STAKATER STAKATER Government Cloud
For CIOs and ministry IT leads building a shared cloud platform for multiple government agencies — without duplicating infrastructure or compromising classification boundaries.
Ministries and agencies share a common mandate: deliver digital services to citizens. But each agency arrives with a separate procurement, separate IT team, and the same infrastructure requirements.
Central IT is accountable for 10–50 agencies. Each has unique workloads, classification levels, and IT teams with varying maturity.
UNCLASSIFIED, RESTRICTED, SECRET workloads cannot share runtime boundaries. Isolation must be architectural, not policy-based.
Each agency request triggers a new procurement cycle. 6–18 months before a workload runs, regardless of technical complexity.
Most governments have already invested in HCI and OpenShift. The infrastructure exists — but there's no operating model to share it across agencies safely.
What you've bought
On-premises hyper-converged infrastructure in one or more government data centres. Procured centrally, sized for peak demand.
Cluster(s) running on the HCI. Managed by central IT. Applications deployed by namespace — but no inter-agency tenancy.
Government-wide identity. Each agency has its own OU. No bridge to Kubernetes RBAC for self-service provisioning.
Agencies submit requests via ServiceNow or similar. Central IT team manually provisions. Queue: days to weeks per request.
Without the right multi-tenancy layer, central IT cannot safely give agencies self-service access — so every request goes through the ticket queue.
No hard boundaries between agency workspaces. Namespace-level separation is not sufficient for cross-classification access.
No portal for agency IT teams to provision their own namespaces, resources, or services without raising a ticket.
No per-agency access log or activity audit. Compliance and security reviews require manual evidence collection.
No per-agency usage reporting that feeds government finance systems for cost allocation or internal chargeback.
Without self-service, every agency workload goes through central IT. The result is duplicate infrastructure, slow digital services, and a platform team that can't keep up.
Each agency re-procures infrastructure independently. The same HCI and OpenShift appear in 10 different procurement packages — each taking 6–18 months.
Central platform underutilised while agencies wait for their own procurement to complete.
Every namespace, quota change, and service account goes through central IT. Platform teams are bottlenecks, not enablers.
No headroom for security hardening, upgrades, or new platform capabilities. Ops consumes all capacity.
The platform is there. The operating model is the bottleneck.
A government-grade multi-tenancy layer on top of your existing OpenShift. Each agency gets its own isolated workspace — without a new procurement cycle.
KCP-based virtual control planes per agency. Hard boundaries enforced at the Kubernetes API level — not namespace RBAC. Classification tiers mapped to separate virtual planes.
Agency IT teams provision their own workloads, namespaces, and services through a portal. No central IT ticket required. Quotas enforced by policy.
SSO via existing government AD. Agency OU maps to tenant workspace. Users see only their agency's resources — automatically, without manual RBAC configuration.
Every API call, resource change, and access event logged per agency. Exported to your SIEM automatically. Compliance evidence generated, not collected.
Runs fully disconnected. No external registry, no cloud metadata endpoints, no external secret stores. Images mirrored internally. Classification-appropriate for RESTRICTED and above.
Per-agency compute, storage, and network metered. Cost reports exported to government finance systems. Internal chargeback without a separate FinOps tool.
Security-led. Air-gap ready. Agencies self-provisioning within 90 days.
Security review complete, classification tiers mapped
We
· Security architecture review
· SSO/LDAP integration design
· Classification model mapping
You
· Security team access
· Data classification policy
· IT governance sign-off
Cloud Orchestrator deployed, air-gap configured
We
· Deploy in air-gapped mode
· Active Directory integration
· RBAC per classification tier
You
· Isolated network segment
· AD service account
· Procurement approval
3 agencies self-provisioning, audit trail active
We
· Agency workspaces created
· Audit log shipped to SIEM
· Self-service portal configured
You
· Nominate 3 pilot agencies
· Agency IT leads engaged
· Validate access controls
All agencies onboarded, chargeback to finance active
We
· Full agency migration
· Chargeback reports configured
· Run-book and training delivered
You
· Finance system integration
· Executive communications
· Support escalation path
New agencies onboarded in days, not months
We
· Self-service agency onboarding
· New classification tiers
· Quarterly governance reviews
You
· Growth pipeline of agencies
· Policy updates
· Feedback from agency leads
Government cloud deployments succeed on governance and security design — not just technology. These are the factors that determine outcome.
Government security sign-off takes weeks. Start the accreditation process in week one — not after the platform is built. Late reviews kill timelines.
The number of classification tiers and which agencies sit in which tier determines the tenancy architecture. Agree it in Assess — changes after Foundation are expensive.
Pick one advanced agency, one average, one with minimal IT capacity. The portal and self-service workflows must work for all three to be viable at scale.
Chargeback requires connecting metering data to government finance systems. Finance teams have long approval cycles — engage them at Month 3, not Month 6.
You already have the platform.
Cloud Orchestrator adds the agency isolation, self-service, and audit trail — without a new procurement per agency.
stakater.com