At FINBOURNE we run highly available Kubernetes clusters in multiple availability zones, with about twenty-five M5.2xLarge nodes per cluster. These nodes live within an Amazon Web Services Virtual Private Cloud (VPC) and although they are not physically linked, they can communicate. We use WeaveNet as our overlay network to secure our cluster traffic with encryption within a VPC. WeaveNet (Weave or commonly known as weave) gives us confidence that pod traffic is not being intercepted or manipulated between nodes; deploying WeaveNet as a Daemonset means that we can manage configuration in a single place. This configuration is deployed through our CICD systems from a central repository. We maintain the capability to update low-level components without triggering an outage by implementing an immutable infrastructure pattern.