MET : Our vision (1/6)

| Digital

How a web agency decided to take back control of its cloud infrastructure by building a modern, reproducible, and documented Kubernetes platform.

For years, we used traditional hosting solutions: shared servers, manually configured VPS, PaaS platforms like Jelastic or Platform.sh. Each solution had its advantages, but also its frustrations.

The reality check that changed everything

Here are the problems we regularly encountered:

  • Rising costs: PaaS platforms charge by usage, and the bill quickly adds up with multiple clients
  • Lack of control: Impossible to customize certain critical aspects (cache, server configuration, security)
  • Vendor lock-in: Migrating from one platform to another = a project in itself
  • Manual configuration: Each new server = hours of configuration, with risk of oversight
  • No reproducibility: “It worked on my server” is not a viable strategy

We needed infrastructure that was both powerful, economical, and fully automated.

Our vision: Infrastructure as Code

We decided to build our own cloud platform, based on modern principles:

“Everything that can be automated should be. Everything that is configured must be versioned.”

Concretely, this means:

  1. Declarative infrastructure: Servers are defined in code (Terraform), not created manually
  2. Automated configuration: Ansible configures everything, from OS to applications
  3. Modern orchestration: Kubernetes manages the application lifecycle
  4. Continuous deployment: A Git push automatically triggers deployment
  5. Integrated backup: Automatic backups to the cloud, without intervention

The architecture we built

Our infrastructure relies on two high-performance servers hosted at Hetzner Cloud (German datacenter, GDPR-compliant):

Server Role
Primary Server Control Plane + Worker
Secondary Server Worker

These two servers form a Kubernetes cluster capable of hosting dozens of applications with high availability.

Simplified architecture of our cloud infrastructure

The tech stack at a glance

Here are the technologies we use, which we’ll detail in upcoming articles:

🏗️ Provisioning

  • Terraform: Server and network creation
  • Hetzner Cloud: High-performance German hosting

⚙️ Configuration

  • Ansible: Configuration automation
  • K3s: Lightweight Kubernetes distribution

🚀 Orchestration

  • Kubernetes: Container orchestration
  • Rancher: Intuitive management interface
  • Helm: Application packaging

🔄 Deployment

  • GitLab: Code hosting and CI/CD
  • ArgoCD: Automated GitOps deployment

🔒 Security

  • Let’s Encrypt: Automatic SSL certificates
  • WireGuard VPN: Secure access to internal services
  • Sealed Secrets: Encrypted secrets in Git

💾 Storage & Backup

  • Longhorn: Distributed storage with replication
  • Velero: Backup to S3

What this infrastructure brings us

After several months of production use, here are the concrete benefits:

💰 Significant savings

For the same budget as a PaaS hosting 3-4 sites, we host over 20 applications with far superior resources.

⚡ Deployment in minutes

A new WordPress site? 5 minutes of configuration, automatic deployment, SSL included.

🔄 Total reproducibility

The entire infrastructure is versioned. In case of disaster, we can rebuild everything in less than an hour.

📊 Complete visibility

Integrated monitoring, centralized logs, automatic alerts. We know exactly what’s happening.

🛡️ Enhanced security

Client isolation by namespace, VPN for admin access, encrypted secrets, automatic backup.

What’s next in this series

In the upcoming articles, we’ll detail each component of this infrastructure:

  1. Terraform: How to provision your cloud infrastructure in a few lines of code
  2. Ansible: Configure 100 servers as easily as one
  3. Kubernetes & Rancher: Orchestration demystified
  4. Helm Charts: Deploy any application in 5 minutes
  5. GitOps & CI/CD: Git push = Automatic deployment

Each article will contain concrete code examples and best practices from our production experience.