Case study · Kubernetes

Kubernetes on-premise for a public institution

Modernising a key application for managing highly sensitive personal data into a cloud-native architecture.

30 daysdesign and handover
6+6 nodesproduction and test (3+3)
VMwareown data centre
public cloud

Requirements

  • a deliberate refusal of the public cloud due to data sensitivity,
  • a modern Kubernetes platform with HA support,
  • strict separation of production and test, with an emphasis on isolation and access control,
  • a turnkey solution including operational support and 24×7 monitoring.

The solution

  • production cluster: 3× control plane + 3× worker in its own isolated VLAN,
  • the test cluster gradually expanded into a full 6-node setup (3+3),
  • each node on a different physical VMware hypervisor — eliminating SPOF,
  • the Kubernetes API accessible only via VPN and certificates with controlled expiry, access via RBAC.

Integration and DevOps

Consulting on the GitLab CI/CD pipeline, recommendations of Kubernetes best practices, design of HA concepts (PodDisruptionBudget, Affinity, autoscaling) and recommendations for logging, monitoring and observability.

Benefits

  • a highly available and secure environment for a modern application,
  • full control over the infrastructure with no dependence on a cloud provider,
  • separate production and test environments, and a robust platform meeting strict requirements.

Facing a similar challenge?

Get in touch — we will be happy to go through your situation and propose concrete next steps in a no-obligation consultation.

Free consultation