Back to all news

🎉 Welcome Jana Revajová to our team! 🚀

Jana is a skilled Solution Architect and Project Manager with extensive experience in designing and delivering IT solutions in the financial services industry.

She specializes in loans, risk management, payments, cards, and ATM & POS processing, combining modern technologies with legacy systems to deliver innovative and scalable solutions.

Her contributions include designing and implementing a cloud-based banking platform, streamlining operations, and driving customer satisfaction.

With certifications in TOGAF, ITIL, and Prince2, Jana brings expertise in solution design and cross-functional collaboration.

Check our team here

Back to all news

Case Study: Solargis – Ceph Design & Consultancy

Project Highlights

• Ceph Cluster Design & Implementation: We designed and deployed a Ceph cluster tailored to Solargis’ specific workload requirements.
• Performance Optimization: Delivered tuning recommendations for CephFS performance, including cache and striping configurations.
• Advanced Feature Integration:Implemented S3-compatible object storage and seamless integration with Kubernetes.
• Consultancy & Training:Conducted regular workshops and Q&A sessions on best practices and advanced configurations.
• Issue Resolution:Supported Solargis in troubleshooting and resolving performance bottlenecks and misconfigurations.

Benefits for Solargis

The Ceph solution delivered numerous benefits for Solargis:

• High Performance & Scalability: Ceph provided the robust performance needed for their intensive data workloads while offering seamless scalability as their storage needs grew.
• Enhanced Functionality: With features like S3 object storage and Kubernetes integration, Solargis unlocked new capabilities that improved operations and supported containerized workloads.
• Cost Efficiency: Ceph allowed Solargis to avoid the high costs associated with proprietary storage systems, offering a robust solution at a fraction of the price.
• Operational Flexibility: Ceph’s flexible architecture enabled the customization of storage solutions, including multi-zone replication and advanced file system configurations.
• Future-Proof Infrastructure: Solargis gained a modern, reliable storage platform that continues to evolve with their business requirements.

Client Statement

„The Grow2Fit team helped us implement Ceph smoothly and effectively. They not only designed and implemented a solution that met our expectations but also provided ongoing consultancy that ensured we could fully leverage Ceph’s advanced features.

Their hands-on approach, in-depth workshops, and rapid troubleshooting support gave us the confidence to push the boundaries of what Ceph can do for us.“

Miroslav Moravčík

Our work ensured a smooth transition to Ceph, resolved complex challenges, and empowered Solargis to maximize the value of their investment.

Provided services

• Cloud services
• DevOps services

Key Technologies

• Ceph

Back to all news

New Project for Kvapay: Crypto Payment Solutions Infrastructure

We are excited to announce a new collaboration with Kvapay to enhance their infrastructure for Crypto Payment Solutions. Kvapay, a leading provider of cryptocurrency payment services, offers secure and efficient solutions for businesses and individuals to manage their digital assets. With a growing network of Kvakomat cryptocurrency ATMs and a comprehensive crypto wallet, they are driving innovation in the digital payments industry.

This partnership aims to deliver a robust, scalable, and secure environment to support Kvapay’s innovative financial services.

Project Highlights

• GitOps Implementation
• Kubernetes Clusters
• Support Infrastructure (Monitoring, Alerting, Tracking)
• Monitoring & Observability
• Enhanced Security and Reliability

Benefits for Kvapay
This project will equip Kvapay with a cutting-edge infrastructure that:

• Enhances system reliability and performance
• Streamlines deployment processes
• Provides real-time insights for proactive management
• Ensures data security and business continuity

We proudly support Kvapay’s mission to revolutionize crypto payment solutions. Stay tuned for more updates as we move forward!

Back to all news

🌞 Goodbye Summer Party at Skalka near Kremnica! 🗻

We stepped out of our comfort zones and tackled the beautiful Via Ferrata tracks together. As a service company delivering tailored solutions with diverse teams across different clients, it’s always a treat to come together as one team. This adventure was a fantastic way to bond, recharge, and reflect on our accomplishments last year. 💪🤝

Back to all news

Case Study: Deutsche Telekom – Open Sovereign Cloud

Motivation and Objectives

The project was driven by two primary principles: openness and sovereignty. By leveraging open-source components, the platform ensures transparency and flexibility. Sovereignty is achieved by adhering to the guidelines set by the GAIA-X initiative, which promotes data and operational sovereignty within the European Union. This ensures compliance with EU laws, providing users with freedom of choice and interoperability across multiple cloud providers.

