems for local governments or digital learning platforms for hundreds of schools, faster, more securely and more efficiently.

The journey to containers

To support the administrative institutions in their diverse activities, KRZN provides them with more than 150 IT applications. These cover a wide range of municipal services - from the registry office to vehicle registration. As team leader at KRZN, Jürgen Backes is responsible for system management, storage and backup of the complex application infrastructure: “We are constantly developing our infrastructure and rely heavily on automation and new technologies to provide our customers with maximum availability and performance for their digital services.”

Among other things, Backes’ team has implemented a comprehensive solution for monitoring the application infrastructure. Every five minutes, more than 45,000 parameters from over 2,500 IT systems are read and checked. In the event of deviations, the team is automatically notified and can react immediately - often before users notice anything.

The monitoring system itself was the first application that KRZN deployed as a containerized application. “Our goals were to improve the scalability of the application and to achieve higher availability through load balancing. Therefore, we mapped our Nagios system with self-built containers under Docker Swarm,” reports Backes.

The switch to the new system architecture met KRZN’s expectations, but when an announcement came out that support for Docker Swarm was ending, the team had to think about Its future container strategy. “We decided quite quickly at that time to focus on Kubernetes in the future,” says Backes. “From both internal development departments and external software providers, we received more and more requests to provide Kubernetes clusters for running new applications. We therefore started to look more intensively at the topics of container orchestration and cluster management.”

“More speed in digitization is required from public administration. This is exactly why we are strategically relying on Kubernetes and Rancher Prime. It enables us to deliver new services to our customers in minutes instead of days.”

Why Rancher Prime?

KRZN realized that it could only meet the increasing demand for Kubernetes implementations with a powerful container management platform. The team explored the market and evaluated two solutions in proof-of-concept installations. In the end, the decision was clearly in favor of Rancher Prime.

“The decisive factor for us was, firstly, how well the solution could be integrated into our infrastructure,” explains Backes. “We already use numerous open source technologies, such as Nagios, Promotheus, Grafana and Elastic Stack components. Rancher Prime, as a 100% open source solution, was therefore a much better fit for our environment than proprietary alternatives.”

Second, Rancher Prime offered KRZN added functional value, such as integrated support for Microsoft Active Directory. The IT service provider controls user authentication and access permissions for its Linux servers via group memberships in Active Directory. With Rancher Prime, KRZN was able to extend the existing permission structure to the Kubernetes clusters very easily and ensure that developers, for example, can only access the systems that have been approved for them.

“The high flexibility of Rancher Prime was also important for us,” Backes emphasizes. “We can manage Kubernetes environments in the cloud from the same interface as the clusters in our data center. Even though everything is currently running on-premises, it’s good to have this option for the future.”

Benefits of the new platform

Rollout of new digital services for municipalities in minutes instead of days

The added value of Kubernetes and Rancher Prime became apparent as early as the implementation of the first containerized application. Specifically, this involved deploying the open source web conferencing system BigBlueButton.

Many local governments needed a solution to securely connect home office employees after the COVID-19 pandemic outbreak. In this situation, KRZN decided to deploy BigBlueButton. The open meeting platform is hosted entirely in the organization’s own data center, and all audio and video signals are transmitted in encrypted form. This ensures comprehensive data protection even for online conferences on sensitive administrative topics.

“Part of the security and service concept for BigBlueButton is that we provide a separate administration interface for each municipality,” explains Backes. “In a classic architecture, we would also have needed 40 virtual machines for around 40 meeting platforms, and we would have spent days setting them up. By contrast, with Rancher Prime and Kubernetes, we can deploy a front end for a new customer as a container in minutes. This has greatly accelerated the rollout of this important communications platform and helped thousands of government employees continue to collaborate effectively under the challenging conditions of the pandemic.”

Rapid deployment of development clusters - including container storage

KRZN’s development teams also benefited from the new platform right from the start. Today, they can very quickly access their own development clusters with any CNCFcertified Kubernetes distribution. In the process, Rancher Prime provides them with a diverse service catalog for building, deploying and scaling containerized applications, including application packaging, CI/CD and logging, as well as monitoring and service mesh. “These tools make it easier for our teams to develop new applications and help us bring innovative digital services for public administration to market faster,” says Backes.

With Longhorn, KRZN also provides developers with an easy-to-use storage solution for each cluster. Longhorn is a lightweight, distributed block storage platform for Kubernetes that can be installed with a few clicks from the Rancher Prime application catalog. Developers can use it to very quickly provision persistent storage for the stateful applications in their cluster. Longhorn allows block storage to be replicated across multiple nodes to increase availability. Backups and snapshots of volumes on external storage are also very easy to create. “Integrated data protection in particular is a huge advantage of Longhorn,” Backes points out. “It allows our developers to restore data in their Kubernetes cluster on their own at any time.

Efficient multi-cluster management with minimal personnel effort

KRZN’s Kubernetes environment has grown very quickly, but Rancher Prime allows them to keep operational overhead under control. With the solution, administrators have a complete overview of all clusters and can perform tasks, such as provisioning, backup, version management and troubleshooting, very efficiently. Updates and patches, for example, can be applied automatically to all clusters. In the event of problems with specific services, KRZN staff can look directly into the logs of individual containers via the central interface. In addition, Rancher Prime offers the option of transferring all log data to KRZN’s Elastic Stack for further analysis.

“Thanks to the powerful management platform, we can now manage the entire Kubernetes infrastructure with a very small team,” says Backes. “With SUSE, we are now able to do more with significantly less effort and also tackle entirely new topics.”

Meanwhile, KRZN also runs Kubernetes clusters for external customers who need access to containerized applications. This includes, for example, authentication software used by public administration institutions. “Kubernetes hosting is now becoming a new business area for us. However, we would never have been able to offer it without Rancher Prime,” Backes says.

What’s next for KRZN?

The next expansion stage for KRZN’s Kubernetes infrastructure is imminent. The IT service provider will soon make further instances of the open source learning platform, Moodle, available to schools in the region. This should enable new digital forms of instruction for tens of thousands of students in a short period of time.

“This is exactly the kind of scenario that a container architecture is perfect for,” says Backes. “We can set up the individual platforms very quickly and provide the schools with the resilience they need for their learning applications. Rancher Prime also helps us flexibly adjust the performance of the environment.”

The KRZN team plans to use Kubernetes’ Horizontal Pod Autoscaler (HPA) technology to do this. This allows services in a cluster to be scaled up or down as needed. “With Rancher Prime, we can configure HPA to scale automatically, according to current CPU and memory utilization, for example,” Backes explains. “So, we always put the power exactly where it’s needed most at any given time.”