Architecture
Multi-layer infrastructure stack
Applications
Layer 6Internal apps, Customer workloads, External traffic
Platform Services
Layer 5TLS / Cert-manager, Storage, Monitoring, Identity
Kubernetes
Layer 4kubeadm, MetalLB, Ingress controllers
Virtualization
Layer 3Proxmox cluster, VM isolation
Network & Routing
Layer 2Failover IPs, VLAN segmentation, OPNsense firewall
Bare-metal / On-prem / Cloud VMs
Layer 1Hetzner, OVH, On-prem, AWS, Azure, GCP
Purpose
Each layer serves a specific function in the infrastructure stack, from bare metal to applications.
Security role
Security is enforced at every layer with network isolation, encryption, and access controls.
Failure strategy
Built-in redundancy and automated failover mechanisms ensure high availability.
Infrastructure Flow
User Request
HTTPS
Ingress
Load Balancer
Service
Kubernetes
Pod
Container
All traffic encrypted with TLS, authenticated via PKI