Back to Case Studies

On-prem Kubernetes Cluster setup on top of Bare Metal Servers

IndustryFinTech
StageSeries A Startup
Business Size50-200 Employees

A leading FinTech startup making short term loans accessible to business in unorganized sectors

The Challenge

Strict legal and compliance requirements prohibited hosting proprietary high-frequency trading algorithms on public cloud infrastructure.

The Result

Delivered a highly compliant, ultra-performant, private Kubernetes cluster running on bare metal, achieving <1ms internal latency.

The Challenge

A rapidly scaling Series A FinTech company was developing a proprietary high-frequency algorithmic trading engine. Due to data residency laws and extreme security requirements mandated by their partner banks, they were strictly prohibited from utilizing public clouds like AWS or GCP for core systems.

They faced a massive hurdle:

  • No Cloud Luxuries: They needed the agility, self-healing, and container orchestration of Kubernetes, but without the easy "one-click" managed services provided by cloud providers.
  • Extreme Performance Limits: Trading algorithms required absolute minimum network latency and direct access to specialized physical hardware (GPU/FPGA accelerators) that virtualization creates too much overhead for.
  • Complex Networking: Exposing services, managing load balancers, and persistent storage is notoriously difficult on bare-metal Kubernetes.

Our Approach

We designed a "cloud-like" experience running entirely within a secure, physical data center using open-source technologies.

1. Bare-Metal Cluster Provisioning

We utilized MAAS (Metal as a Service) to automate the provisioning of physical servers. We then deployed a highly available Kubernetes control plane using kubeadm across multiple physical racks to ensure hardware-level fault tolerance.

2. High-Performance Networking (Cilium & MetalLB)

To meet the rigorous latency requirements, we bypassed standard Kubernetes networking. We implemented Cilium (eBPF-based networking) to provide blazing-fast pod-to-pod communication. To expose services to the outside world—a feature usually handled by AWS ALBs—we deployed MetalLB, utilizing BGP to announce IP addresses directly to the physical data center routers.

3. Distributed Persistent Storage (Ceph)

We built a hyper-converged, highly available storage layer using Rook and Ceph. This aggregated the physical NVMe drives across the worker nodes into a single resilient storage pool, dynamically providing persistent volumes (PVs) to containerized databases instantly.

The Result

The client achieved the holy grail: cloud-native agility with physical data center security.

  • Extreme Performance: By running directly on bare-metal NVMe and utilizing eBPF networking, internal API latency dropped below 1 millisecond, crucial for their trading algorithms.
  • Regulatory Approval: The completely isolated, private cluster successfully passed the most stringent financial data compliance audits required by their partner banks.
  • Developer Experience: The engineering team interacts with the cluster using the exact same standard kubectl commands they would use in the cloud, completely abstracted away from the physical hardware management.
Back to Case Studies