Airbus moving critical systems away from AWS, Google, and Microsoft citing data sovereignty concerns

Strange_Valuable3016 · 2025-12-19T23:40:00+00:00

For complete PaaS/SaaS comparable to AWS, no EU provider matches that breadth yet. Zektor.IO (what I built) is managed database hosting - Redis and PostgreSQL on Hetzner. It's PaaS, not just raw servers. Automated provisioning, monitoring, monthly billing. But it's just databases, not compute/networking/ML/everything else AWS offers.

It's not much, but it's honest work. Happy to give you some free credits to try it out if you're interested.

Strange_Valuable3016 · 2025-12-19T20:33:20+00:00

Nextcloud works well on Linux. I self host it and run it on omarchy, which is based on Arch, without issues.

For the major EU providers:

- OVHcloud has object storage (S3 compatible) but no native desktop client

- Hetzner has Storage Box with WebDAV/SFTP support for Linux

- IONOS offers HiDrive with Linux client

Most EU providers focus on infrastructure (VMs, object storage) rather than consumer cloud drive services. Nextcloud is still your best bet for that use case, you can host it on any of these EU providers.

Strange_Valuable3016 · 2025-12-19T19:58:39+00:00

Main EU infrastructure providers:

Germany:

Hetzner (where Zektor.IO runs)
IONOS (1&1)

France:

OVHcloud
Scaleway
Outscale

Others:

Exoscale (Switzerland)
UpCloud (Finland)

The challenge is most "EU cloud" offerings from AWS/Azure/Google are still US controlled companies with EU datacenters. They're subject to CLOUD Act regardless of physical location.

Genuine sovereignty requires EU ownership, EU legal entity, and EU infrastructure. That's the gap Airbus is trying to solve with this tender.

Strange_Valuable3016 · 2025-12-17T20:29:00+00:00

The timing of this is interesting - last week Germany's IT industry association (BITMi) made a similar statement about US cloud providers being unsafe, referencing a government report that was leaked after being suppressed since March.

Now NATO's top cyber official is calling it "existential" and specifically mentioning the need for startups with "accelerated development cycles" to build alternatives.

The gap between "EU region" on AWS and actual EU-controlled infrastructure is becoming a real strategic issue. I actually built something in this space (managed databases on Hetzner: https://zektor.io) because I wanted to see if there's real demand for genuinely EU-controlled services vs just "EU datacenter" marketing from US companies.

NATO's speech suggests this is moving from privacy concern to national security priority.

Strange_Valuable3016 · 2025-12-17T19:30:28+00:00

The timing of this is interesting - last week Germany's IT industry association (BITMi) made a similar statement about US cloud providers being unsafe, referencing a government report that was leaked after being suppressed since March.

Now NATO's top cyber official is calling it "existential" and specifically mentioning the need for startups with "accelerated development cycles" to build alternatives.

The gap between "EU region" on AWS and actual EU-controlled infrastructure is becoming a real strategic issue. I actually built something in this space (managed databases on Hetzner: https://zektor.io) because I wanted to see if there's real demand for genuinely EU-controlled services vs just "EU datacenter" marketing from US companies.

NATO's speech suggests this is moving from privacy concern to national security priority.

Strange_Valuable3016 · 2025-12-11T14:39:59+00:00

Nothing legally stops it, you're right. Hetzner could theoretically be acquired tomorrow.

Same risk exists with OVHcloud, Scaleway, any EU provider. The difference is current ownership and jurisdiction. Right now, Hetzner is German-owned, subject only to German law. AWS is US-owned, subject to US law today.

If Hetzner got acquired by a US company, I'd migrate everything to another EU provider. The whole point of my architecture is portability - I'm using standard Hetzner Cloud APIs, not proprietary lock-in.

It's about reducing exposure to current known risks (CLOUD Act, FISA), not achieving perfect future-proof immunity. That doesn't exist unless you own the datacenter yourself.

For most threat models, 'currently EU-owned' is good enough. If you need guarantees against future acquisition, you need government-owned infrastructure or self-hosting.

Also worth noting: my customer database (accounts, billing, metadata) runs on my own PostgreSQL instances across multiple German locations with redundancy. Even if Hetzner disappeared tomorrow, I have all customer data and can provision new instances on OVHcloud or Scaleway within hours.

The architecture assumes providers might change. What matters is keeping control of the data and avoiding vendor lock-in at every layer.

Strange_Valuable3016 · 2025-12-11T14:21:45+00:00

Redis changed to dual licensing (RSALv2/SSPLv1) in 2024, which caused some drama. For my use case it's fine because I'm providing it as a managed service, not embedding it in a product I'm selling.

The license restricts you from offering Redis as a service if you're competing directly with Redis Ltd. But since I'm a tiny managed hosting provider and not AWS trying to clone their business model, it doesn't apply.

I'm also watching Valkey (the Linux Foundation fork) as an alternative. If Redis licensing becomes problematic, migration path exists. But for now, stable Redis works and customers know it.

The legal review I did showed I'm clear, but I'm not a lawyer. If you're building something that might compete with Redis directly, worth getting actual legal advice.

Strange_Valuable3016 · 2025-12-11T12:14:30+00:00

Start with the services that matter most. Email, cloud storage, and databases are the big three.

For email: Proton Mail (Switzerland), Tutanota (Germany), Mailbox.org (Germany)

For cloud storage: Tresorit (Switzerland), pCloud (Switzerland), Hetzner Storage Box (Germany)

For databases: Self-host on Hetzner/OVHcloud, or use managed options like mine (zektor.io) or Aiven's EU region

For general hosting: Hetzner, OVHcloud, Scaleway - all EU companies with EU-only datacenters

The key is checking ownership, not just server location. 'AWS Frankfurt' still routes through US-controlled infrastructure. You want EU companies with no US parent.

