Security as Code is a driving force for the current evolution of application security. It goes hand-in-hand with modern software development and the rise of Infrastructure as Code (IaC), but it is also helping innovation-minded organizations to better address and deal with the biggest security challenge seen in a generation. 

Read more

When thinking about open source and sustainability, one of the first things coming into mind is that they are currently very much Zeitgeist. But what about them in combination? Does it make sense to use them as a pair? And is there perhaps a wider correlation between them, apart from software and infrastructure? Let’s find out… 

Read more

Not like free beer. But open and free to use for several business cases: open source. How that works explain Julian Hansert from Kubermatic and Christopher Branston from SVA.

The evolution of cloud technology has caused cyber threats to evolve in a parallel manner. Cybersecurity risks have skyrocketed as more and more companies opt for migrating their servers and infrastructures to the cloud. This trend has resulted in immense amounts of sensitive data being interconnected, available, and – unfortunately – quite vulnerable to numerous threats.

Read more

Good news for all cloud enthusiasts and container fans: ContainerDays (CDS) will take place again from September 21 – 23, 2021. Europe’s flagship conference on container and cloud native technologies is going hybrid this year: live in Hamburg and worldwide online conference for free.   

Tickets: – with the voucher: THANKS2CLOUDICAL@CDS21 you get 20% off

Read more

If you know the cloud report a little bit, you already know that we thematize topics like diversity, responsibility, sustainability beside all kind of cloud computing things. We understand “cloud” holistically, and we understand “open source” as a mindset of sharing, collaboration, forward-looking, reasonable, social. The open source communities and foundations like the Cloud Foundry Foundation are showing right now the future of technology´s development! This time we think about social responsibility.

Read the full article: here

Foundation for carbon neutral sustainability – LF Energy

While I was searching for open source, sustainability, energy awareness I found LF Energy, a sub-foundation of Linux Foundation that is focused on the power systems sector: “LF Energy brings together stakeholders to solve the complex, interconnected problems associated with the decarbonization of energy by using resilient, secure and flexible open source software. Digitalization facilitates a radically energy-efficient future.”

Read the full article: here

Many companies want to use orchestration tools for their applications, but not all of these apps are containerized or cloud native. Some apps would need a complete re-write. At the KubeCon & CloudNativeCon Europe HashiCorp introduced the new release of Nomad, their orchestration tool for containers, but also legacy applications. the cloud report talks with Chang Li about Nomad, of course also in comparison to Kubernetes.

If you want to use the possibilities of reliability and scalability in IT landscapes, this is easily achieved by Kubernetes ecosystems, which you can set up with a cloud service provider or in your own data center. This article describes how to roll out applications in a Kubernetes ecosystem, which tools you need, which “middleware” is necessary and which cloud service providers (hyperscalers or GDPR-compliant service providers) you can use.

Read the article: here

“Security by Design” and “Developer first” as approaches of GITLAB. Cindy introduces the offerings of automation tools to develop secure code quickly. GITLAB enables and empowers developers to join DevSecOps by using automation, open source and security knowledge. The tools help testing APIs and finding vulnerabilities before the code goes into production. But there are still a lot of challenges…

watch the interview here

Short interview with cloud security expert Jurlind Budurushi from Cloudical

Securing the infrastructure, platforms, processes, and data is one of the most important topics in cloud computing. the cloud report interviewed cloud security experts about the challenging year 2020, how this year of digitization affected cloud security, and their expectations and solutions for 2021.

read the interview here

To understand cybersecurity we need to understand what this “cyberspace” is. In the second episode we answer the questions: What is cloud computing? What are the security challenges? Who is responsible? And who (the fuck) is Alice?

Watch part II of our “Securing Cyberspace” series here

The first transnational lockdown 2020 came as a surprise to everyone and was implemented at short notice. In the days and weeks that followed, concepts were developed, technical equipment for working at home was purchased, a lot of improvisation was done, and as much as possible was digitized.  

The event area was one of the first to quickly develop virtual alternatives to the cancelled on-site events. Meetups became virtual meetings. Many companies quickly offered webinars on all sorts of topics, which offered the advantage of being able to be attended live, but also available and retrievable online afterwards.  

continue reading

European Companies signed the Climate Neutral Data Center Pact and promise to gain this goal within 9 years!

How this can be achieved, what needs to be done, what is already done, and how this corresponds with digitization the cloud report asked Dr. Béla Waldhauser. And he answers openly and gives insights of the German business landscape, politics, prices, plans and good ideas.

