| Hypervisor | Proxmox VE 8 (KVM + LXC) or VMware vSphere 8 | Server virtualization |
| Container OS | Ubuntu 24.04 LTS Server or Rocky Linux 9 | Kubernetes node OS |
| Container Runtime | containerd 1.7+ | OCI-compliant container runtime |
| Orchestration | Kubernetes 1.30+ (via Kubespray or RKE2) | Container orchestration |
| Service Mesh | Istio 1.22+ | mTLS, traffic management |
| Ingress | NGINX Ingress Controller + cert-manager | TLS termination, routing |
| Storage (K8s) | Longhorn or Rook-Ceph | Distributed persistent volumes |
| DNS | CoreDNS (internal) + self-hosted authoritative DNS (external) | Name resolution |
| NTP | chrony (synced to regional NTP pool) | Time synchronization |