Why Linkerd instead of Istio?

Operational overhead. Linkerd’s defaults cover retries, timeouts, and mTLS without constant YAML spelunking. The team didn’t need multi‑cluster gateways or custom EnvoyFilters; they needed reliability with fewer levers.

How did you manage secrets across environments?

External Secrets Operator read from AWS Secrets Manager with environment‑scoped prefixes. ArgoCD managed ESO manifests; engineers never touched raw Kubernetes Secrets. Rotations were handled in ASM with zero redeploys when apps watched for updates.

What about stateful services like Kafka and Elasticsearch?

We moved Kafka to Confluent Cloud and logs to Grafana Cloud Loki. We kept Aurora for relational data, managed by RDS. The rule was: if a vendor can run it better and cheaper than our SRE time, buy it.

Did you consider going back to a monolith?

We merged nanoservices into domain services where latency and ownership made sense. Full re‑monolith would’ve blown the schedule and team autonomy. Bounded contexts gave 80% of the benefits with 20% of the churn.

Case-studies · Nov 4, 2025 · 10 minute read

The Microservices Migration That Cut On‑Call Pages 72% and Retired 38 Helm Charts

We took a fintech with 120+ chatty services, seven snowflake EKS clusters, and a pager screaming every night—and turned it into a lean platform with GitOps, Linkerd, and managed data services. No silver bullets. Just boring, proven engineering.

Back to all posts

The Microservices Migration That Cut On‑Call Pages 72% and Retired 38 Helm Charts

Key takeaways

Implementation checklist