← Engineering

Kubernetes Architecture

Practical cluster design for teams that ship.

Right-sized clusters

Most Kubernetes conversations start in the wrong place. Teams debate managed vs. self-hosted before answering the question that actually matters: what are you running, and who's going to maintain it?

3
nodes
K3s
lightweight
M+
requests/mo

For many Nordic businesses with 50–1000 employees, a lightweight K3s cluster isn't a stepping stone to "real" Kubernetes — it is the production setup. Match your architecture to your team's capacity, not to a conference keynote.

GitOps as the default

Every cluster we work with starts with GitOps. Not because it's trendy, but because it answers the question that always comes up in incident reviews: "what changed?"

incident-response.sh
$ git log --oneline -5
a3f1c2d update ingress timeout to 60s
b7e4a91 bump contactme to v2.3.1 ← this one
c9d2f8e add resource limits to frontend
$ git revert b7e4a91
$ git push
# Flux detects change, rolls back in ~90s

With Flux watching your Git repo, rollbacks are git revert. Onboarding is repo access, not tribal knowledge. The real win isn't speed — it's sleeping better.

Security that actually matters

Kubernetes security advice reads like a compliance checklist. Here's what we prioritize for real-world impact:

Namespace isolation
Sensible RBAC roles so a misconfigured staging deploy can't touch production data.
Network policies
Deny by default, allow explicitly. Lateral movement stopped before it starts.
Image scanning in CI
Catch vulnerabilities before they reach the cluster, not after.

The less glamorous work — rotating credentials, limiting container privileges, keeping the control plane updated — prevents more incidents than any WAF.

Ingress and TLS

Standard Ingress
Built-in Kubernetes Ingress + cert-manager. Automatic TLS. Straightforward and boring in the best way.
Most web workloads
Traefik IngressRoute
Header-based routing, rate limiting, middleware chains. More control without the overhead of a service mesh.
Growing routing needs

Observability from day one

A cluster without observability is a black box with an API. Set this up before your first workload, not after your first outage.

The stack we recommend
Prometheus
Metrics & alerts
Loki / EFK
Central logging
Grafana
Dashboards

The goal: answer "what happened last Tuesday at 14:00?" without SSH-ing into nodes.

Want to talk cluster architecture?

Whether you're planning a first cluster or rethinking an existing one, we're happy to share what we've learned.

Get in touch →