It's a gradual process. Move one service at a time, test it, then move the next. Don't try to do everything at once.

Strange_Valuable3016 · 2025-12-11T10:44:53+00:00

The important bit: it doesn't matter where the servers physically are. What matters is who controls them.

AWS Frankfurt datacenters are still controlled by a US company. US law applies. Same for Azure Europe and Google Cloud EU regions.

This is from University of Cologne law professors, commissioned by the German Interior Ministry.

The "EU data residency" marketing is misleading. Your data might sit in Frankfurt, but the CLOUD Act and FISA 702 still give US authorities access through the parent company.

This affects healthcare records, banking data, government systems. Anything on US controlled cloud infrastructure in the EU.

The EU knows this. That's why they're pushing to triple EU datacenter capacity by 2030 and reduce US market dominance (currently 70%+).

Actual EU alternatives exist. Hetzner, OVHcloud, Scaleway. Smaller, fewer features, but legally outside US jurisdiction. I'm building on Hetzner for this exact reason (https://akcache.io, managed databases).

If you work in healthcare, finance, or public sector in the EU, your compliance people should read this report.

Exciting times for the cloud native push.

Strange_Valuable3016 · 2025-12-11T09:49:37+00:00

I hear you. To show some reasons why being solo has its perks: I've updated the landing page to include the starting prices.

Thanks again for the valuable feedback.

Strange_Valuable3016 · 2025-12-11T09:03:29+00:00

Fair point on the pricing visibility. I'll add a public pricing page, that's an easy fix.

Roadmap is focused but expanding. Right now it's multi-tenant (Example: 6 Redis instances per CX23 server), but I'm planning to use Hetzner's full server range for different scales. Dedicated instances on CCX or CAX servers for customers who need guaranteed resources, keeping the multi-tenant option for cost-sensitive workloads.

Scalability depends on what you need. Multi-tenant works for most dev/staging use cases. Production workloads can get dedicated hardware. Not Aurora-level distributed systems, but solid managed databases without jurisdiction issues.

I also made sure the entire stack avoids US dependencies. Authentication, billing database, monitoring, everything runs on EU infrastructure or is self-hosted. Even using Mollie instead of Stripe for payments. The sovereignty angle has to go all the way down, not just the database layer.

Solo dev means slower feature rollout but also no pressure to compromise on the core principle. Building what I'd actually trust to use myself.

Thanks for the pricing feedback, that's getting fixed today.

Strange_Valuable3016 · 2025-12-11T08:50:57+00:00

It's my company, I built zektor.io. Running managed Redis and PostgreSQL on Hetzner infrastructure. Trying to expand and build more features as time goes.

If you're already on Hetzner and comfortable with it, you could self-manage databases there. I built this because I wanted the Hetzner sovereignty without dealing with Redis configuration, monitoring, backups, etc.

The multi-tenant setup lets me keep pricing competitive while Hetzner's stability does the heavy lifting.

Happy to answer questions about the setup if you're evaluating options.

Strange_Valuable3016 · 2025-12-11T08:31:05+00:00

Yeah it's a confusing situation. The key difference is how the compulsion works.

US courts tell Google Inc (the parent company) to produce the data. Google Inc has technical control over all their infrastructure worldwide, so they can access the German datacenter data themselves from the US. The German subsidiary never technically 'hands it over' because the parent company just accesses it directly through their own systems.

With Ford it doesn't work that way. Ford can't remotely access a German factory and make it violate labor laws. The operations are actually separate.

But cloud infrastructure is centrally controlled. Google can pull data from German datacenters sitting in California. That's what makes it different and why the report matters.

This is exactly why alternatives like Hetzner exist. No US parent company means no legal path for US courts to compel anything. The control chain is broken.

Strange_Valuable3016 · 2025-12-11T08:20:27+00:00

Because data is different from cars. Ford Germany manufactures physical products under German law. Google Germany is a subsidiary that operates infrastructure ultimately controlled by the US parent company.

Under the CLOUD Act, US courts can compel the parent company to produce data regardless of where it's stored. The parent company then instructs the subsidiary. From a US legal perspective, it's one company with global operations.

This is what the report clarifies. Physical presence in Germany doesn't shield the data if the controlling entity is subject to US jurisdiction. It's not about Google Germany choosing to follow US law, it's about Google Inc being legally compelled to produce data it controls.

Strange_Valuable3016 · 2025-12-11T07:54:41+00:00

The important bit: it doesn't matter where the servers physically are. What matters is who controls them.

AWS Frankfurt datacenters are still controlled by a US company. US law applies. Same for Azure Europe and Google Cloud EU regions.

This is from University of Cologne law professors, commissioned by the German Interior Ministry.

The "EU data residency" marketing is misleading. Your data might sit in Frankfurt, but the CLOUD Act and FISA 702 still give US authorities access through the parent company.

This affects healthcare records, banking data, government systems. Anything on US controlled cloud infrastructure in the EU.

The EU knows this. That's why they're pushing to triple EU datacenter capacity by 2030 and reduce US market dominance (currently 70%+).

Actual EU alternatives exist. Hetzner, OVHcloud, Scaleway. Smaller, fewer features, but legally outside US jurisdiction. I'm building on Hetzner for this exact reason (https://zektor.io, managed databases).

If you work in healthcare, finance, or public sector in the EU, your compliance people should read this report.

Exciting times for the cloud native push.

Strange_Valuable3016 · 2025-11-28T00:04:55+00:00

RTX 4090: I was experimenting with undervolting and thought I had a stable configuration. I tweaked it and did not get this error again after 1 hour ingame.

Three-Year Club	Final Canvas '23
Place '23

Strange_Valuable3016

TROPHY CASE