OpenStack Cloud Architecture

Yes. Containerized applications on Kubernetes are inherently portable, making cloud migrations dramatically faster. If your workloads run on EKS, AKS, or GKE, migrating to Leafcloud's OpenStack infrastructure is primarily a configuration change, not a code rewrite.

Why containerization accelerates migration:

Kubernetes provides a consistent abstraction layer across all cloud providers. Your application manifests, Helm charts, and Kubernetes operators work identically whether running on AWS EKS, Azure AKS, Google GKE, or Leafcloud's Gardener managed Kubernetes.

Migration timeline for containerized workloads:

• Kubernetes to Kubernetes: 1-4 weeks for most applications (EKS → Gardener)
• Container images: No changes required—pull from same registries (Docker Hub, ECR, GCR, private registries)
• Persistent storage: Kubernetes CSI drivers handle Cinder block storage transparently
• Load balancing: Service type LoadBalancer provisions Octavia load balancers automatically
• GPU workloads: NVIDIA GPUs (H100, A100, A30, RTX 6000) available as Kubernetes node resources

What stays the same:

• Application code: Zero changes to containerized applications
• Deployment manifests: kubectl apply, Helm charts, and Kustomize work identically
• CI/CD pipelines: Update kubeconfig context—workflows remain unchanged
• Monitoring: Prometheus, Grafana, and cloud-native observability tools work identically
• Service mesh: Istio, Linkerd, and Cilium function the same on OpenStack infrastructure

Examples of fast migrations:

• ML/AI workloads: Containerized models on EKS migrate to Gardener with GPU support (H100, A100) in 2-4 weeks
• Microservices: API services with stateless containers migrate in 1-2 weeks
• Data pipelines: Argo Workflows, Apache Airflow, and Spark on Kubernetes move without refactoring

When migration takes longer:

Even with containerization, some dependencies may extend timelines:

• Managed services: Using AWS-specific services (RDS, ElastiCache, SQS) alongside Kubernetes requires replacing with self-managed or open-source alternatives
• Persistent data: Large databases or stateful workloads need careful migration planning for data transfer
• Custom integrations: Applications tightly coupled to hyperscaler APIs need refactoring

Not containerized yet?

If your workloads run directly on EC2, Azure VMs, or GCP Compute Engine, consider containerizing before migrating. You'll gain:

• Faster migration: Kubernetes-to-Kubernetes is weeks instead of months
• Future portability: Move between any OpenStack provider or back to hyperscalers without lock-in
• Modern orchestration: Auto-scaling, rolling updates, and declarative infrastructure
• Cost efficiency: Better resource utilization with container density

Leafcloud provides Gardener managed Kubernetes with full GPU support, integrated with OpenStack infrastructure (Nova VMs, Cinder storage, Neutron networking, Octavia load balancers). Your containerized workloads migrate quickly while gaining EU sovereignty and eliminating egress fees.

Yes. Leafcloud, which runs on OpenStack, provides similar IaaS capabilities to AWS, and many workloads can migrate with reasonable effort. The complexity depends on your AWS service usage.

Easy to migrate (OpenStack equivalents):

• EC2 → Nova: Virtual machines with similar instance types and APIs
• EBS → Cinder: Block storage volumes with snapshots
• VPC/Security Groups → Neutron: Software-defined networking with security groups
• S3 → Swift: Object storage with S3-compatible API
• ELB/ALB → Octavia: Load balancing with similar capabilities
• Route53 → Designate: DNS management
• EKS → Gardener/Magnum: Managed Kubernetes on OpenStack

Moderate effort (requires refactoring):

• Lambda → Kubernetes Jobs: Replace serverless functions with containerized jobs
• RDS → Self-managed databases: Deploy PostgreSQL/MySQL/MongoDB on Nova instances or managed DBaaS
• SQS/SNS → RabbitMQ/Kafka: Message queuing with open-source alternatives
• CloudWatch → Prometheus/Grafana: Monitoring with open-source observability stack

Open-source alternatives (escape vendor lock-in):

