Infrastructure & Data Centres

Our data centres

DC1: Worldstream Naaldwijk

Our primary data centre runs at Worldstream in Naaldwijk, Westland. This location sits in the heart of the Dutch greenhouse region and offers reliable connectivity with direct fibre uplinks to Amsterdam and Rotterdam.

Worldstream operates a Tier III-equivalent data centre with redundant cooling, power, and networking. We run production workloads here, primary database instances, and control-plane nodes for Kubernetes clusters.

DC2: Databarn Amsterdam

Our second production data centre is at Databarn in Amsterdam. Both locations run active production workloads with failover between sites. The 62 km separation provides geographic resilience while keeping latency low enough for synchronous replication.

CoffeeSprout dual data centre locations: Naaldwijk and Amsterdam — DC1 (Naaldwijk) and DC2 (Amsterdam) connected with 10 Gbit fibre, 62 km apart for geographic resilience.

Network & connectivity

Both data centres connect via a 10 Gbit private interconnect provided by the data centres. Traffic between DC1 and DC2 stays on this direct link without traversing the public internet, giving us low-latency replication for databases, backups, and cluster state.

Network uplinks and backbone infrastructure are fully redundant in both locations.

We work with IPv6 by default, with IPv4 available where needed. Load balancers run HAProxy with SSL termination, health checks, and automatic failover between nodes.

Technology stack

We build on open source because it gives us flexibility, prevents vendor lock-in, and lets us dive deep into the stack when needed. Here's what everything runs on:

Operating systems & orchestration

Talos Linux: Immutable Linux distribution built for Kubernetes. API-driven, no SSH, automatic updates without downtime.
Kubernetes: Container orchestration for managed clusters. We run upstream Kubernetes or OKD (OpenShift Kubernetes Distribution) depending on your needs.
Ansible: Infrastructure as Code for managed servers. You get read/write access to your playbooks in Git.

Networking & load balancing

HAProxy: Layer 4/7 load balancing with SSL termination and health checks.
Cilium: eBPF-based networking and security for Kubernetes clusters. Faster and more flexible than traditional iptables solutions.

GitOps & automation

Argo CD: GitOps deployments for Kubernetes. Your infrastructure lives in Git, changes are automatically rolled out.
GitLab/GitHub: Repository management, CI/CD pipelines, and artifact signing.

Databases & storage

PostgreSQL: Our primary relational database. We run both standalone instances and CloudNativePG clusters.
NVMe storage: Fast local storage for databases and high-IOPS workloads.

Monitoring & observability

Prometheus: Metrics collection and alerting.
Grafana: Dashboards for JVM metrics, cluster health, and resource usage.
OpenTelemetry: Distributed tracing and log aggregation for Java applications.

Hardware philosophy

We run a mix of refurbished and new hardware. This isn't about cost savings, but a deliberate choice with three advantages:

Sustainability: Refurbished enterprise hardware (think Dell PowerEdge, HP ProLiant) has years of useful life remaining. Giving these machines a second life reduces electronic waste and demand for new manufacturing.

Availability: Chip shortages and supply chain problems hit new hardware hard. Refurbished enterprise gear is immediately available and avoids the waiting lists many providers face.

Quality where it matters: We don't buy consumer-grade hardware. Refurbished enterprise servers come with ECC memory, redundant PSUs, and out-of-band management (iDRAC, iLO). These machines previously ran at banks, telecom providers, and large SaaS companies. We test everything (RAM, disks, RAID controllers) before it goes into production.

For certain workloads (NVMe storage, high-density compute) we buy new hardware. The mix depends on what your workload requires: stable database servers do fine on refurbished gear, while cutting-edge Kubernetes nodes sometimes need newer CPU generations.

Backup & disaster recovery

Every managed machine is snapshotted twice daily. Backups are replicated to the other data centre, so your data remains available even during complete DC outages.

For compliance purposes we offer tape archiving and cold storage. Tape remains the most reliable option for long-term retention: no bit rot, no cloud vendor suddenly raising prices.

We test failover procedures regularly. For managed clusters we plan blue/green and canary deployments together, including runbooks so your team knows what happens during a failover.

Security & compliance

Firewalls run by default with deny-all policies. Only explicitly permitted traffic gets through. RBAC is configured for Kubernetes clusters, identity integration is ready if you want it.

We support ISO27001-aligned processes and can document controls for audits. Let us know your compliance requirements (GDPR, HIPAA, SOC2) and we'll work out how to implement them together.

Why owned hardware in Dutch data centres?

Cloud VMs are convenient for quick tests, but for production workloads running for years you want to know where your data sits, who has access, and what it costs. Owned hardware means:

Predictable costs: Our hardware is bought and paid for. We're not renting cloud capacity that providers can reprice overnight. This lets us hold pricing stable even when cloud providers raise their rates.
Data sovereignty: Your data stays in the Netherlands, within EU jurisdiction.
Direct access: We can be physically at the machines within an hour if needed.
Quality neighbors: We don't resell infrastructure or run public VPS hosting. All your neighbors are managed hosting customers like you, not random internet traffic or unknown workloads.