OpenShift & Kubernetes Sovereignty: Platform Choice Matters
Your container platform hosts every application, every deployment pipeline, and every secret. The sovereignty of your platform determines the sovereignty of everything running on it.
Hyperscaler Kubernetes services (GKE, EKS, AKS) run on US-owned infrastructure under US law. Even "Swiss region" deployments are operated by US companies subject to the CLOUD Act. Managed OpenShift services from Red Hat or IBM are governed by US law as well.
VSHN offers both OpenShift and vanilla Kubernetes on Swiss infrastructure, operated by a Swiss team under Swiss law.
Platform sovereignty compared
| Dimension | GKE (Google) | EKS (Amazon) | AKS (Microsoft) | ROSA (Red Hat/AWS) | VSHN Managed K8s/OpenShift |
|---|---|---|---|---|---|
| Ownership | Google (USA) | Amazon (USA) | Microsoft (USA) | Red Hat/IBM (USA) | VSHN AG (Switzerland) |
| Governing law | US law | US law | US law | US law | Swiss law |
| CLOUD Act | Exposed | Exposed | Exposed | Exposed | Not exposed |
| Data location | Configurable | Configurable | Configurable | Configurable | Switzerland by default |
| Platform source | Proprietary (K8s core open) | Proprietary (K8s core open) | Proprietary (K8s core open) | Open source (OKD) | Open source (K8s or OKD) |
| Vendor lock-in | GKE-specific APIs, Anthos | EKS-specific, Fargate | AKS-specific, Arc | Red Hat subscription | Standard K8s APIs, portable |
| Operations team | USA | USA | USA | USA | Switzerland (Swiss-only option) |
OpenShift vs vanilla Kubernetes: a sovereignty perspective
VSHN offers both platforms. The sovereignty trade-off:
Vanilla Kubernetes — maximum sovereignty:
- No non-Swiss vendor dependency
- CNCF-governed, community-maintained
- All VSHN managed services available
- Swiss-only operations with no foreign corporate chain
Red Hat OpenShift — strong sovereignty with one nuance:
- OpenShift source code is open (OKD)
- Red Hat (IBM subsidiary, US) provides certified images and subscription entitlements
- Red Hat offers EU Sovereign Support as an option
- Day-to-day operations are fully independent by VSHN
For customers where the Red Hat corporate chain is a concern, vanilla Kubernetes provides the same managed services with no non-Swiss dependencies.
VSHN sovereignty self-assessment
We applied the EU's Cloud Sovereignty Framework (v1.2.1, October 2025) to our own services. This framework was used to score providers in the EU's EUR 180M sovereign cloud tender in April 2026 — three pure-European providers achieved SEAL-3, while a consortium involving Google Cloud scored only SEAL-2.
This is a self-assessment, not a formal SEAL certification. We publish it for transparency so customers can evaluate our sovereignty profile using the same structured criteria the EU uses.
| # | Dimension | Weight | Assessment | Evidence |
|---|---|---|---|---|
| SOV-1 | Strategic | 15% | Strong | Swiss AG, no foreign parent, all shareholders Swiss citizens (Commercial Register) |
| SOV-2 | Legal | 10% | Strong | Swiss law (GTC), no CLOUD Act, EU adequacy decision |
| SOV-3 | Data & AI | 10% | Strong | Swiss DCs by default. Sovereign key management via Managed OpenBao + Swiss HSM |
| SOV-4 | Operational | 15% | Strong | Swiss 24/7 ops, Swiss-only support option. All services on vanilla Kubernetes |
| SOV-5 | Supply Chain | 20% | Strong | Infrastructure-agnostic — customer chooses provider. Open-source software |
| SOV-6 | Technology | 15% | Strong | 100% open source. VSHN contributes to K8up (CNCF), Crossplane providers, Project Syn |
| SOV-7 | Security | 10% | Strong | ISO 27001, ISAE 3402 Type II, Swiss SOC. FINMA-regulated customers |
| SOV-8 | Environmental | 5% | Moderate | DC operators: Green Datacenter AG (ISO 22301/27001/27701), Exoscale sustainability. VSHN CSR policy |
Overall: SEAL-3 equivalent — the same level achieved by the winners of the EU's own sovereignty tender. No provider worldwide achieved SEAL-4, as it requires fully EU/EEA-sourced hardware supply chains and open-source foundations — structural gaps shared by every cloud provider.
Get a sovereignty assessment for your platform
Running containers on a hyperscaler and evaluating sovereign alternatives? We assess your sovereignty profile against the EU framework and plan a migration to Swiss-operated OpenShift or vanilla Kubernetes.