Meet With Us

Platform Engineering Case Study

Scaling Kubernetes for Multi-Client Mainframe Modernization with Zero-Trust Architecture

We guided a capable team to make informed platform decisions and introduced emerging technologies into their platform

Client: Private Sector - Series B Startup focused on Mainframe Modernization using AI

← All Case Studies Read Case Study ↓

About the Client (Private Sector - Series B Startup focused on Mainframe Modernization using AI)

Our client was focused on modernizing mainframe applications and hosting them in their cloud account, which was connected to their client’s network. They had capable engineers who had a working model for their first client, and were starting to see challenges around (1) how this would scale to multiple clients, and (2) how to run this stack within a client’s existing cloud environment. We needed to address the architectural considerations that would allow them to scale, and help them pivot their go-to-market to deploy into the client’s environment.

Outcomes

  • Zero-trust architecture enabled their staff to operate securely when accessing clients’ infrastructure without traditional VPNs
  • Secure IP protection through Cloud Development Environment (CDE) ensuring clients’ current and migrated code never leaves their network
  • Automated platform bootstrapping enabled deployment within any client’s cloud environment (AWS, Azure, or GCP)
  • Successfully pivoted go-to-market strategy from single-cloud hosting to multi-cloud client deployments
This engagement transformed our client’s business model and technical foundation. By shifting from a Google Cloud-only hosting approach to a cloud-agnostic platform that deploys directly into client environments, we helped them scale their mainframe modernization business while dramatically improving security posture and client trust.

Problem | Before working with us

The main challenges that our client faced before working with us were clear but significant:

  • Their automation and platform product were tightly coupled to Google Cloud as the sole hosting provider, limiting their ability to work with clients who had standardized on AWS or Azure. Their go-to-market strategy centered on hosting migrated applications in their own Google Cloud account, which created concerns around data sovereignty and IP protection.

  • Security was managed through traditional VPN solutions to connect to their clients’ environments, which introduced complexity and didn’t meet the zero-trust requirements of many enterprise clients. With one working client under their belt, the team could see that their current approach wouldn’t scale to support multiple clients with different cloud platforms and security requirements.

Solution | After working with us

We helped our client’s platform team fundamentally rethink their platform architecture to provide a less cloud-dependent, more secure experience. Through our platform engineering approach, we delivered:

  • Cross-cloud Kubernetes solution allowing their platform to run within any client’s cloud of choice (Google Cloud, AWS, or Azure), removing vendor lock-in and expanding their addressable market

  • Cloud Development Environment (CDE) integration using Coder to ensure all source code access and development happens within the client’s network boundary, addressing IP protection and data sovereignty concerns

  • Zero-trust access architecture leveraging Teleport to provide secure remote access to clients’ infrastructure without VPN complexity, with built-in access auditing and identity management

  • GitOps-based deployment automation using ArgoCD to manage both platform infrastructure and application deployments, enabling consistent automated bootstrapping across any cloud environment

The result was a modern, secure platform architecture that opened new market opportunities while giving clients confidence in how their sensitive mainframe code and data would be protected during modernization.

Services Provided

Our engagement combined strategic workshop facilitation with hands-on technical implementation. Our Platform Engineering Services for this project included:

Platform Engineering

Our engineers helped address not only Day 1 concerns, they also tackled the scaling challenges associated with Day 2 and beyond. We brought a platform-as-a-product mindset to our services, treating the infrastructure and platform as customer-facing software for developers. This lens helped the client think about their platform through their customers’ eyes.

Kubernetes Architecture & Tooling

We helped sift through the myriad of technologies that exist on top of Kubernetes to determine which ones would add value to the platform versus those that would add complexity without benefit. We enabled the client to successfully integrate Teleport for zero-trust access, Coder for secure development environments, and ArgoCD for GitOps, while moving their application deployments to a more automated model.

Go-to-Market Strategy & Business Positioning

Beyond the technical work, we paired with executives to evolve their business and sales positioning. Through structured “Get S**t Done” (GSD) meetings, we collaborated on sales collateral, documentation, and client-facing materials that articulated the value of their new deployment model.

Hands-on Implementation

We embedded our team with our client’s engineering team to drive actual implementation, working through their backlog together. This approach ensured knowledge transfer while maintaining momentum, starting at 5 days per week during the pivot and scaling down to ~2 days per week as the team gained confidence.

How we worked together

Our engagement began with an intensive on-site 2-day workshop with the client’s executive and engineering team. Together, we created a concrete plan to pivot their platform approach and go-to-market strategy.

Following the workshop, we paired with both executives and engineers to help evolve their business positioning and technical solution in parallel:

  • With executives and leaders, we ran structured “GSD” (Get S**t Done) meetings focused on specific outcomes: sales decks, customer documentation, pricing models, and client engagement strategies

  • With engineers, we engaged in hands-on pairing to tackle stories from their backlog, initially working together 5 days per week and gradually scaling down to ~2 days per week as their team built confidence and capability

  • Flexible resourcing allowed the client to align our engineers with whichever team members would drive the best outcomes on particular stories, ensuring knowledge spread across their entire team

The work was primarily remote with periodic on-site check-ins, allowing us to maintain momentum while respecting budget and travel constraints. This collaborative approach not only delivered the technical transformation but built lasting capability within their team.

Tech Stack Leveraged

Platform Engineering Kubernetes Terraform Crossplane ArgoCD Argo Workflows Teleport Coder GKE EKS AKS