A recent engineering article from the team at NetBird highlights how INFITX Africa implemented fully automated private networking across our Kubernetes environments.
The post describes how our platform engineering team designed a zero-touch networking model that allows Kubernetes clusters to securely join a private mesh network automatically as they are provisioned.
This architecture removes the need for traditional VPN management, manual configuration, or distribution-specific networking logic — all while maintaining a fully open-source, Kubernetes-native stack.
The solution combines:
- NetBird for identity-based private networking
- The NetBird Kubernetes Operator for cluster integration
- Crossplane for declarative infrastructure and network configuration
- Istio for fine-grained service routing and policy control
The result is a unified private networking model spanning on-premise infrastructure and AWS environments, with new clusters able to join the network automatically as part of the platform provisioning process.
For teams operating large Kubernetes estates, networking quickly becomes one of the hardest problems to scale. Treating networking as declarative infrastructure — reconciled continuously inside Kubernetes — allows it to scale in the same way as the rest of the platform.
Credit to David Fry and the INFITX Africa platform engineering team for the design and implementation, and thanks to the NetBird team for showcasing the architecture.
You can read the full article here:
