SysEleven

What Is SysEleven?

Running Kubernetes in production is hard. Running it on infrastructure that satisfies German government security standards is harder still. AWS EKS and Google GKE make Kubernetes easy, but their data sovereignty guarantees stop at a marketing page. German public agencies, KRITIS operators (critical infrastructure), and regulated enterprises need provable compliance — BSI IT-Grundschutz, C5 attestation, and ISO 27001 certification on infrastructure that never leaves German jurisdiction.

SysEleven has built its business around exactly that gap. Founded in Berlin in 2007, the company started as a managed hosting provider before pivoting to OpenStack-based infrastructure and managed Kubernetes. In May 2022, secunet Security Networks AG — Germany's leading cybersecurity company and IT security partner to the federal government — acquired 100% of SysEleven's shares. The acquisition cemented SysEleven's position in the sovereign cloud market and provided access to secunet's government-grade compliance expertise.

Today SysEleven operates over 120 employees, serves more than 250 customers in the DACH market, and runs its MetaKube managed Kubernetes platform across four German data centre locations: Berlin, Frankfurt, Hamburg, and Duesseldorf. The entire stack is built on open-source components — OpenStack for IaaS, Kubernetes for container orchestration — with no proprietary lock-in layers.

Key Features

MetaKube: Three Tiers of Managed Kubernetes

SysEleven structures MetaKube as three distinct service tiers, each adding operational responsibility.

MetaKube Core provides the foundation: CNCF-certified Kubernetes clusters hosted on ISO 27001-certified infrastructure. Customers manage their own workloads, deployments, and application operations. SysEleven handles the control plane, node provisioning, Kubernetes upgrades, and infrastructure maintenance. Pricing starts at EUR 0.10 per cluster hour — approximately EUR 80 per month for a single cluster before worker node costs.

MetaKube Accelerator adds pre-configured software components on top of Core. Aimed at SaaS companies and software agencies, it reduces the operational overhead of maintaining common infrastructure components across multiple projects. Rather than each project team configuring ingress controllers, monitoring stacks, and CI/CD pipelines independently, Accelerator provides standardised building blocks.

MetaKube Operator is the fully managed tier. SysEleven's operations team takes 24/7 responsibility for the Kubernetes platform, including monitoring, incident response, and platform updates. Customers focus exclusively on their application code. This tier includes enterprise SLAs and is designed for organisations that lack internal Kubernetes expertise or prefer to outsource platform operations entirely.

OpenStack Cloud (SysEleven Stack)

Underneath MetaKube sits the SysEleven Stack — an OpenStack-based IaaS platform with a vanilla OpenStack API. This means any tool that speaks OpenStack (Terraform, Ansible, OpenStack CLI) works without adaptation. The platform provides virtual machines, block storage, object storage (S3-compatible), load balancers, DNS, VPN, and DDoS protection.

The 99.995% availability SLA is notable — higher than what most European cloud providers guarantee. Geo-redundant S3 object storage replicates data across locations for durability. The vanilla API commitment matters for portability: workloads deployed on SysEleven can move to any other OpenStack provider without rewriting infrastructure code.

Sovereign Cloud Stack (SCS) Certification

SysEleven is one of the first providers certified for the Sovereign Cloud Stack, an open-source cloud infrastructure standard developed with support from the German Federal Ministry for Economic Affairs. SCS certification signals interoperability with other SCS-certified providers and alignment with European digital sovereignty goals. For public sector procurement, this certification increasingly appears in tender requirements.

Security and Compliance Triad

SysEleven holds BSI IT-Grundschutz certification, C5 attestation, and ISO 27001 — a combination that only one other sovereign cloud provider in Germany can claim. This triad satisfies the compliance requirements of German federal agencies, KRITIS operators, and organisations subject to the NIS2 directive. Additional ISO 27017 (cloud security) and ISO 27018 (cloud privacy) certifications extend the compliance coverage.

Pricing

SysEleven's pricing model is partially transparent. MetaKube Core clusters start at EUR 0.10 per cluster hour (approximately EUR 80 per month), plus worker node costs based on the VM flavour selected. OpenStack compute resources are billed by the hour.