Key Features and Architecture

The cloud platform is structured into three main layers, each with its unique features and capabilities:

1. Infrastructure Layer:
   • MetalStack Technology: The infrastructure is based on a modern, Kubernetes-native technology called MetalStack. This offers essential infrastructure services like compute resources (virtual machines), storage (using Ceph), and networking (based on SONiC).
   • Kubernetes Integration: MetalStack leverages Kubernetes for resource management, providing a cloud-native, scalable, and efficient infrastructure solution.
2. Platform as a Service (PaaS):
   • Gardener: This orchestration tool manages Kubernetes clusters, allowing for seamless integration with various infrastructures. It supports multiple Kubernetes versions and offers geo-redundancy through its garden, seed, and shoot cluster architecture.
   • Automated Management: Users can easily create and manage Kubernetes clusters via a user-friendly dashboard or APIs, supporting CI/CD pipelines for automated deployments.
3. Software as a Service (SaaS):
   • Kyma Runtime: Kyma enhances Kubernetes with additional tools for serverless functions, API gateway, service mesh (Istio), and observability (Prometheus, Grafana, Loki, Jaeger).
   • Service Catalog: A comprehensive catalog of ready-made services like PostgreSQL, Kafka, Redis, and more, allowing developers to build applications quickly using these pre-configured components.

Innovation and Security

One of the most innovative aspects of the platform is its support for confidential computing. This technology addresses the challenge of securing in-memory data by encrypting the entire memory context of running containers. Leveraging Intel’s SGX technology, the platform ensures that even memory snapshots remain encrypted, preventing unauthorized access to sensitive data. This level of security makes the platform suitable for high-stakes applications in sectors like healthcare and defense.

Development Process and Team Culture

The development of this platform follows agile methodologies, with cross-functional teams working collaboratively across different layers of the stack.

Key technologies and tools used include:

• Programming Languages: Go, shell scripting, C (for network acceleration), and Python (for testing).
• Operating Systems: A customized Debian-based Linux distribution called Garden Linux.
• Development Tools: Git and GitLab for version control, task management, and CI/CD pipelines.

The team’s culture emphasizes transparency, collaboration, and continuous improvement, with regular sprint reviews and quarterly face-to-face meetings to align on priorities and address challenges.

Conclusion

The open-source and sovereign cloud platform developed by our client represents a significant advancement in cloud technology, combining compliance, security, and interoperability. By adhering to GAIA-X principles and leveraging cutting-edge technologies, the platform offers a robust solution for businesses seeking a secure and flexible cloud environment. This project not only sets a new standard for cloud services in Europe but also provides a model for future innovations in the industry.

Provided services

• Cloud services
• DevOps services

Key Technologies

• Kubernetes
• MetalStack
• Ceph
• Gardener
• Kyma
• Go
• GitLab

Back to all news

Case study: SoftPoint – Enhancing Infrastructure and Deployment Efficiency

Overview

Softpoint sought assistance with system infrastructure, monitoring, integration, and deployment processes. We conducted a comprehensive analysis of key areas to effectively address their needs.

Analysis Areas

• Infrastructure: Reviewed and optimized Kubernetes, virtual machines, and PostgreSQL setups.
• Monitoring: Developed dashboards to identify performance bottlenecks.
• Resource Limitation: Implemented tenant-based resource limits.
• Auto-Deployment and GitLab CI: Streamlined deployment processes.
• Cost Analysis: Identified opportunities for cost savings.
• Auto-Scaling Pods: Planned for future scalability.

Implementation

We integrated auto-deployment scripts with GitLab CI, addressed pipeline issues, and enhanced deployment processes. The infrastructure was upgraded, including Kubernetes and PostgreSQL tweaks, and new instance pools were configured for cost efficiency.

Infrastructure Changes

• Upgraded Kubernetes and optimized worker configurations.
• Implemented cost-saving measures, reducing expenses by hundreds of EUR per month

Additional Improvements

• Enabled security features like WAF and session stickiness.
• Optimized PostgreSQL settings and addressed memory management issues.

Outcome

The collaboration resulted in streamlined automated deployment, improved operational efficiency, scalability, and cost savings. Our partnership with Softpoint led to infrastructure and process improvements, setting the stage for future growth and scalability.

Contact Person

Peter Jakubík, CEO SoftPoint

Provided services

• Cloud services
• DevOps services
• Consulting

Key Technologies

• MS Azure
• Kubernetes
• WAF
• PostgreSQL
• GitLab

Back to all news

Kubernetes Days Prague 2024: Gabriel Illés on Observability with OpenTelemetry

🌟 Just back from Kubernetes Days Prague 2024 where our Senior DevOps Engineer, Gabriel Illés, presented on “Observability with OpenTelemetry Collector in distributed cloud and edge computing.” He discussed the challenges and strategies for implementing observability in complex environments, using OpenTelemetry Collector.

For those interested in diving deeper, the presentation is available here:

Back to all news

Welcome Aboard: Dominika Pénzeš Joins Our Management Team to Lead IT Specialist Sourcing

Disrupting our clients’ technology landscapes is a complex challenge — that’s why it’s crucial to have the right team. We are thrilled to announce that Dominika Pénzeš is joining our management team, where she will lead our IT specialists sourcing service. Having known Dominika for many years, we are confident in her expertise and excited about the new perspectives she will bring. Please join us in wishing Dominika great success in her new role.

Check our team here

Back to all news

Enhance OpenTelemetry gRPC With a Consistent Hash Load Balancer

The use case

OpenTelemetry collector (OTel collector) is deployed as an agent alongside the application on remote servers. It sends telemetry data (logs, traces, metrics) from the application and the host into central storage through a gateway deployed on the Kubernetes cluster.

