Transforming On-Premise Infrastructure to a Future-Proof Kubernetes Platform on AWS

The Need & The Situation

A Platform Built for Growth and Innovation

As a global leader in AI-driven HR and recruitment technology, Textkernel needed more than just a stable IT environment. They needed a launchpad for innovation. With ambitious growth targets and a rapidly expanding client base, the company sought an infrastructure that would support:

  • Fast and reliable global deployments
  • Seamless scalability across regions
  • Modern developer workflows like containerization, GitOps, and CI/CD

They weren’t just looking to “move to the cloud.” They wanted a future-ready platform that would give them strategic flexibility and unlock real business value.

Legacy Infrastructure as a Bottleneck

Before the migration, Textkernel ran its applications on an on-prem virtualized platform built on Proxmox, automated with Ansible. While functional, the system was reaching its limits.

Challenges included:

  • Gradual provisioning: Rolling out new environments required manual steps.
  • Limited scalability: Infrastructure expansion was time-consuming and inconsistent.
  • High operational overhead: Teams were focused on maintaining infrastructure instead of product development.
  • Technical debt: The existing automation and scripts had grown organically over time, creating an opportunity to modernize with Kubernetes

After experiments with containers, Textkernel recognized the value of EKS as a flexible, scalable and highly available platform with great agility. However, a full-scale migration project in a short period seemed unreachable. 

Guus Meijer, COO - Managing Director at Textkernel
"Textkernel has taken a strategic step towards a future-proof IT infrastructure with SUE, allowing us to fully focus on innovation instead of infrastructure management. SUE's substantive knowledge was decisive for us."
The Impact

Cloud-Native, Automated, and Ready for the Future

As a long-term partner of Textkernel, SUE took up the challenge to architect and deliver a fully automated Kubernetes platform using Amazon EKS. The result was a transformation in how infrastructure supports the business. By reducing technical debt and automating infrastructure management, Textkernel’s teams gained the freedom to focus on what matters most: delivering value to their customers.

Key Outcomes

  • Instant provisioning: New environments are deployed with a single command.

  • Cost savings: Significant projected savings over five years compared to on-prem infrastructure.

  • Increased efficiency: 25% reduction in time spent on infrastructure maintenance.

  • High availability: 99.99% uptime baked into the platform design.

  • Scalable by design: Supports 120% growth with no major changes required.

  • Global reach: Ability to spin up local environments for new regions in minutes.

The Resolution

Engineering a Kubernetes Launchpad, Together

As specialists in modernizing complex environments, we followed a proven path based on the AWS Cloud Adoption Framework (AWS CAF), but with a deep focus on Kubernetes as the core engine for transformation. The project was executed in three phases using the MAP program.

Phase 1: Assessment & Planning

We kicked off with a high-level application assessment, identifying which workloads were fit for containerization and a Kubernetes-native architecture, and which were better suited to lift-and-shift. A strategic migration plan was developed, balancing business impact, technical feasibility, and operational risk.

Phase 2: Mobilization

This is where our expertise truly came to the forefront. In just a few weeks, we built a robust AWS landing zone that was much more than just a VPC. It was a secure foundation with correctly configured IAM roles, security groups, and network segmentation.

Upon this foundation, we used Infrastructure-as-Code (Terraform and Helm) to roll out a fully automated, production-grade Amazon EKS cluster, engineered for resilience and security from the ground up.

  • Control Plane Hardening: The EKS control plane was configured with strict API server access and integrated with AWS IAM for granular role-based access control (RBAC).
  • Data Plane Optimization: We designed a data plane with managed node groups across multiple Availability Zones to ensure high availability.
  • Advanced Networking with Calico: We made the deliberate choice to implement Calico as the Container Network Interface (CNI). This gives Textkernel powerful capabilities for fine-grained network policies and security segmentation between pods, a crucial requirement for a multi-tenant SaaS platform.
  • Embedded Security with Aqua Trivy: Security was not an afterthought. We integrated Aqua Trivy directly into the CI/CD pipeline for automated container image vulnerability scanning, preventing insecure images from ever reaching production.

Phase 2: Mobilization

This is where our expertise truly came to the forefront. In just a few weeks, we built a robust AWS landing zone that was much more than just a VPC. It was a secure foundation with correctly configured IAM roles, security groups, and network segmentation.

Upon this foundation, we used Infrastructure-as-Code (Terraform and Helm) to roll out a fully automated, production-grade Amazon EKS cluster, engineered for resilience and security from the ground up.

  • Control Plane Hardening: The EKS control plane was configured with strict API server access and integrated with AWS IAM for granular role-based access control (RBAC).
  • Data Plane Optimization: We designed a data plane with managed node groups across multiple Availability Zones to ensure high availability.
  • Advanced Networking with Calico: We made the deliberate choice to implement Calico as the Container Network Interface (CNI). This gives Textkernel powerful capabilities for fine-grained network policies and security segmentation between pods, a crucial requirement for a multi-tenant SaaS platform.
  • Embedded Security with Aqua Trivy: Security was not an afterthought. We integrated Aqua Trivy directly into the CI/CD pipeline for automated container image vulnerability scanning, preventing insecure images from ever reaching production.

Phase 3: Migration & Modernization

The core of our success was in the final phase. We migrated 30% of the workloads and re-platformed them collaboratively. This involved working side-by-side with Textkernel’s engineers to refactor applications to be truly Kubernetes-native, breaking down monolithic components into scalable microservices.

We provided deep insights into the cluster’s performance and health by building a dashboard with a full observability stack (integrating CloudWatch with Prometheus and Grafana). Through on-the-job training and shared ownership of the Terraform and Helm charts, the Textkernel team became confident owners and operators of their new, powerful Kubernetes platform.

What made this project different was our commitment to enablement. Textkernel’s engineers were involved every step of the way, building knowledge and confidence to own and operate their new platform.

Kubernetes logo

Three people behind a desk looking at a laptop.
Innovate faster

The Result: A Launchpad for Innovation

The technical transformation had a direct impact on the entire business. The numbers speak for themselves:

  • 99.99% Uptime: Rock-solid reliability, baked into the design.
  • 25% More Focus on Innovation: Engineers now spend their time building features instead of maintaining infrastructure.
  • Significant Projected Cost Savings: Over five years, a direct result of efficiency and scalability.

But the real win is the strategic flexibility. New international clients can now be onboarded in minutes by spinning up a local environment. The time-to-market for new services has been drastically reduced. And the team is ready to adopt new AWS services as soon as they can add value.

Textkernel no longer has an IT environment that follows the business; it has a technology launchpad that drives the business forward. And that’s what we get up for every day at SUE: turning complex technology into a strategic advantage for our customers.

Three people behind a desk looking at a laptop.

Start your Kubernetes journey

Robbie van Rooijen

Let's talk!


Start your Kubernetes journey

* required

By sending this form you indicate that you have taken note of our privacy Statement.
Privacy Overview
This website uses cookies. We use cookies to ensure the proper functioning of our website and services, to analyze how visitors interact with us, and to improve our products and marketing strategies. For more information, please consult our privacy- en cookiebeleid.