How We Designed a Smart Deals Aggregator’s Expansion Plan for Scalable Growth in Europe

• Kubernetes as the core platform. All services run inside the Kubernetes cluster.
  
  
• Two types of nodes inside the cluster: control-plane nodes keep operations coordinated; worker nodes actually run the applications and microservices.
  
  
• Three separate control-plane nodes for reliability hosted on separate virtual machines.
  
  
• Each component runs on its own virtual machine. Even if several VMs share the same physical server, we separated them to ensure the system’s safety.
  
  
• Hardware is duplicated for high availability. In the cloud, redundancy is provided by the provider. On-prem, we build it manually, meaning any critical component gets deployed on at least two different physical servers to survive hardware failure.
  
  
• A database (e.g., PostgreSQL) has a separate cold replica or backup that is activated when the primary database fails.

Estimating the Budget for a Dedicated Infrastructure

Before suggesting on-premise as a real option, we first needed to check whether it could even make sense financially. To do that, we took one representative cloud configuration and compared it with a roughly equivalent dedicated server configuration. Not to produce a detailed quote, but to understand the general economic direction.

From this starting point, we built a broader estimate:

• Resource requirements for on-prem production are intentionally doubled, since redundancy is not provided by the platform.
• The plan includes both compute nodes and the Kubernetes control plane.
• Each user-growth milestone (around 5k, 30k, 100k users) has its own expected CPU and RAM footprint.
• These footprints were then matched with approximate monthly hosting costs from a dedicated provider.

So, does on-premise compete with the cloud? The answer is: it can, but only at the right scale and with the right expectations. Cloud remains unbeatable for flexibility and ease of scaling. On-prem, on the other hand, becomes attractive once the workload grows and stabilizes, and when the business wants predictable long-term infrastructure costs.

Migration Scope and Estimated Effort

To give our client a clear picture of what moving from cloud to an on-premise environment involves, we broke the migration into a sequence of practical steps. We needed to show the full scope of work, highlight the areas that take the most engineering effort, and make sure the timeline reflects not only configuration time, but also testing, verification, and inevitable pauses between stages.

Step 1: Preparation (~30 hours)

Before anything can be migrated, we collect a complete inventory of the current setup and document every critical detail.

This includes:

• Infrastructure and service inventory
  • Kubernetes nodes (control plane + workers)
  • PostgreSQL, Redis versions, replication settings, backup strategy
  • Docker registry configuration
  • Volumes, disks, storage paths
  • External integrations (DNS, SSL, third-party APIs)
    
    
• Hardware procurement (client-side, ~15 hours)
  • Servers with enough CPU, RAM, and storage to match (or exceed) cloud resources
  • Network equipment (switches, firewalls)
  • High-speed SSD/NVMe storage
  • Dedicated backup and logging storage

• Initial physical server setup (~7 hours)
  • Installing a minimal, hardened Linux distribution
  • Applying security patches and baseline configuration

Step 2: Base Environment Setup (~60 hours)

Once the hardware is prepared, we build the core of the new platform:

• Virtualization or containerization platform (~12 hours)
  • Installing Kubernetes (kubeadm/k3s) based on current cluster characteristics
  • Configuring the Container Runtime Environment (containerd/CRI-O)

• Installing and Configuring the Database (~8 hours)
  • Installing PostgreSQL and configuring replication

• Configuring ElasticSearch, Redis, and RabbitMQ (~15 hours)
  • Configuring clustering
  • Optimizing configurations based on current usage data

• Monitoring and logging (~15 hours)
  • Grafana, Prometheus, Zabbix (full-stack monitoring)
  • Centralized logging system (ELK/EFK stack)

• Configuring security gateway & WAF (~10 hours)
  • Web application firewall, security gateway (e.g., ModSecurity, Cloudflare WAF On-Premise)

Step 3: Data Migration (~15 hours)

Data moves only after the new environment is ready and verified:

