[ Kubernetes ]
Running Kubernetes in production, on any cloud, without vendor lock-in
Multi-cloud K8s
Running Kubernetes on EKS, AKS, GKE, Kapsule and Rancher
Our cross-platform expertise in managed cloud services from major cloud providers (EKS, AKS, GKE, Kapsule) and Rancher for on-premises and hybrid environments enables us to guarantee the portability of your workloads, regardless of the underlying provider. A portable platform is a free platform.
Radical statelessness
Refactoring your applications to scale horizontally without limits
Refactoring an application to make it truly stateless involves more than simply placing it in a container. We adjust storage, sessions and caches to handle peaks in e-commerce or event-related traffic. A container is just packaging: true scalability starts with the code.
Workload optimisation
Scaling the right pods at the right times, at the right cost
Segmented node pools (ingress, application, batch), pod-based autoscaling, spot or preemptible instances for fault-tolerant workloads. Workload optimisation can halve platform costs. You deserve maximum performance at a fair price.
The cornerstones of our Kubernetes expertise
- Managed and on-premises distributions
EKS (AWS), AKS (Azure), GKE Autopilot and Standard (GCP), Kapsule (Scaleway), Rancher/RKE2 for on-premises and hybrid environments. We work with all major distributions using a consistent approach, regardless of the provider.
- Stateless architecture and cloud-native storage
We don’t put VMs in containers. We refactor the storage and session layers to ensure your applications are truly stateless. This is what enables extensive autoscaling during spikes in traffic.
- GitOps with ArgoCD
ArgoCD, combined with Helm, Kustomize and External Secrets, forms our standard GitOps stack. Deployment is carried out via a Git review, making the control plane transparent again and ensuring that every change is traceable.
- Node pool strategy and FinOps optimisation
We divide the clusters into several pools based on their type: a fixed ingress pool (guaranteed high availability), an application pool with autoscaling, and a worker and batch pool using spot or preemptible instances. The costs depend on the load, not the other way round.
- The CNCF ecosystem and observability
Prometheus, Loki, Thanos, Grafana, OpenTelemetry, Grafana Alloy, Cert-Manager, External Secrets, Teleport for secure access to clusters. We select the right components without overloading the plug-in clusters.
Find out more about our observability expertise - Kubernetes Security
Pod security standards, granular network policies, RBAC, image scanning with every build using Trivy, and Falco for runtime detection. Policy-as-code tools (Kyverno, OPA) are deployed where warranted. Cluster security is the result of several disciplines working together, not a single product.
Find out more about our cybersecurity expertise - Specific workloads and GPUs
Blackwell GPUs on Kapsule, KAITO for the automated deployment of LLMs on AKS, and GPU and TPU scheduling on distributions that support it. We focus on the production side, not the design side.
The difference our Kubernetes expertise makes
- CSTBMulti-cluster Rancher Kubernetes platform for a public sector technical organisation: hybrid infrastructure management, unified observability and autonomy for integration teams in deployments
- PlectoMigration from AWS to Scaleway, followed by a production phase on Kapsule, with observability via Thanos, Loki and Grafana, and measured SLOs
- Hydro Building SystemsMulti-site, multi-market Kubernetes AKS (Technal, Wicona, Sapa, Domal) with Azure FinOps and coordinated version upgrades across all brands
- BiogaranMulti-site Kubernetes platform for France’s leading generic pharmaceutical company: bi-weekly deployments using GitOps, Nginx Ingress, and coordinated version upgrades across all markets
- OnisepThe Avenir(s) platform on Kapsule, designed for 6 million potential users, with integrators having full autonomy over deployments
- Yelloh! VillageStrapi site factory deployed on Kubernetes, with ArgoCD GitOps and an automated site generator for affiliated villages
[ Certifications ]
Our CKA, CKAD and CKS certified Tech Leads
Our commitment to Kubernetes certification and our open-source contributions inform our day-to-day technical monitoring. All members of our DevOps team are certified.
[‘’]
Kubernetes is no longer just about the orchestrator; it’s all about the API. With the Gateway API gradually replacing Ingress, Crossplane establishing itself as a multi-cloud control plane, and the introduction of specific workloads on the same clusters, we are witnessing the emergence of truly standardised exposure.
The role of Operations is to oversee this API boundary: ensuring that what is promised to developers is delivered in production. A stateless application that scales from 5 to 50 pods in a matter of minutes is the result of a well-thought-out design.
Adrien Bresson, Head of Cloud Infrastructure