The OTel collector is deployed using the OpenTelemetry operator Helm chart, with Kubernetes HPA, scaling replicas based on CPU load. The traffic is routed through a headless service because the standard Kubernetes service is not a good fit for gRPC, described in this article. But with this setup, there is no load balancing on the Kubernetes side, which is also mentioned in the article in the above link.

So, this lack of load balancing with the OTel agents configured to send data in batches causes the data from the same remote host to be forwarded randomly through the OTel collector gateway replicas. Data are written multiples by the actual number of replicas into the storage due to different label values holding the identity of the OTel replica. This drastically increases the storage usage, and the queries must be aggregated.

Let’s show it in an example.
Take one of the OTel agent metrics called otelcol_process_uptime, which has a label added by the OTel gateway called otelcol_replica, holding the name of the replica. The OTel gateway has four replicas; let’s query the metric using PromQL on the storage side:

avg by (otelcol_replica)(otelcol_process_uptime{hostname="xxxxxx"})
{otelcol_replica="opentelemetry-collector-5fc9f8g5sj5"} 2502046.749352578
{otelcol_replica="opentelemetry-collector-5fc9f8pfmvh"}
2502096.74889717
{otelcol_replica="opentelemetry-collector-5fc9f8rzkh4"}
2502156.749325255
{otelcol_replica="opentelemetry-collector-5fc9f8xj95v"}
2502136.749453457

As demonstrated, the data coming from the remote host are written four times into the storage.

So, the solution to this problem is a load balancing mechanism, which provides consistency in routing data from the same remote source through the same OTel collector replica. And that’s where the envoy-proxy is a perfect candidate, offering load balancers based on consistent hashing.

The solution

The envoy-proxy is deployed with two replicas and a headless service between the ingress and OTel collector gateway.

It is configured with a ring-hash load balancer based on the X-Forwarded-For HTTP header, enabling HTTP2 for upstream clusters.

...
route:
  cluster: "opentelemetry-collector-cluster"
  hash_policy:
    - header:
        header_name: x-forwarded-for
...
clusters:
- name: opentelemetry-collector-cluster
  connect_timeout: 0.25s
  type: STRICT_DNS
  dns_lookup_family: V4_ONLY
  lb_policy: RING_HASH
  http2_protocol_options: {}
...

This configuration ensures that the data from the same source IP will flow through the same OTel gateway replica while it exists. With this consistent route, only one copy of the data is written into storage from the remote host.

In case the replica fails, the envoy-proxy will redirect the data flow to the next member of the hash ring, so for a short period in the storage, two copies of the data will exist due to the changed value of the label holding the identity of the OTel collector replica.

Conclusion

Consider a high-load environment where the number of the OTel gateway replicas could be scaled to quite a high number. How much storage capacity could be saved with a reliable data flow from remote sources?

Author

Gabriel Illés
Senior DevOps Engineer

Dedicated professional with experience in managing cloud infrastructure and system administration, integrating cloud-based infrastructure components, and developing automation and data engineering solutions. Good at troubleshooting problems and building successful solutions. Excellent verbal and written communicator with strong background cultivating positive relationships and exceeding goals.

The entire Grow2FIT consulting team: Our team

Related services

• DevOps services

Back to all news

Case study: 365.bank – Evaluating the Future: A Comprehensive Review of Bank’s New Architecture

Solution

Employing a structured methodology, Grow2FIT’s approach for each area included:

• An initial workshop to review the proposed TO-BE architecture and identified issues.
• This was followed by the preparation of a draft output for each domain.
• Subsequent follow-up workshops allowed for collaborative refinement of these drafts.
• The final stage involved the completion and finalization of the outputs.

The areas reviewed were:

• Accounts & Cards
• Payments
• Consumer & Mortgage Loans
• Corporate & Treasury
• Data, Reporting, Compliance & CRM
• Front-end, New Omnichannel platform integration

Result

After a strategic review, Grow2FIT has advised 365.bank to proceed with a phased approach to IT system enhancement, focusing on key areas such as payment gateway functionality and new customer channels. The recommendation includes the implementation of a new Cloud Data Warehouse solution, focusing initially just on incorporating new requirements into this platform.

We also recommend retaining core banking systems where beneficial. Further stages involve consideration of system evolution based on specific technological, financial, and market-driven factors. Details of the implementation are kept general to respect confidentiality agreements.

Contact Person

Martin Petrík, 365.bank Program Manager

About the client

365.bank is a Slovak bank that carries out its business activities mainly on the basis of the Commercial Code and the Banking Act. The bank offers its clients a wide range of banking and financial products and services. Its core activities include accepting deposits, providing loans, performing domestic and cross-border transfers of funds, providing investment services, performing investment activities and providing ancillary services under the Act on Securities.

Provided services

• Fintech
• Consulting

Key Technologies

• Mambu
• Backbase
• AWS