Watch the interview here

Today we start a new video series about cybersecurity.
Expert Dr. Jurlind Budurushi from Cloudical will be explaining concepts and ideas, approaches, tools and what better not to do.

To not miss any of these videos follow our YouTube-channel here

Short interview with cloud security expert Archis Gore from Polyverse

Securing the infrastructure, platforms, processes and data is one of the most important topics in cloud computing. the cloud report interviewed cloud security experts about the challenging year 2020, how this year of digitization affected cloud security, and their expectations and solutions for 2021.

read the interview here

In my last comment I explained why diversity is important and a true value and strength for all communities, but also for society. And now I´m talking about equality? Equality in spite of diversity? Of course!

We only gain the full power of diversity if we consider our equality. Our equality as human beings. We are all different in our personality, outward appearance, faith, talent, sex, but we are all equal in our value!

continue reading

Ten years after the zero trust security model was first articulated, organizations are doubling down – but successful defense also means reassessing your approach to operating the cloud.

A decade ago, Forrester Research analyst John Kindervag called time on perimeter security and warned us against trusting the traffic on our corporate networks…

continue reading

Today I would like to write about how joining Cloudical wasn’t really like re-joining the corporate world, but it was an awesome form of “coming home”.

Continue reading

Securing the infrastructure, platforms, processes and data is one of the most important topics in cloud computing. the cloud report interviewed cloud security experts about the challenging year 2020, how this year of digitization affected cloud security, and their expectations and solutions for 2021.

read the interview here

Poseidon & Cloud Native

What’s the story with Trident?

Container technology received a lot of attention recently and has become essential for cloud native deployments. However, all that glitters is not gold and the technology has a few drawbacks. The Cloud Native Computing Foundation identified within their most recent surveys the limitations within the areas of storage and security. The following article describes how to deal with persistent storage requirements in hybrid cloud environments. Furthermore, it describes possible solutions by taking advantage of dynamic storage orchestrators such as Trident and its related architecture. 

continue reading

The last year has influenced many things, and we have no­ticed it most in our professional lives in the way we work together. We are now used to communicate and work via a screen and shared resources. But for a large part of the IT world, this was not new – the open source communities…

continue reading

An interview with Amith Nair

Around the time of KubeCon & CloudNativeCon Virtual 2020 the cloud report had the opportunity to talk with Amith Nair, Vice President Product Marketing at HashiCorp, about automation, what a company can do for cloud-native development and get to the heart of open source.

Read the interview here

Here you get all information about the latest VanillaStack release, what is new, what changed, what happend in the project, how they use the newest Stratos version, …

In this interview Andreas Weiss from the Gaia-X project management eco explains what Gaia-X really is about! No hyperscaler or European cloud, but an initiative to gain real data sovereignty in a secure, federative, open source data infrastructure. And of course, Gaia-X is way more, it is “a once in a lifetime achievement” and a great opportunity for Europe to take the different way and live our diversity.

Berlin based company Cloudical is offering a webinar series to introduce and discuss the LPIC 303 security certificate. It is important to secure the all underlying Linux to build a secure cloud environment. And the both experts are explaining step by step the parts of the certificate. Learn here what you can expect.

On Wednesday, the 27th of January the kick-off webinar for a Cloud Expo Gaia X series during the year 2021 started.[1]  These events discuss the idea of Gaia X, the status of the project, introduce the participants and invite more to join this pioneer initiative.


News from the VanillaStack project, two maintainers talk about community´s and customer´s feedback, about changes and bug fixes, about an evolving project, decission making and a from the CNCF Cetified Kuberntes project.

Find more details about the VanillaStack here

“I would never tell our  employees or customers something that is not true”

read the interview here

Out Now: The Cloud Report issue 4/2020

Content: Open Source, Open Infrastructure Foundation, Open Source Cloud Stack…

For a PDF version of issue 4/2020 go here

To order a physical copy please send an e-mail to:

One of GAIA-X’s main goals is to restore data sovereignty in Europe when using cloud technology. US hyperscalers, for example, are subject to the US Cloud Act, which enables US authorities to enforce the release of data stored in data centers in Europe. This is contrary to European law and the GDPR. At the beginning of 2019 it was still being considered to build a European hyperscaler, but it was finally decided to create solutions with standards that would give European users more sovereignty. 

continue reading

Nowadays cloud is everywhere, cloud is important to many enterprises – and for good reason! With cloud approaches, one gets the benefit of understanding resources as pool, which allows utilizing them according to the currently given needs.

