CoreInfra Migration
Zero-downtime migration from legacy VMs to Kubernetes, cutting infra costs by 40%.
The Challenge
The client ran their payment processing API on a fleet of hand-provisioned EC2 instances. Deployments required a manual SSH dance, caused 5–8 minutes of downtime per release, and the team was paying for significantly over-provisioned capacity. A pending PCI DSS audit put infrastructure hygiene directly on the critical path.
Our Approach
We designed a migration path that allowed both old and new infrastructure to run in parallel — zero big-bang cutover. Every service was containerised, a Helm chart written, and routing shifted progressively via weighted ALB target groups. All infrastructure is now defined in Terraform and stored in Git. Deployments go through a GitHub Actions pipeline with automated smoke tests before any production traffic is shifted.
- Progressive traffic shifting via AWS ALB weighted target groups — no maintenance windows
- EKS cluster with Karpenter for node autoscaling — right-sized at all times
- Full Terraform state: VPC, subnets, RDS, EKS, IAM, ACM — reproducible from scratch in < 20 min
- GitHub Actions CI/CD: build → test → push to ECR → Helm upgrade → smoke test → shift traffic
- Datadog APM + log forwarding: every deployment annotated, full correlation across services
“We passed the PCI audit with no findings related to infrastructure. The auditor actually commented on how clean the setup was. That felt good.”
CTO, CorePay