T-Systems International GmbH, a subsidiary of Deutsche Telekom AG, is a leading IT service provider based in Germany. With a presence in more than 20 countries, T-Systems offers digital solutions with a focus on cloud computing, cybersecurity, the Internet of Things (IoT) and IT transformation services. The company has annual revenues of approximately €4 billion and employs more than 26,000 people worldwide. T-Systems serves a wide range of industries and is known for its expertise in Industry 4.0 and large-scale digital transformation projects.
T-Systems offers cloud infrastructure through the Open Telekom Cloud (OTC). This helps to meet the changing needs of modern businesses. OTC provides scalable and flexible cloud computing resources, including storage, compute and network services, based on OpenStack technology. Designed for businesses of all sizes, OTC delivers secure cloud solutions that prioritize data protection and sovereignty. The cloud platform is certified with several key standards, including ISO/IEC 27001 for information security management, BSI C5 for cloud security requirements and TISAX Level 3 for data security in the automotive sector. It also complies with SOC 1, 2, and 3 for financial and security controls, and adheres to the EU Cloud Code of Conduct for GDPR compliance.
OTC supports companies in highly regulated industries such as healthcare, finance and public sector organizations and offers highly available data centers in Germany. It is an attractive solution for companies that want to use public cloud resources but need to ensure that their data remains in the EU and complies with EU policies.
At-a-Glance
T-Systems needed to enhance its Kubernetes service offerings in the Open Telekom Cloud to secure multi-cloud management of containerized workloads in any cloud or on-premises environment. The company chose SUSE to provide customers with full control of their Kubernetes layers and comprehensive protection of sensitive data. At the same time, customers benefit from greater agility, faster time to market and efficient operations from a single interface.
The journey to enterprise container management
In addition to Infrastructure as a Service (IaaS) offerings, OTC also provides a comprehensive set of container and Kubernetes services to help organizations effectively manage and scale their containerized applications. One of the core services OTC offers is Cloud Container Engine (CCE), a managed Kubernetes offering based on upstream Kubernetes. CCE allows users to seamlessly deploy, manage and orchestrate container clusters with built-in auto scaling and high availability capabilities.
"Our goal is to empower customers with a secure, scalable and compliant Kubernetes solution that simplifies the deployment and management of containerized applications," says Christian Boelle, OTC Product Manager at T-Systems. "We aim to reduce operational complexity for our customers so they can focus on innovation, not infrastructure management."
While CCE makes it easy to manage containerized workloads within the OTC, many organizations also need to manage multiple clusters outside the OTC in different private and public clouds or on-premises environments. "A growing number of customers today have a multi-cloud strategy for deploying containerized applications," explains Roman Schiller, Product Owner, Images OTC at T-Systems. "We wanted to provide these customers with a comprehensive multi-cloud management platform to simplify cross-cloud operations and governance."
The OTC team was looking for a solution to meet this customer requirement. The solution needed to provide ease of use through a single control plane and support all relevant infrastructures and Kubernetes distributions. The team also strongly preferred an open source approach to avoid vendor lock-in and flexibly balance workloads between different infrastructure layers.
"Rancher Prime has been crucial to our cloud native strategy by making it much easier to set up and manage a Kubernetes infrastructure with its intuitive user interface."
Why SUSE solutions?
T-Systems has a long history of working with SUSE, using the company's open source solutions for a wide range of use cases. For example, the company runs large SAP environments for customers on SUSE Linux Enterprise Server (SLES) for SAP Applications. SLES for SAP Applications is a highly optimized, resilient and certified operating system that meets the specific needs of SAP workloads. It ensures reliability and performance for important business applications. Through this partnership, T-Systems can deliver end-to-end SAP hosting solutions with enhanced stability, security and support, enabling customers to benefit from an efficient infrastructure tailored to their SAP landscape.
"As a service provider, we have had very good experiences with SUSE technologies and support," says Martin Schuster, SUSE Partner Manager at T-Systems. "That is why we decided to work with SUSE in the area of enterprise container management. With Rancher Prime, we can offer our customers a powerful platform for managing their Kubernetes environments."
Based on previous success with SUSE, T-Systems decided to work with SUSE for container management, creating synergies that benefit many CCE users. As one of the leading enterprise container management platforms, Rancher Prime supports any certified upstream Kubernetes distribution — including the CCE offered by T-Systems. This allows customers to efficiently deploy Kubernetes clusters in the OTC infrastructure using the Rancher Prime user interface.
