If you run Kubernetes in production, you already know the gap between “getting started” content and the problems you actually face at scale. Most newsletters land somewhere in between: curated link dumps with no opinion, or vendor pitches disguised as thought leadership.
The Control Plane is something different. Once a month, we publish a well-researched deep dive into a topic that matters to Platform Engineers and SREs, along with curated industry signals, Kubermatic product updates, and the occasional war story from the field.
What’s in Issue #1
Read our first issue, where we tackled data sovereignty in Kubernetes, a topic that went from “nice to have” to “board-level priority” faster than most teams were prepared for.
Your Sovereign Cloud Has a Virginia Problem
The sovereign cloud market crossed $80 billion in 2026. Organizations are spending aggressively to comply with the EU Data Act, DORA, and a growing list of data residency laws. But spending is not the same as compliance.
The most common failure mode: data sits in the correct jurisdiction while the control plane, identity provider, and key management live somewhere else entirely. When AWS US-East-1 failed in October 2025, European services with data in Frankfurt went offline because their IAM depended on a region in Virginia.
In the deep dive, we walk through the decoupled control plane pattern (Seed/User cluster architecture), a Kyverno policy that geofences workloads to specific regions, and the Hold Your Own Key (HYOK) approach to encryption key management.
Also in this issue
War Story — A European financial services company learned that sovereignty has three layers (data, compute, and identity) when an outage in Virginia took down their “sovereign” Frankfurt clusters.
Kubermatic Releases — KubeLB v1.3 ships with WAF support, Gateway API migration, and supply chain security. KKP v2.29.4 adds Kubernetes v1.34.4 support and Gateway API as an alternative to NGINX Ingress.
Control Plane Radar — Curated reads on the EU Data Act, DORA’s concentration risk requirements, the $80B sovereign cloud market, and multi-cluster network policies with Cilium ClusterMesh.
Community & Events — KubeCon Amsterdam is next month. ContainerDays Hamburg CFP closes February 28.
Subscribe
The Control Plane ships once a month. No spam.
