From Zero to SFTP: Building a Modern Gateway for Kubernetes

Ever tried explaining SFTP to a cloud-native developer? It’s like describing a fax machine to a teenager. Yet here we are in 2025, and SFTP is still a requirement in countless enterprise environments. Whether it’s financial reports, healthcare records, or vendor agreements, SFTP refuses to fade away. And honestly, that’s not entirely a bad thing—it works. It’s secure, reliable, and familiar. But let’s be real: it wasn’t built for Kubernetes.

When we were asked to integrate SFTP into a modern Kubernetes cluster, it felt like a collision of two worlds. Kubernetes thrives on stateless, scalable workloads, while SFTP is inherently stateful and dependent on persistent user management. It felt awkward, clunky, and incompatible. But instead of rejecting the challenge, we decided to embrace it and reimagine what SFTP could look like in a cloud-native world. The result was a lightweight SFTP gateway that seamlessly integrates with Kubernetes while modernizing authentication, security, and storage in ways that make it a joy to use.

Why Is SFTP Still Around, and Why Should You Care?

Think about your typical Kubernetes environment: applications are containerized, scaling is seamless, and CI/CD pipelines handle everything in an automated flow. Then, someone says, “We need SFTP access to share files.” Your first thought might be to argue for a more modern solution, like S3 or a REST API. But no matter how reasonable your suggestions sound, the request stands firm: SFTP is required.

The problem isn’t just that SFTP feels outdated. It’s that it wasn’t built for Kubernetes. Traditional SFTP servers are heavyweight and stateful, requiring persistent storage, manual key management, and user account provisioning. It’s a tedious process that feels out of sync with everything Kubernetes stands for. But the truth is, SFTP survives because it’s simple and reliable. For industries like finance and healthcare, where compliance and regulation demand secure, trackable file transfers, SFTP remains the tool of choice. The question isn’t why it’s still here—the question is how to make it work in modern environments.

How Can You Make SFTP Feel Right at Home in Kubernetes?

Our answer was k8-container-gate, a Kubernetes-native SFTP gateway designed to handle these challenges with minimal friction. At its core, it leverages GitHub SSH keys for authentication. Developers already manage their SSH keys in GitHub, so why not use that system to handle access? When a user connects, the gateway fetches their public keys directly from GitHub, validates their team or organizational membership, and grants access dynamically. There’s no need to create accounts, distribute keys manually, or clean up stale credentials. If someone leaves your team, their access disappears as soon as they’re removed from GitHub.

Another common pain point is managing file storage. Kubernetes wasn’t built for traditional filesystems, and trying to shoehorn stateful workloads into a stateless environment often creates more problems than it solves. Instead of relying on persistent volumes, we decoupled storage entirely. Files uploaded via SFTP are synced to object storage like S3 or GCS. This keeps the SFTP gateway lightweight and stateless while ensuring files are stored securely and scalably.

Security was another area we approached with care. Traditional SFTP servers often rely on password authentication, which is a nonstarter for modern systems. Instead, we enforce key-based authentication, disable passwords entirely, and isolate each user in a chroot jail. Every file transfer is logged for compliance, making it easy to audit activity. These measures ensure the gateway not only meets modern security standards but also satisfies the strict requirements of industries like finance and healthcare.

What makes this approach so powerful is its simplicity. SFTP users don’t want complex dashboards or bloated features. They want to upload and download files quickly and securely. By focusing on this core need and letting Kubernetes handle scaling, updates, and failover, we created a solution that just works.

What Does a Modern SFTP Workflow Look Like in Practice?

The results have been transformative. Imagine a healthcare company sharing sensitive patient records with an external vendor. Traditionally, this would involve setting up a dedicated SFTP server, creating user accounts, distributing keys, and managing permissions manually. With k8-container-gate, the workflow is seamless. The vendor provides their GitHub username, logs in with their existing SSH key, and uploads files directly. No manual intervention. No tedious setup. And when the project ends, their access is revoked automatically, leaving nothing behind to clean up.

Reflecting on this project, a few lessons stand out. First, it’s clear that legacy protocols like SFTP aren’t going away, and that’s okay. The key isn’t to replace them but to modernize how they’re used. Second, simplicity is underrated. We could have added features like file compression or versioning, but focusing on the essentials—secure file transfer—made the gateway easier to build, deploy, and use. Finally, leveraging existing tools like GitHub turned out to be a game changer. By integrating with a system users already know, we eliminated complexity and created a solution that feels intuitive.

Modernizing SFTP wasn’t about reinventing the wheel—it was about finding a way to make an old wheel spin smoothly in a modern machine. The end result isn’t just a better way to do SFTP. It’s a reminder that good engineering isn’t about chasing the newest tools; it’s about solving problems in ways that are elegant, practical, and sustainable.

SFTP may be a relic, but when combined with the right tools, it can thrive in a cloud-native world. So the next time someone asks for SFTP in Kubernetes, don’t roll your eyes. Smile. You’ve got the perfect solution.