cloud

Cloud-Native Kubernetes Infrastructure for Sweden's .se TLD

Swedish Internet Foundation

KubernetesVMware vSphereVMware vSANCalicoHashiCorp VaultMetalLBGitOps

The Challenge

The Swedish Internet Foundation, the organization responsible for managing Sweden’s .se and .nu top-level domains, needed to modernize its infrastructure to support cloud-native workloads. The existing environment ran on traditional virtual machines, and the team wanted to adopt Kubernetes for improved deployment velocity, resource efficiency, and operational resilience — all while maintaining the strict availability requirements expected of critical internet infrastructure.

The infrastructure needed to run on-premise on VMware vSphere and vSAN, not in a public cloud, due to sovereignty and compliance requirements. This meant there was no managed Kubernetes service to lean on; every component had to be designed, deployed, and maintained in-house.

What We Delivered

We led the architecture design and hands-on deployment of production-grade Kubernetes clusters running on VMware vSphere with vSAN storage:

  • Cluster Architecture — Designed multi-node Kubernetes clusters with high availability control planes, optimized for the foundation’s workload profiles and failover requirements.

  • Network Layer — Implemented Calico for pod networking and network policy enforcement, with MetalLB providing load balancer services in the bare-metal/on-premise environment.

  • Secrets Management — Integrated HashiCorp Vault for centralized secrets management, ensuring that sensitive configuration data is encrypted at rest and dynamically injected into workloads.

  • GitOps Workflow — Established a GitOps-based deployment pipeline so that all cluster configuration and application deployments are version-controlled, auditable, and reproducible.

  • Documentation and Knowledge Transfer — Delivered comprehensive runbooks and conducted hands-on training sessions so the internal team could confidently operate and evolve the platform.

Client Testimonial

“Miguel blew us all away with his deep understanding of Kubernetes, platform engineering, SRE, and container orchestration. His proposals presented clearly the pros, cons, and trade-offs of the technologies. I don’t think we could have asked for a better teammate and tech advisor.”

The Outcome

The foundation successfully transitioned to a cloud-native operating model while keeping all infrastructure on-premise and under full organizational control. The Kubernetes platform now supports faster release cycles, improved resource utilization, and a consistent deployment experience across development and production environments.

Have a similar challenge? Let's talk.

Get in touch