**Building Your Own Private Cloud with Cozystack and Kubernetes: Insights from Andrei Kvapil**
*Today’s shoutout goes to Adam for winning a Populist badge on Stack Overflow for their fantastic answer to “Regex replace text but exclude when text is between specific tag.”*
—
**Introduction**
Welcome to the Stack Overflow Podcast hosted by Ryan Donovan. In this episode, we dive deep into the world of private cloud building with Andrei Kvapil, founder of Ænix and core developer of Cozystack, a Kubernetes-based framework designed to build private cloud environments.
—
**A Journey into Software and Kubernetes**
Andrei shared how his journey began in the Kubernetes community early on, quickly becoming fascinated by the technology. For him, Kubernetes is more than just container orchestration—it’s an API-driven platform that allows you to program and automate infrastructure declaratively. He emphasizes the power of defining desired states rather than managing the underlying implementation details.
—
**What Is Cozystack?**
Cozystack is a managed services platform that enables ordering not just virtual machines but complete IT services such as Kubernetes clusters, databases, and object storage. Positioned as a next-generation hypervisor, Cozystack is open source and is developed as part of the Cloud Native Computing Foundation (CNCF) project.
—
**Building a Cloud from the Ground Up**
Andrei explains that building a cloud starts right at the bare-metal level. For large-scale infrastructures involving hundreds or thousands of nodes, automation in bare metal provisioning becomes essential.
A key part of Cozystack’s approach is simplifying the bottom layer by using a minimal operating system, Telus Linux, which bundles all necessary kernel modules and ensures consistency across environments.
—
**Choosing Your Virtualization Model**
When building your own cloud, deciding the type of virtualization is critical. Traditional virtualization platforms like VMware or Proxmox simulate physical servers with full OS installs. Meanwhile, cloud-native approaches focus on using golden images and APIs to rapidly provision and manage numerous virtual machines.
Cozystack adopts the cloud pattern, leveraging Kubernetes and KubeVirt to run and orchestrate virtual machines in a more automated, scalable way.
—
**Kubernetes as the Cloud Orchestrator**
Kubernetes plays a central role as the orchestrator in modern cloud environments. According to Andrei, Kubernetes reduces cognitive load by consolidating multiple layers of infrastructure management under a single technology stack with declarative configuration.
Though complex, Kubernetes allows you to build and manage clouds that are more flexible and easily automated compared to traditional virtualization systems.
—
**Networking Challenges and Solutions**
Networking is a challenging part of building a cloud on Kubernetes, especially when running virtual machines, which require features not originally designed into Kubernetes networking.
Cozystack uses Kube-OVN, a Kubernetes network plugin, to address issues such as IP and MAC address management and live migration of virtual machines. Unlike other solutions, Cozystack aims to maintain Kubernetes’ native networking principles, assigning IP addresses within a large, movable range and leveraging Cilium to enforce network policies via eBPF and BGP.
—
**Understanding Network Policies and Multi-Network Management**
While Kubernetes comes with built-in network policies and DNS services, managing multiple networks (such as Virtual Private Clouds or VPCs) is complex. Projects like Multus allow running multiple network interfaces, but often at the cost of losing native Kubernetes control.
Cozystack’s approach focuses on simplifying these challenges by integrating with existing Kubernetes networking paradigms.
—
**Storage: The Critical Piece for Stateful Services**
Storage is equally complicated. State management in Kubernetes introduces challenges like preserving data during node updates or failures.
Andrei discusses three storage categories relevant to cloud building:
– **Object Storage:** Accessible via APIs like S3, ideal for storing files and unstructured data.
– **Block Storage:** Necessary for running virtual machines and installing OSes; managed typically with solutions like LINSTOR.
– **File System Storage:** Required for applications expecting POSIX-compatible shared file systems.
Cozystack uses LINSTOR for block storage and runs CVit FS on top to provide object storage functionalities.
—
**User Management and Security**
Building a cloud isn’t just about infrastructure. Managing users, quotas, authentication, and authorization is essential.
Cozystack implements its own Kubernetes API server to enforce policies that limit user permissions, preventing security threats such as resource misuse or system compromise.
Though currently lacking a web interface for end users, Cozystack integrates monitoring, billing, and quota management into its platform to offer a comprehensive cloud solution.
—
**The Big Picture**
To recap, the layers involved in building a cloud with Cozystack include:
– Minimal Linux OS (Telus Linux)
– Virtualization (KubeVirt)
– Kubernetes as orchestrator
– Networking (Kube-OVN, Cilium)
– Storage (LINSTOR, CVit FS)
– User management and API security
All these components are seamlessly integrated to provide a turnkey cloud platform where you focus on your business logic while Cozystack takes care of the complex infrastructure.
For those interested in exploring further, Andrei recommends visiting [cozystack.io](https://cozystack.io) where you’ll find community channels on Slack and Telegram, detailed documentation, and community meetings to discuss development and use cases.
—
**Connect and Learn More**
– Connect with Andrei Kvapil on [LinkedIn](https://www.linkedin.com/in/andrei-kvapil)
– Join the Cozystack community on Kubernetes Slack and Telegram
—
**Final Shoutout**
Congratulations again to Adam for their excellent Stack Overflow answer on Regex replacing text while excluding content between specific tags!
—
*This transcript and insights excerpted from the Stack Overflow podcast with Ryan Donovan and Andrei Kvapil have been formatted for easier reading and comprehension for WordPress publication.*
https://stackoverflow.blog/2025/10/17/why-rent-a-cloud-when-you-can-build-one/
