Modernizing legacy infrastructure into cloud-native platforms is rarely a simple “lift-and-shift” operation. It requires a strategic combination of application refactoring, database modernization, and platform re-engineering.

Below are three architectural patterns detailing how real-world enterprises modernise their infrastructure to solve critical scaling, security, and operational bottlenecks.

Example 1: The Retail Monolith-to-Microservices Migration

The Legacy State

A major global e-commerce retailer processed all transactions through a massive, monolithic Java application running on bare-metal servers.

• The Bottleneck: During high-traffic events (like Black Friday), scaling the application meant copying the entire multi-gigabyte monolith onto new hardware.
• The Risk: A bug in the review system could crash the entire checkout pipeline, causing catastrophic revenue drops.

The Modernized Architecture

The engineering team decoupled the monolith into containerized microservices (Inventory, Checkout, Reviews) running on a managed Red Hat OpenShift (OCP) platform.

• Traffic Routing: They deployed an OpenShift Service Mesh (Istio) to manage internal microservice communication. This enabled Canary Deployments, allowing them to route just 5% of live traffic to a new version of the Checkout service to test stability before a full rollout.
• Observability: They implemented Jaeger and OpenTelemetry (OTel). When a user experienced a slow checkout, engineers used distributed tracing to see exactly which microservice or database query was causing the latency spike.
• The Result: The retailer reduced deployment frequencies from once a month to multiple times a day, and scaled individual microservices independently within milliseconds during flash sales.

Example 2: Financial Services Hybrid-Cloud & Zero-Trust Lockdowns

The Legacy State

A retail banking institution operated dozens of standalone Kubernetes clusters spread across on-premises VMware farms and public cloud infrastructure (AWS).

• The Bottleneck: “Cluster Sprawl.” Central platform teams had no clear visibility into what versions were running where, and developers were routinely deploying insecure configurations.
• The Risk: Strict regulatory frameworks (PCI-DSS and HIPAA) risked being violated due to manual drift in network policies and local admin access.

The Modernized Architecture

The bank implemented a federated Hub-and-Spoke fleet management model to enforce standard enterprise compliance.

• Centralized Fleet Governance: They deployed Red Hat Advanced Cluster Management (ACM) on a central control plane. ACM used Policy-as-Code to automatically push down identical security policies to all remote clusters. If a developer deleted a mandatory security constraint on an AWS spoke, ACM instantly recreated it (Self-Healing).
• Zero-Trust Identity Integration: They eliminated local static bootstrap credentials by integrating OpenShift’s OAuth layers with their corporate OIDC provider (Okta), enforcing multi-factor authentication (MFA) for command-line (oc login) and web console access.
• Runtime Hardening: They deployed Red Hat Advanced Cluster Security (ACS / StackRox). ACS acted as an admission controller, actively blocking any deployment manifest that attempted to run containers as root or expose unauthorized network paths.
• The Result: The security team achieved continuous compliance auditing, turning a weeks-long manual regulatory audit process into an automated, real-time dashboard visualization.

Example 3: Legacy Database & VM Coexistence at a Telecom Giant

The Legacy State

A telecommunications provider built a modern, containerized web interface for its customers, but the application relied on heavy, stateful backend processing workloads and legacy Windows/Linux virtual machines (VMs).

• The Bottleneck: The team was forced to split their operational workflows down the middle: developers managed containers via GitOps, while the infrastructure team managed the legacy VMs using old-school hypervisors (like VMware vSphere).
• The Risk: Maintaining two entirely separate infrastructure silos doubled licensing fees, hardware footprints, and operational complexity.

The Modernized Architecture

Instead of wasting years completely rewriting the legacy VM applications into containers, the telecom giant chose a hyperconverged approach by deploying OpenShift Virtualization.

• Unified Pod Architecture: They imported their legacy RHEL and Windows VMs straight into OpenShift using the KubeVirt engine. Under the hood, the virtual machines were wrapped inside standard Kubernetes pods, passing bare-metal hardware extensions straight down to the KVM/QEMU layers.
• Advanced Networking via Multus: Many legacy VMs had hardcoded IP schemas that could not exist on a standard container overlay network. Engineers used the Multus CNI to attach two network interfaces to the VM pod: one to talk internally to the new microservices, and a secondary bridge interface mapping directly to a physical corporate VLAN.
• Unified Storage: They migrated the virtual disks onto OpenShift Data Foundation (ODF / powered by Ceph) using high-performance, persistent ReadWriteMany (RWX) block storage classes. This allowed the platform to execute live migrations, shifting active virtual machines across different physical nodes with zero downtime during hardware maintenance.
• The Result: The telecom provider eliminated their standalone hypervisor licensing fees, unified their engineering teams under a single GitOps pipeline, and monitored both containers and virtual machines using a singular Prometheus and Thanos telemetry ecosystem.