Platform

The sovereign supply chain for classified Kubernetes.

Northfleet is a Canadian-incorporated Kubernetes supply chain vendor supplying the bundle protocol, attestation chain, and audit trail that cleared engineering teams apply to their Protected B and Secret clusters. The customer operates the cluster; Northfleet supplies the supply chain.

overview

From build to apply

What Northfleet ships, in 75 seconds.

Capabilities

Four pillars. One platform.

Each pillar is built to the same standard: Canadian-jurisdictional supply chain, accreditation-ready evidence, deployable to existing cleared environments without rip-and-replace.

  1. 01

    Sovereign supply chain

    Every artifact entering a classified cluster bundled, signed, verified, and applied under Canadian jurisdiction. Foreign-jurisdictional dependencies are removed from the trust path by design, not minimized by policy. The customer's cleared engineering teams operate the cluster on upstream Kubernetes; Northfleet supplies the supply chain.

  2. 02

    Hardened artifact attestation

    Every artifact entering the trust path is signed, attested, and accompanied by a verifiable bill of materials. Inspectable end to end. Auditable by your security team without privileged access to ours.

  3. 03

    Air-gap operations

    A productized one-way transfer protocol with attestation chain and tamper-evident audit trail. Designed for classified facilities where the high-side environment has never seen the internet, and never will.

  4. 04

    Accreditable compliance and audit

    ITSG-33 controls mapped to Northfleet's capabilities. Evidence collection by default, ready for accreditation review. Northfleet produces the proof; the cleared engineering teams that operate the cluster sign off.

Sovereignty model

Canadian vendor. Canadian supply chain. No foreign authority over the trust path.

Northfleet is incorporated in Canada. The bundle protocol, signing path, attestation chain, and audit log are built and operated under Canadian jurisdiction. There is no foreign parent, and no foreign legal authority over the trust path it ships. Procurement contracts with a Canadian counterparty subject to Canadian law.

Northfleet deploys alongside what your engineering team has already built. There is no rip-and-replace. Existing tooling and existing operators continue to work. Adoption is gradual, most often beginning with a single accredited workload and broadening as confidence and clearances permit.

The substrate is upstream Kubernetes. Anything Northfleet ships is designed so a cleared engineer can verify it without reaching for Northfleet-supplied tooling.

Deployment surfaces

Where it runs.

  • On premises

    Departmental data centres and prime-operated classified facilities. The default for Secret workloads.

  • Sovereign cloud

    Canadian-owned, Canadian-operated cloud regions, region-locked, with no cross-border data flows and no foreign-jurisdiction parent.

  • Hybrid estates

    Build and staging on Canadian commercial cloud; production on premises. The air-gap layer carries deployments across the classification boundary.

Accreditation posture

Designed against ITSG-33 from the first commit.

Canadian classified procurement runs on ITSG-33. Northfleet is structured around the controls procurement actually requires: access, audit, configuration management, identification and authentication, and system communications. Auditor-ready evidence is the default, not an add-on.

CCCS guidance and CSE technical bulletins shape the default policy posture. Departments with stricter overlays bring their own and Northfleet enforces both.

Boundaries

What Northfleet is not.

The shape of Northfleet is defined as much by what it refuses to be as by what it ships.

  • Not a Kubernetes distribution.

    Northfleet runs on upstream Kubernetes. Defence procurement is allergic to vendor-specific control planes that drift from CNCF conformance, and rightly so.

  • Not a managed-services vendor.

    Northfleet operates the trust path, not the cluster. The customer's cleared engineering teams operate the cluster, as they already do. There is no Northfleet operator with kubeconfig access to a customer environment.

  • Not a Red Hat reseller.

    OpenShift is a fine product under foreign jurisdiction. That is the gap Northfleet exists to close, not narrow.

  • Not a generic cloud.

    Northfleet exists for one reality: Canadian jurisdiction, cleared engineering teams, classified workloads. Everything outside that is out of scope.

  • Not consumer SaaS.

    There is no self-serve sign-up. Procurement begins with a conversation with the people who will be on the line for the deployment.

Next

For procurement conversation,
talk to us.

The architecture brief covers protocol, threat model, attestation chain, and accreditation mapping. It is shared after a first conversation with engineering and procurement leads who will be on the line for the deployment.