**Building Your Own Cloud with Cozystack: Insights from Andrei Kvapil**
*Cozystack is a Kubernetes-based framework for building a private cloud environment. Connect with Andrei on [LinkedIn](https://www.linkedin.com/in/andrei-kvapil).*
—
### Introduction
Welcome to a deep dive into building your own cloud infrastructure. In a recent episode of the Stack Overflow Podcast, host Ryan Donovan sat down with Andrei Kvapil, founder of Ænix and core developer of Cozystack, to discuss how Kubernetes can be leveraged to build private cloud environments from the ground up.
—
### Getting to Know Andrei Kvapil
Andrei’s journey into software and technology began with an early interest in Kubernetes. Fascinated by its capabilities, he dove into writing articles explaining complex Kubernetes concepts such as Argo CD vs. Flux CD, resource utilization, storage, and networking. You can find many of his works featured on the official [Kubernetes.io blog](https://kubernetes.io/blog/).
What excites Andrei most about Kubernetes is its powerful API and declarative model. “Kubernetes is not just about container orchestration—it’s about programming infrastructure declaratively, defining a desired state, and letting the system handle the underlying complexity,” he explains.
—
### What is Cozystack?
Cozystack is an open-source platform designed to provide managed services for private clouds. Unlike traditional virtual machine platforms, Cozystack aims to deliver not only virtual machines but also fully managed services akin to what public clouds like AWS or Google Cloud offer—including Kubernetes clusters, databases, and object storage.
Funded and supported by the CNCF (Cloud Native Computing Foundation), Cozystack is evolving as a “next-generation hypervisor” that simplifies accessing and managing cloud resources through APIs.
—
### Building a Cloud from Bare Metal
Many enterprises, especially in Europe, are pursuing digital sovereignty by building independent cloud infrastructures. According to Andrei, thanks to Kubernetes, building such clouds is more achievable today than ever before.
The journey starts with the underlying operating system. In Cozystack, instead of relying on standard OSes with varying kernels and modules, a minimal Linux distribution called Talos Linux is used. This approach ensures uniformity across environments and simplifies kernel module and image management.
—
### Choosing the Virtualization Layer
You need to decide the type of virtualization for your cloud:
– **Traditional Virtualization:** Similar to physical servers where VMs are created from ISOs, managed with tools like VMware or Proxmox.
– **Cloud-Native Virtualization:** VMs are treated as ephemeral resources created from golden images, managed through APIs. Technologies include OpenStack, CloudStack, KubeVirt, and Harvester.
While traditional virtualization tools like Proxmox are excellent for certain use cases, Cozystack focuses on cloud-native managed services that use Kubernetes and KubeVirt as orchestration backbones.
—
### Managing Kubernetes and Hypervisor Integration
Kubernetes serves as the orchestration platform managing virtualized resources, networking, and storage. Many solutions—including Cozystack and Harvester—use KubeVirt to run VMs inside Kubernetes as containerized workloads.
Andrei notes that while Kubernetes has primarily been designed for stateless containers, it is increasingly capable of handling stateful workloads such as VMs with additional components for managing IP and MAC addresses, live migrations, and resource isolation.
—
### Networking Challenges in Cloud Native Virtualization
Networking in Kubernetes-native clouds is complex. Traditional VM networking requires preserving IP and MAC addresses through node migrations, which Kubernetes doesn’t natively handle.
Cozystack uses advanced networking plugins like Cilium (a modern CNI plugin) along with projects like Kube-OVN to manage networking with BGP, IP assignment, and strict policy enforcement. This strategy allows IP addresses to be moved across nodes seamlessly while applying network security policies efficiently.
—
### Storage Considerations
Storage is a significant challenge in cloud environments, especially for stateful workloads:
– **Object Storage:** Accessible via APIs (S3-compatible), suitable for unstructured data.
– **Block Storage:** Required by virtual machines for operating systems and databases.
– **File System Storage:** Needed for applications expecting POSIX-compatible shared file systems.
Cozystack uses LINSTOR for high-performance block storage with RAID-like data replication over the network, which is more efficient for hyperconverged setups than Ceph. On top of block storage, Cozystack runs CVitFS for object storage capabilities.
Managing stateful services in Kubernetes became easier with the introduction of Operators—software that encodes operational knowledge allowing Kubernetes to manage state effectively. KubeVirt itself can be viewed as an Operator for virtual machines inside Kubernetes containers.
—
### User Management and Security
A functioning cloud needs user management for authentication, authorization, and quota enforcement. To secure user interactions with the system, Cozystack implements a custom API server within Kubernetes that restricts user modifications to safe fields and generates resources for underlying operators automatically.
While the platform currently lacks a user-facing web interface including billing and quota dashboards, it bundles open source projects to provide a comprehensive cloud solution including monitoring, virtualization, storage, and networking.
—
### The Vision: Simplifying Cloud Infrastructure
The ultimate goal of Cozystack is to abstract infrastructure complexity so users and businesses can focus on their core applications and logic. By combining Kubernetes, KubeVirt, LINSTOR, and advanced networking plugins with user management layers, Cozystack delivers an open-source private cloud platform that is extensible and scalable.
—
### Community and Getting Involved
Andrei invites anyone interested in Cozystack to join their community through various channels including Kubernetes Slack, Telegram, and community meetings. More information can be found on their website: [cozystack.io](https://cozystack.io).
—
### Shoutout to Our Community!
Today’s shoutout goes to **Adam** for earning the Populist badge on Stack Overflow—thanks for sharing your knowledge with a top answer on “Regex replace text but exclude when text is between specific tags.”
—
### Stay Connected
For questions or topic suggestions about the podcast or cloud infrastructure, you can reach Ryan Donovan at **[email protected]** or find him on [LinkedIn](https://www.linkedin.com/in/ryandonovan).
—
*Thank you for reading! Stay tuned for more insights into cloud technologies and innovations.*
https://stackoverflow.blog/2025/10/17/why-rent-a-cloud-when-you-can-build-one/