But cloud is complex, especially, if you want to be in control: You need to set up your infrastructure, you need to automate it, you need to maintain it, you need to learn many things. 

continue reading

One of Polyverse´ offering is the Polymorphing. In this interview Archis tells us what the Polymorphing does (fancy things!) and Jurlind explaines why and how it is integrated in the VanillaStack. But first of all it is about cloud security, collaboration, open source and open minset!

The Coronavirus is wreaking havoc on everything in our lives. It’s hard to find something that hasn’t been impacted in a major way as we attempt to limit the spread of the virus. Cloud security professionals should pay close attention to how our online needs are rapidly changing — these new adjustments are more than just necessary to make things work in the interim. The workarounds to keep our lives as normal as possible could permanently define the way we work, study, and do business from here on out.

continue reading

At KubeCon we conducted an interview with Brian Gracely from RedHat, he talks very frankly about OpenShift, all different kinds of cloud (hybrid, multi, edge, …), about cloud-native approaches and how to act at the KubeCon.
watch the interview here
This episode of the – a weekly live show about cloud – technique, mindset, news, dos and don´ts, open source – is about cloud security. In the cloud everything is possible, but to secure access from everywhere, development from various people, shared storage, … is one of the big challenges. The cloud devs Chris, Dom and Karsten talk with David from GitLab about securing cloud computing and way more!
Find more episodes and interviews in our channel

Kubernetes is an open­source platform for automating deployment, scaling, and management of containerized applications. According to the data from GitHub, Kubernetes represents one of the largest open­source projects worldwide, and the development and deployment of tools around Kubernetes is rapidly and continuously growing. This rapid and continuous evolution makes Kubernetes an unsteady, fast­moving target, in particular regarding security.

continue reading

Last week Dan Kohn, the former executive director at Cloud Native Computing Foundation (CNCF), died quite to early as a result of colon cancer. 

We thank him for his long-term engagement for open source, for boundless collaboration and the Public Health Initiative of the Linux Foundation and his former dedication in several organizations and foundations. 

continue reading

By enabling a long-held dream of computing as utility, Cloud Computing has become one of the major technology trends in the last decade. Due to its’ flexible and agile nature, Cloud Computing is continuously and significantly transforming a large part of the IT industry.

continue reading

Clouds are replacing traditional corporate data centers. More and more companies are connecting the computing power of external providers instead of managing their own pool of physical servers.

Why do successful businesses move to clouds? Short answer: to cut costs and speed up growth. In more detail, let’s consider the main factors that push businesses to move to cloud services and the arguments in favor of the cloud.

continue reading

Over the past 18 months, containers have taken most organizations by storm. Containers and microservices are key enablers in organisations’ quests for digital transformation. But, they increasingly need to adopt a smart cloud security strategy based around a Container Security Triad.

continue reading

Interview with Regis Louis, Vice President Cloud Strategy EMEA

Read the interview here

The OpenStack Foundation’s virtual OpenDev event this summer created a space for engaging conversations on a variety of topics within the open infrastructure community. Packaged into three separate events, each three days in duration, participants discussed open infrastructure software, hardware automation and containers in production. In the first session, Blizzard Entertainment, Verizon, and OpenInfra Labs discussed combatting the challenges behind scaling, testing and integration during their presentations to the open source community.

continue reading

The cloud report had the opportunity to talk with Kim-Norman Sahm, CTO of Cloudical, about the way cloud computing is going, open source and avoiding vendor lock-in.

continue reading

Today the SUSECONdigital 2020 starts! Upfront the cloud report interviewed Melissa di Donato. Have a spectacular SUSECON.

SUSE prides itself as the largest independent open source company in the world. With the appointment of Melissa di Donato to CEO in August 2019, SUSE started a new chapter and put itself on the path to global growth. In this interview, Melissa explains how her style of leadership matches perfectly with the vision of open source, the role of women in tech leadership and how fierce collaboration inspires SUSE and its customers.

This article gives a short overview of the Gaia-X project as next generation cloud computing: with motivation for the project, what is Gaia-X?, project organization, role of civil society and prospects.


Because of the CLOUD Act, many users of cloud services from US cloud providers fear that personal data in Europe could be viewed, copied or modified by the US government in violation of the GDPR.

continue reading