Real-time machine data in industry requires a scalable and well-secured IIoT architecture. Dependence on cloud platforms like AWS or Azure is often viewed critically and not considered best practice. That’s because the requirements for compliance and data protection are high. This is why companies need to rely on container-based solutions. There is no other way to comply with EU regulations.
IIoT solutions with container technology are the specialty of ayedo, the experts for Managed Kubernetes and IIoT integrations for industrial companies. The company’s core business is the operation of complex applications in containers. In this way, the company ensures that business-critical systems function reliably at all times.
The challenge: Why companies need an IIoT platform for Kubernetes
Modern, digitally controlled industrial production processes a large amount of real-time data. The software then forwards them securely to downstream MES and ERP systems. Integrating this data is challenging, as the existing infrastructure is often not designed for modern, containerized applications. Efficiently managing machine data on-prem and in the cloud is time-consuming. Previous solutions are either too complex or lead to compliance problems.
- The connection between operational technology (OT) and IT is particularly challenging. OT systems are often highly specialized and designed to be stable, while IT systems are constantly evolving.
- Compliance with EU standards such as the GDPR and BSI requirements is not always guaranteed when using proprietary cloud solutions. For this reason, an on-premise solution is often the better choice to maintain control over data storage and security policies.
- Another risk lies in the lack of integration of real-time machine data, which can lead to production downtime. The IIoT platform must therefore be robust, fault-tolerant, and seamlessly integrated into existing production systems.
Companies need a flexible yet secure solution that does not compromise existing production processes or system stability.
Challenges at a glance:
– Secure on-prem Kubernetes clusters for OT integration
– Real-time transmission of machine data using MQTT
– Strict compliance and data protection requirements (BSI, GDPR)
– Scalable IIoT architecture without reliance on AWS or Azure
The solution: ayedo Managed Kubernetes for Industry 4.0
A highly effective solution for managing a large fleet of industrial machines is an IIoT platform built on Kubernetes. Kubernetes offers a standardized, scalable, and efficient way to manage distributed systems. There are four key reasons for this choice:
- Kubernetes simplifies software development and integration with external service providers.
- Its distributed infrastructure enables efficient implementation of complex requirements such as networking, firewalling, and access control.
- Kubernetes is a scalable platform that can be deployed across multiple production sites.
- Standardized software development processes reduce operating costs and increase the efficiency of development teams.
Technical Architecture: Kubernetes, MQTT & Edge Computing
ayedo offers its customers a managed Kubernetes platform specifically designed for on-prem and hybrid cloud Industrial IoT solutions. It enables a company to collect real-time data from production and forward it to MES/ERP systems. The main task is to provide machine data quickly, with high availability and high performance, so that other IT systems can access it immediately.
Kubernetes as the basis
The architecture consists of a central management cluster and multiple downstream clusters located in the production facilities. These are orchestrated via the “ayedo Managed Control Plane”. The management cluster is the central control unit. This is where the customer’s development platform runs. The downstream clusters fulfill two key functions:
- Running business-critical applications in production (microservices for manufacturing).
- Developing and testing new software components.
Edge Computing
For real-time data processing and minimal latency, data must be processed directly on-site at the production facilities—this is known as edge computing. To achieve this, the system leverages several hundred specialized Kubernetes workers. These are individual virtual servers that run Kubernetes.
These workers are positioned close to the monitored machines. This means they transmit data with minimal delay. Additionally, they provide controlled machine interaction: they can securely relay MES commands directly into the production process.
Communication via MQTT
To transmit machine data to the IIoT platform, the MQTT protocol is used. MQTT (Message Queuing Telemetry Transport) is an open network protocol designed for machine-to-machine communication.
It is specifically built for deployment in distributed industrial environments. MQTT is known for its low bandwidth consumption, high efficiency, and reliable message delivery—even in unreliable or constrained networks.
Security for Kubernetes
Role-based access control (RBAC) ensures that only authorized users can access data. The policy management tool Kyverno enables the definition and enforcement of compliance rules within Kubernetes clusters.
In addition, a local Public Key Infrastructure (PKI) ensures end-to-end encryption of all communication. MQTT supports secure authentication and authorization of data streams. Comprehensive logging ensures full traceability of all events.
Compliance & Security: GDPR-Compliant Cloud Strategy
ayedo’s IIoT platform supports a cloud strategy aligned with high security and compliance standards, meeting requirements such as NIS2, BSI baseline protection, and the GDPR. Choosing an on-premise architecture ensures that all data remains within the organization. This guarantees full compliance with regulatory requirements.
This architecture for Kubernetes On-Prem uses the Zero Trust principle. Every access to data is checked and approved within the framework of defined security guidelines. This enhances the overall security architecture and reduces the system’s attack surface.
Kubernetes can also be provided as a managed service. A managed Kubernetes solution like this simplifies infrastructure administration and maintenance, as the provider operates and maintains the clusters and handles updates. In this way, companies benefit from the advantages of Kubernetes orchestration without having to bear the operational costs. This is particularly interesting for hybrid cloud models.
Outcomes and benefits for industrial enterprises
Implementing an IIoT platform based on Kubernetes offers numerous advantages for industrial companies. Real-time machine data is securely managed and efficiently integrated, improving communication between operational technology (OT) and IT—helping to ensure stable production processes.
A managed Kubernetes solution reduces maintenance efforts, enabling companies to focus on their core business. This infrastructure is scalable and supports both on-premise and hybrid cloud deployments. Applications can be deployed more quickly, and business-critical systems remain available at all times. Data transmission via MQTT is secured using a Public Key Infrastructure (PKI) to ensure maximum system security.
The combination of Kubernetes, edge computing, and MQTT creates a future-proof IIoT architecture. Companies gain a scalable and secure solution that boosts productivity while meeting the highest security and compliance standards, including GDPR and BSI baseline protection. You can experience this ayedo solution in action! Find out how our customers implement their IoT projects with maximum security & flexibility.
👉 Request a consultation now and find out how ayedo can optimize your IIoT infrastructure!
Key outcomes at a glance:
– Successful on-prem Kubernetes integration for Industrial IoT
– Real-time data transmission & processing with MQTT and Kubernetes
– Increased production stability through automated microservices
100% compliant with GDPR, NIS2, and BSI – without relying on U.S.-based cloud providers