Beyond Core, pricing becomes less transparent. MetaKube Accelerator and Operator tiers require custom quotes, as does any enterprise arrangement. This is standard practice for managed cloud services at this level, but it means there is no self-service pricing calculator. Prospective customers must engage with the sales team for accurate cost estimates.

Compared to AWS EKS (which charges $0.10 per cluster hour plus EC2 instance costs), SysEleven's base cluster pricing is similar. The total cost of ownership depends heavily on workload size and the service tier selected. The premium over hyperscaler pricing buys genuine sovereign compliance — not just a data residency checkbox, but BSI IT-Grundschutz, C5, and ISO 27001 attestations that pass government procurement review.

EU Compliance & Privacy

Compliance is SysEleven's primary competitive advantage, not a secondary feature. The BSI IT-Grundschutz certification is the de facto standard for German government IT security. C5 attestation from the BSI provides cloud-specific security assurance. ISO 27001, 27017, and 27018 cover information security management, cloud security controls, and cloud privacy respectively.

All infrastructure operates exclusively in German data centres. The secunet ownership adds another compliance dimension — secunet is the IT security partner to the German federal government, meaning SysEleven benefits from government-grade security practices and expertise. The Bundesdruckerei partnership extends this further, with joint sovereign cloud offerings for the public sector.

For organisations navigating NIS2 compliance, the combination of certifications and German-only infrastructure provides a defensible position. Air traffic control provider DFS Aviation Services runs its systems on SysEleven infrastructure — a strong reference point for critical infrastructure suitability.

Who It's Best For

German public sector agencies and KRITIS operators that require BSI IT-Grundschutz and C5 compliance. SysEleven is one of only two German providers with the complete certification triad.

Enterprise DevOps teams in regulated industries (finance, insurance, healthcare) that need managed Kubernetes without US hyperscaler data sovereignty concerns. MetaKube Operator eliminates the need for internal platform engineering.

SaaS companies building on sovereign infrastructure who want Kubernetes without managing the platform. MetaKube Accelerator provides standardised components across projects.

Organisations with OpenStack expertise that want a European provider with a vanilla API commitment and no proprietary lock-in. Workloads remain portable across any OpenStack-compatible provider.

The Verdict

SysEleven occupies a highly specific niche with precision. For German organisations that need government-grade compliance on managed Kubernetes and OpenStack infrastructure, the competition is extremely thin. The secunet acquisition, the certification triad, and the DFS Aviation reference customer speak louder than any marketing claim. The trade-offs are the usual ones for niche European providers: smaller ecosystem, no self-service onboarding, limited pricing transparency, and German-only data centres. If BSI IT-Grundschutz compliance is on the requirements list, SysEleven should be on the shortlist.

Frequently Asked Questions

Is SysEleven GDPR compliant?

Yes. SysEleven operates exclusively from German data centres and holds ISO 27001, ISO 27017, ISO 27018, C5, and BSI IT-Grundschutz certifications. As a subsidiary of secunet Security Networks AG, it meets the highest German government security standards.

Who owns SysEleven?

secunet Security Networks AG acquired 100% of SysEleven GmbH in May 2022. secunet is Germany's leading cybersecurity company and IT security partner to the German federal government.

How does SysEleven compare to AWS EKS?

SysEleven MetaKube provides CNCF-certified Kubernetes with BSI IT-Grundschutz and C5 compliance on sovereign German infrastructure. AWS EKS offers a much larger service ecosystem and global regions. SysEleven targets organisations where German data sovereignty and government-grade compliance are requirements, not preferences.

What is MetaKube?

MetaKube is SysEleven's managed Kubernetes platform in three tiers: Core (self-managed workloads from EUR 80/month per cluster), Accelerator (pre-configured for SaaS), and Operator (fully managed 24/7). All tiers run on CNCF-certified, ISO 27001-compliant German infrastructure.

Does SysEleven offer a free trial?

Yes. SysEleven offers a 30-day MetaKube trial. There is no self-service sign-up — prospective customers contact sales to arrange access and receive guided onboarding.