Introduction

The Challenge

The customer had been relying on Docker Swarm for over six years. The original DevOps engineer had left, leaving behind an aging setup without innovation or in-house expertise.

As the development team grew from 10 to 20 engineers — many of whom were unfamiliar with legacy tooling like SSH and more comfortable with Kubernetes and YAML — the need for modernization became urgent. Additionally, Swarm’s community and development momentum had significantly slowed, making it a technical dead end.

The environment lacked security depth and had become increasingly difficult to maintain.

The Solution

Floads.io proposed a secure, developer-friendly Kubernetes migration.

• A private K3s-based Kubernetes cluster was deployed on internal VMs within a private network for security reasons.
• Ingress and egress traffic is tightly controlled through two OpenBSD-based firewalls.
• Each website uses its own dedicated MySQL database — a necessity given the complexity of the environment, which previously ran with multiple different MySQL versions — connected via NFS on FreeBSD with ZFS for performance and reliability.
• The use of FreeBSD for the NFS layer provided stability and conservative upgrade paths — a strategic choice driven by the goal of simplifying operations and ensuring long-term maintainability.
• SSL termination is handled by Traefik.
• Developers connect to the environment via WireGuard VPN.
• The customer began using ArgoCD and created blueprints with Helm charts and manifests for GitOps-based deployment.

This architecture combines the long-term stability and security of BSD-based core components for storage and networking with the agility and developer-friendliness of Kubernetes-based workflows — bringing together the best of both worlds.

Implementation Process

The project followed a greenfield approach:

• Initial requirements were clarified.
• A new Kubernetes infrastructure was built alongside the existing Docker Swarm environment.
• A blueprint Helm chart was developed and deployed as a proof of concept via ArgoCD.
• Floads.io focused on enabling the customer, who then handled most of the migration independently.

Results Achieved

• Improved maintainability and operational simplicity
• A stable core infrastructure using FreeBSD and NFS, paired with a modern application stack on Kubernetes
• Significantly improved security posture
• Seamless developer self-service capabilities with no dependency on ops
• Full infrastructure-as-code using Ansible and GitOps principles
• High agility and stability with fast, low-risk upgrades

Lessons Learned

The blend of agility, stability, and security proved to be the perfect mix. Combining conservative infrastructure components with modern tooling resulted in a future-proof, easy-to-operate environment.