When CCE is used with Rancher Prime, Rancher acts as the central management platform for multiple Kubernetes clusters, providing comprehensive operational capabilities. For example, Rancher Prime enables automated and consistent deployment of updates across all clusters, minimizing operational overhead and increasing operational reliability. Customers also benefit from integrated monitoring and alerting.
"Rancher Prime has been crucial to our cloud native strategy by making it much easier to set up and manage a Kubernetes infrastructure with its intuitive user interface," says Roman Schiller. "Our customers can decide for themselves whether they want to run Rancher Prime in their own data center or receive it as a service from OTC."
In the latter case, T-Systems provides first- and second-level technical support for Rancher Prime, including CCE integration. SUSE is responsible for third-level support and works closely with the T-Systems teams.
The impact of working with SUSE
Enables efficient cloud management for heterogenous environments
"With Rancher Prime, we are enabling our customers to manage multiple clouds from a single interface," says Christian Boelle. "Organizations can use the platform to manage not only Kubernetes clusters deployed via CCE in OTC, but also clusters on other platforms such as AWS, Azure or Google Cloud. "
Rancher Prime simplifies multi-cloud management by providing a unified control plane with all the tools needed for lifecycle management, monitoring and security enforcement. This helps customers standardize operations and apply consistent access and security policies, reducing the complexity of managing diverse Kubernetes environments.
Improved visibility is also a big benefit of multi-cloud management with Rancher Prime, according to Roman Schiller: "Customers don't have to log in to multiple platforms to check the health of their Kubernetes clusters. With Rancher Prime, they can monitor the performance and availability of all their clusters and containerized workloads in a single pane of glass."
Ensures a high level of security and compliance with regulatory requirements
OTC is known for its high standards in data security and GDPR compliance. By combining the CCE offering with Rancher Prime, customers can take the protection of their Kubernetes infrastructure to a new level, simplifying the use of containerized applications in highly regulated industries. T-Systems knew that SUSE, another EU-based organization, had rigorous compliance standards that made them the right vendor to work with.
Rancher Prime offers multiple security certifications and features to ensure a secure Kubernetes environment for enterprises. It is SLSA (Supply Chain Levels for Software Artifacts) compliant, ensuring a secure software supply chain. Rancher Prime also integrates CIS Benchmarks for Kubernetes, enabling automated scans to validate cluster security. It supports Role-Based Access Control (RBAC) for granular permission management, Pod Security Policies for enforcing security at the workload level and complies with FIPS 140-2 standards for cryptographic modules, which is critical for organizations with stringent regulatory requirements.
Many customers in the healthcare sector, for example, are still reluctant to use cloud applications because they want to retain full control over the security of sensitive patient data. "This level of control is exactly what we can now offer our customers with the combination of OTC and Rancher Prime," says Christian Boelle. "Data and containerized workloads that should not leave Germany or the EU can now be deployed and operated in a standards-compliant manner in our protected cloud environment."
Accelerates digital transformation with greater agility and automation
With Rancher Prime's efficient Kubernetes management, T-Systems can help its customers accelerate their move to modern containerized applications. Rancher Prime provides easy-to-use tools that streamline the process of provisioning, deploying and managing Kubernetes clusters, along with advanced features such as application catalogs and CI/CD integration. Combined with OTC's CCE, enterprises can increase developer productivity while minimizing the complexity of Kubernetes operations.
To streamline the deployment of Rancher Prime, T-Systems is using its own Cloud Create service. This service allows users to visually design cloud infrastructure and manage applications in OTC. It provides an intuitive interface for creating and configuring cloud resources without requiring extensive technical expertise.
"We provide our customers with templates that they can use, for example, to immediately deploy a highly available cluster of Rancher management nodes," explains Roman Schiller. "All they have to do is fill in a few variables and press ‘start’ - the entire implementation and setup of the management cluster then runs completely automatically within a few minutes."
What’s next for T-Systems?
"We see great potential in the combination of Rancher Prime, OTC and CCE for companies that have already gained initial experience with Kubernetes and want to take the next step," summarizes Martin Schuster. "They can now scale their container environment very easily and securely, while always benefiting from the professional support of T-Systems and SUSE." Rancher Prime also makes OTC's Kubernetes offering more attractive for Deutsche Telekom's internal applications. In addition, more and more T-Systems account teams are starting to position Rancher Prime and OTC in their customer projects.