June 26, 2025 3 min read

K8s On Bare Metal

by Maven Solutions

High Security and Performance K8s On Bare Metal to Improve Scientific Research

About the Client

The client is a significant European research organization bound by stringent regulations and can’t use the public cloud due to compliance and data privacy regulations.

Missing internal bare metal Kubernetes expertise the Client contracted a hardware provider and asked Maven Solutions to deliver the software infrastructure solution.

Initial Request

The Client needed flexible computing resources that meet the highest security standards while providing a solution capable of supporting extensive container infrastructures and a few projects with high-performance needs. Kubernetes on bare metal fit the bill.

The Challenge

The Client needed a Kubernetes strategy to run it on-premises in their data centers while improving infrastructure utilization and realizing cost savings.

Maven Solutions helped the Client accomplish the stated goals by leveraging various tools and strategies to analyze, optimize, and manage project costs effectively while maintaining performance and reliability.

01. Secure cloud options were way too costly for the available budget.

02. Full data ownership was further more important than any alternative.

03. Specialized bare metal expertise was not available in-house.

The Solution

Data Compliance

The client, a prominent European scientific organization, faced the challenge of data security compliance while working with an exploding workload for data analysis.

As their operations expanded, they encountered complexities in effectively analyzing and optimizing capacity across multiple clusters and needed an integrated hardware and software solution that maintained cost-effectiveness while upholding performance and reliability standards with rapidly scaling workloads.
Running K8s on bare metal can help reduce application tail latencies and significant compute core savings but can also be challenging for the DevSecOps team.

Maven Solutions consulted the DevOps and infrastructure teams to implement a multifaceted approach leveraging a combination of tools, strategies, and best practices in on-premise Kubernetes consulting.

Our Strategic Approach

Instead of setting up virtual machines, we established guides on how to configure actual hardware.
This included dealing with hardware compatibility issues, kernel modules, and drivers to optimize Kubernetes.

Node configuration

We proposed best practices for setting up the network, DNS & storage configurations.
For scaling, we outlined the manual preparation of nodes and their addition to the cluster.

Backup and migration

Without virtual machine snapshots, a different approach was needed for backup and migration. Also, we found new ways to back up server OSes and move them to hardware selected by the client.

Scaling planning

Scalability is vital for Kubernetes on bare metal. Predicting future growth, we designed the Client’s infrastructure with additional nodes, storage, and network equipment in mind.

High availability

We established the process of setting up load balancers, backup network switches, power sources, and other backup equipment.
We also configured the etcd database, control plane nodes, and worker nodes to ensure they can handle failures.

Security measures

We established security measures at both the physical and software levels. We established a plan and implemented strong security practices like strict authentication, secret management, and network traffic encryption from the start.

Monitoring сonfiguration

We created and implemented the Client’s monitoring system using tools like Prometheus, Grafana, and Loki.
We also set up log processing and alert notifications for important whole system, OS level, Kubernetes level events.
 
We provided a robust Kubernetes solution on bare metal, ensuring scalability, security, and high availability for the client’s growing workload.

Value Delivered

01. Complete security control.

  • Advanced security
  • Virtualization avoidance
  • Lower risk of attacks

     
02. Infrastructure flexibility.

  • Specific GPU/CPU instructions
  • Special network card functions
  • Server & OS configurations

03. Maximum performance.

  • Direct use of server resources
  • High performance & low latency
  • Best for ML and AI model training

04. Cost control.

  • 40% cost savings
  • Optimal performance & reliability
  • Always-on clusters

“The on-premise Kubernetes solution by Maven met our growing needs without compromising our stringent security requirements. We planned, and achieved cost discipline, and were able to launch the planned projects on time.
As an added benefit, we do not need to focus on putting out infrastructure fires, it just works within the boundaries we specified.”

– DevSecOps Engineer, EU Research Lab

Don’t want to miss anything?

Subscribe to keep your fingers on the tech pulse. Get weekly updates on the newest stories, case studies and tips right in your mailbox.