Cloud Repatriation & Bare Metal Kubernetes Specialist

Cut Your Cloud Costs by 60%+
Without Compromising Security

Enterprise-Grade Air-Gapped Bare Metal Kubernetes Solutions

Secure as EKS/GKE. Same redundancy. Fraction of the cost.

Schedule Free Consultation Who Am I
60–80%
Average Cost Reduction
5 min
Snapshot Intervals
99.99%
Uptime Guarantee
100%
Automated Recovery

Trusted by Leading Organisations

The Business Case

Why Move Off Cloud?

Major enterprises are realising that cloud isn't always the answer. For stable workloads, bare metal offers unbeatable economics without sacrificing security or reliability.

💰

Massive Cost Savings

Eliminate cloud markup and unpredictable scaling costs. Typical clients save 60–80% on infrastructure spend. 37signals saved $10M over five years repatriating from AWS.

🔒

Enhanced Security

Air-gapped bare metal clusters with zero external attack surface. Your data never leaves your infrastructure. Meets GDPR, HIPAA, DORA, and defence compliance requirements public cloud cannot guarantee.

Zero Compromise Performance

No noisy neighbours. No hypervisor tax. Dedicated resources and full NVMe Gen5 I/O. Your applications get the hardware they paid for — consistently, every time.

🛡️

Enterprise Redundancy

ZFS filesystem snapshots every 5 minutes with remote replication. Full cluster recovery from catastrophic failures in minutes, not hours. Automated DR tested regularly.

🤖

Fully Automated

Infrastructure as code for everything — Ansible playbooks and Helm charts reduce deployment time by 80%. Automated deployments, scaling, backups, and recovery.

📍

Your Choice of Location

Deploy in your own data centre or colocation facility. Full data sovereignty. Zero vendor lock-in — 100% open-source tooling with no dependency on any single cloud provider.

Side-by-Side

How Does It Compare?

My solution matches or exceeds managed Kubernetes services on all critical dimensions — at a fraction of the ongoing cost.

FeatureEKS / GKEMy Solution
Security & Compliance✓✓ Enhanced
High Availability✓ Multi-node control plane
Automated Backups✓ Every 5 min (ZFS)
Disaster Recovery✓ Fully automated
Monthly Cost (example)$15,000$3,000 – $6,000
Data Sovereignty✗ Shared infrastructure✓ 100% yours
Air-Gapped Option✗ Not available✓ Specialist capability
Vendor Lock-in✗ High✓ None — 100% open-source
Pricing ModelVariable / unpredictable✓ Fixed & transparent
Network ThroughputThrottled / per-GB billing✓ 25–100Gbps flat rate
Storage I/OProvisioned IOPS tiers✓ Raw NVMe Gen5 speed

Under the Hood

Technical Highlights

Production-grade infrastructure built on battle-tested open-source tools with decades of operational validation.

🗄️

Infrastructure

VM-based Kubernetes on bare metal. ZFS storage for instant snapshots. Multi-node control plane with automated failover. SR-IOV and DPDK for near-wire-speed networking.

💾

Backup & Recovery

ZFS snapshots every 5 minutes with configurable retention. Off-site replication to secondary location. Fully automated DR procedures tested and validated regularly.

🔐

Security

Air-gapped architecture with zero internet exposure. Network segmentation. Encryption at rest and in transit. CIS hardening — GDPR, HIPAA, and DORA ready.

📊

Monitoring

Complete observability: Prometheus, Grafana, and ELK. Custom alerts for your SLOs. Performance metrics, capacity planning, and anomaly detection.

CI/CD Platform

Kubernetes-native CI/CD: GitLab CI, Jenkins, internal Git repos, and private container registries. Your entire dev platform on-premises — air-gapped if required.

🦾

MLOps & GPU

End-to-end MLOps with Kubeflow and NVIDIA GPU Operator. Maximum GPU performance for AI/ML workloads at a fraction of cloud GPU pricing at scale.

Why Bare Metal Out-Performs Cloud Compute

Networking

Predictable Network Throughput

On bare metal you manage the physical NICs directly (25–100Gbps). Flat-rate capacity based on hardware limits — not billed per-GB or throttled by a cloud provider's virtual network stack.

Storage

Uncapped Storage I/O

Unlike cloud where IOPS are throttled or tied to expensive tiers, bare metal lets you saturate the full bus speed of NVMe Gen5 — without the noisy-neighbour effect of shared cloud storage.

Latency

Locality & Deterministic Latency

Eliminating the hypervisor gives applications direct CPU and memory access. Pod Affinity enables zero-hop PCIe-speed internal communication — eliminating jitter critical for databases and real-time APIs.

Hardware

Hardware-Specific Tuning

Leverage SR-IOV and DPDK for near-wire-speed networking. Hardware features that cloud virtual instances simply cannot expose or match at any price tier.

How We Work Together

A Proven, Transparent Process

Fixed pricing at every stage. You know exactly what you're getting — and what it costs — before we begin.