• Database migration (~7 hours)
  • Backup + restore of test PostgreSQL instance
  • Backup + restore of Redis (AOF/RDB)

• Full snapshot of databases and services (~4 hours)

• Final recovery & consistency check (~4 hours)
  • Restoring PostgreSQL and Redis on local servers
  • Checking data consistency

Step 4: Application Migration (~15 hours)

Next, the application stack is deployed inside the new cluster:

• Deploying all Kubernetes manifests (modules, services, deployments)
• Setting up persistent volumes
• Verifying ConfigMaps and secrets
• Functional testing for all web, mobile, and admin applications
• Running smoke tests on critical flows
• Repointing DNS and CDN to the new infrastructure

Step 5: Testing & Verification (~30 hours)

This phase ensures the new environment isn’t just running but running reliably:

• Functional and availability testing
• Stress and load testing
• Backup and disaster recovery workflow testing
• Documenting the effect of network latency compared to the cloud

Step 6: Infrastructure as Code Automation (~25 hours)

To make the setup reproducible:

• Preparing Ansible scripts for OS, Kubernetes, PostgreSQL, Redis, Docker registry
• Testing automation scenarios end-to-end

Step 7: Production Preparation (~5 hours)

• Final data sync before going live Making sure the environment is fully production-ready

Step 8: Post-Deployment Monitoring (~20 hours)

For the first days after launch, the environment requires closer observation:

• Monitoring infrastructure health
• Fine-tuning performance using real metrics

Additional Considerations

• Latency. On-premise infrastructure typically introduces slightly higher latency compared to cloud deployments. We highlight this early so that routing and network optimization can be planned in advance.
• Security. It’s necessary to ensure that a robust WAF is implemented and regularly updated to mitigate potential security risks.

Total Estimated Effort

• ~200 hours of engineering work
•  ≈ 10 weeks, including testing and waiting periods

Conclusion and Recommendations

Our client is entering a serious growth phase, expanding to new markets and raising the bar for performance, reliability, and compliance. After reviewing the current infrastructure, its costs, and the associated risks, we outlined the strengths and weaknesses of both directions, staying in the cloud or moving to dedicated servers, and shaped a strategy that supports the company’s long-term plans.

If Our Client Continues in the Cloud (DigitalOcean)

Advantages:

• Fast to launch and easy to maintain day-to-day.
• Many built-in tools and automation features that reduce operational overhead.

Risks:

• If the data center has an outage, they’re tied to the provider’s response and SLA; there are no availability zones to spread the workload.
• Our client pays not only for compute and storage, but also for every gigabyte of inbound and outbound traffic, including internal traffic between services.
• Building strong redundancy, regional isolation, or GDPR-aligned setups becomes more difficult and more expensive.

If the Project Moves to Dedicated On-Premise Servers

Advantages:

• Full control over infrastructure, security, and data.
• No traffic fees—our client only pays for the hardware itself.
• Flexible architecture: they can design redundancy, shard databases per region, or implement custom policies without cloud limitations.

Risks:

• Our client must duplicate infrastructure to achieve the same level of reliability.
• The team becomes responsible for updates, monitoring, and disaster recovery.
• More technical involvement is required from our client’s engineers or a partner like IT Outposts.

Our Recommended Hybrid Approach

We recommended a hybrid architecture that balances cost, performance, and resilience:

• Dedicated servers in key regions (six zones): Europe, USA, Singapore/Hong Kong, Australia, South Africa, Brazil. These locations host the production workloads, bringing lower latency and full independence from cloud outages.

• Cloud resources used only for shared, non-critical components. Centralized monitoring, admin tools, API gateways, and staging environments remain in DigitalOcean (or any other cloud).

• Automation and ongoing support. Deployment, monitoring, backup strategies, and failover are handled through Kubernetes, Ansible, and a standard set of infrastructure tools, ensuring consistency across all regions.