We're driving as many apps as possible to containers, and replacing most of our virtual infrastructure with Talos Linux [1] which is a reasonably hardened OS dedicated to Kubernetes hosting. I strongly recommend using the terraform provider to help manage at scale. The docs seem a little sparse for beginners, but if you already know kubernetes concepts, it's pretty easy to pick up. If you know flux style gitups talhelper+sops is far better than naked talosctl. We're also trying to migrate off of IAAS provided kubernetes and migrate to talos within instances. It's an effort to reduce dependency on specific IAAS while also minimizing number of technologies we need to support.

We're driving anything that cannot be containerized to lift and shift to IAAS and forcing the app owners to pay for it out of their budget as motivation to modernize. They have to explain to the board why their spending increased and they are still on legacy.

- [1] - https://www.talos.dev/