01

Free Assessment

Up to 8 hours comprehensive analysis of your infrastructure, workloads, and cloud spend — completely free. You receive a detailed written cost comparison and migration roadmap.

02

Fixed-Price Proposal

The project is broken into clear stages, each with a predefined fixed price. You know exactly what each stage delivers and costs before we proceed. No hourly billing, no surprises.

03

Stage-by-Stage Delivery

Implementation using pre-built Ansible playbooks and Helm charts — reducing deployment time by 80%. Each stage is delivered, tested, and signed off before payment.

04

Training & Support

Your team is fully trained with runbooks and documentation. Optional fixed-price monthly support for monitoring, security patching, and capacity planning.

Fixed-Price Model

Transparent Pricing, No Surprises

Every project follows a clear, stage-based approach with fixed costs defined upfront. You only pay when each stage is completed to your satisfaction.

ENGAGEMENT MODEL

How Our Pricing Works

No hourly rates. No open-ended retainers. No surprise invoices. Clear, fixed costs for each defined stage.

  1. Free Initial Assessment (up to 8 hours)We analyse your infrastructure, workloads, and cloud costs at zero cost to you.
  2. Stage-Based Fixed PricingThe project is broken into clear stages, each with a predefined fixed price — agreed before we start.
  3. Payment on DeliveryYou only pay when each stage is completed and delivered to your satisfaction.
  4. Full TransparencyYou know exactly what you're getting and what it costs before we start each stage.

WHAT'S INCLUDED

Every Engagement Covers

Whether a single-cluster foundation or a full cloud migration, every project includes these as standard.

  • Requirements analysis and custom architecture design
  • Hardware procurement advisory for your workloads
  • Full IaC implementation — Ansible playbooks & Helm charts
  • Security hardening: SSH lockdown, network segmentation, encryption
  • Backup and disaster recovery configuration and testing
  • Monitoring stack: Prometheus, Grafana, ELK
  • Staff training and full runbook documentation
  • All automation code and config delivered to you
Start with a Free Assessment

Client Results

Trusted by Leading Organisations

Delivering enterprise-grade Kubernetes solutions that exceed expectations — from air-gapped defence environments to global gaming infrastructure.

It was a complex system in a completely offline environment with a very bespoke hardware configuration. He was brought on for his Kubernetes skillset which we needed to be added to the team. He took on the task with great enthusiasm, which required a lot of listening and understanding to the system requirements. We relied heavily on his ingenuity and innovation to develop a Kubernetes solution from the ground up.

Thales Group logo
Thales Group
Defence & Aerospace — Air-Gapped Kubernetes Deployment

Played a key role in establishing the foundational infrastructure for running Kubernetes on bare metal servers, replacing AWS EC2, EBS and VPC. His work included deploying the virtualisation layer and configuring the filesystem for data redundancy, encryption and compression. He implemented netboot from scratch and created a customised golden image for Linux VMs using Ansible, including SSH hardening and security configurations.

Phoenix Games logo
Phoenix Games
Gaming — Full AWS → Bare Metal Kubernetes Migration
Christophe Lichi — Bare Metal Kubernetes and DevOps Engineer, Sugau Pty Ltd

The Engineer Behind the Architecture

Decades of Deep Infrastructure Experience

I am not just a Kubernetes administrator with CKA CKS CKAD — I am a seasoned infrastructure engineer. My foundation is built on over 15 years as a Linux Engineer and more than a decade as a specialist SUN Solaris Engineer, holding 6 professional Solaris certifications.

In 2018, I dove into Kubernetes and fell in love with the technology. I mastered the deep ins and outs of bare metal deployments, air-gapped environments, and enterprise-grade security. My unique strength is combining deep Kubernetes expertise with decades of foundational knowledge in networking, high-performance storage, robust security, and database architecture.

This allows me to design a truly custom-made, enterprise-grade Kubernetes solution tailored exactly to your needs — not a copy-paste cluster.

CKA — Kubernetes Administrator CKS — Security Specialist CKAD — App Developer 6× SUN Solaris Certified
15+
Yrs Linux
10+
Yrs Solaris
7+
Yrs K8s
Air‑Gap
Specialist
My LinkedIn Page Work Together

Free Assessment

Ready to Reduce Your Infrastructure Costs?

Start with a free 8-hour assessment — no obligations, just a detailed written report comparing your current cloud costs against what bare metal Kubernetes would cost your organisation.

We'll show you exactly what the savings look like before you commit to anything.

clichi@sugau.com
🔗linkedin.com/company/sugau-pty-ltd
📍Australia — serving clients globally

Typical Payback Period

4–8 Weeks

For a client spending $300K/month on AWS, a $100K fixed-price migration pays for itself in 4–6 weeks of cloud savings — and keeps saving every month thereafter.

Free 8-hour assessment. No commitment required. Response within 24 hours.