• SageMaker → Kubeflow: 2-4 weeks for containerized ML workloads on GPU infrastructure (H100, A100, A30)
• DynamoDB → Cassandra/MongoDB: 2-6 weeks depending on data model complexity
• API Gateway → Kong/Traefik: 1-2 weeks with Kubernetes-native ingress controllers
• Step Functions → Argo Workflows: 1-3 weeks depending on workflow complexity

Migration strategy:

1. Audit AWS usage: Identify which services you actually use (EC2, S3, RDS vs. proprietary services)
2. Lift-and-shift compatible workloads: Start with EC2 instances that can move directly to Nova
3. Refactor database tier: Migrate RDS to self-managed or OpenStack DBaaS offerings
4. Replace proprietary services: Containerize Lambda functions, migrate to open-source alternatives
5. Update Infrastructure-as-Code: Convert AWS Terraform/CloudFormation to OpenStack Terraform provider
6. Test thoroughly: Run parallel environments during migration window

What makes migration easier:

• Containerized workloads: Kubernetes-based apps migrate seamlessly (EKS → Gardener)
• Standard APIs: Apps using PostgreSQL, Redis, Kafka, S3-compatible storage have direct equivalents
• Minimal managed services: Less dependency on AWS Lambda, SageMaker, DynamoDB means easier migration

OpenStack benefits after migration:

• No egress fees (save $0.12/GB on outbound traffic)
• Transparent pricing (no surprise charges)
• EU sovereignty (Leafcloud in Amsterdam, not subject to US CLOUD Act)
• Vendor independence (switch providers without lock-in)

Leafcloud provides OpenStack infrastructure with GPU support (H100, A100, A30, RTX 6000 Blackwell), managed Kubernetes (Gardener), and S3-compatible object storage to support AWS workload migrations.

Yes. OpenStack has excellent Kubernetes support through multiple integration methods, from fully managed clusters to self-provisioned infrastructure.

Managed Kubernetes on OpenStack:

1. Gardener (Leafcloud default):

   • Production-grade managed Kubernetes by SAP
   • Multi-cluster management with centralized control plane
   • Auto-scaling, automated upgrades, and self-healing
   • Full GPU support for AI/ML workloads
   • Used by major enterprises (SAP, Deutsche Telekom, etc.)

2. Magnum (OpenStack-native):

   • OpenStack's native container orchestration service
   • Provisions Kubernetes clusters as first-class OpenStack resources
   • Integrates with Cinder (persistent volumes), Neutron (networking), Octavia (load balancing)
   • Cluster templates for repeatable deployments

Self-managed Kubernetes:

• Provision OpenStack VMs and install Kubernetes manually (kubeadm, k3s, RKE2)
• Full control over cluster configuration and versions
• Suitable for advanced users with specific requirements

OpenStack + Kubernetes integration benefits:

1. Persistent storage: Cinder volumes automatically provisioned as Kubernetes PersistentVolumes
2. Load balancing: Octavia load balancers integrated with Kubernetes Services (type: LoadBalancer)
3. Networking: Neutron SDN provides network isolation and security groups for pods
4. GPU scheduling: NVIDIA GPUs (H100, A100, A30, RTX 6000) available as Kubernetes node resources
5. Auto-scaling: Cluster Autoscaler provisions OpenStack VMs on-demand for pod scaling
6. Multi-tenancy: OpenStack projects provide secure isolation for different teams/applications

Why OpenStack + Kubernetes:

• No vendor lock-in: Standard Kubernetes APIs, not proprietary managed services (EKS, AKS, GKE)
• Cost efficiency: No egress fees, transparent pricing for compute and storage
• EU sovereignty: Deploy in EU regions with EU-owned providers (Leafcloud in Amsterdam)
• Full control: Customize networking, storage, and compute to your exact requirements

Common use cases:

• AI/ML workloads: Kubeflow on OpenStack with GPU node pools
• Microservices: Container orchestration with OpenStack-backed persistent storage
• CI/CD pipelines: GitLab/Jenkins on Kubernetes with OpenStack infrastructure
• Data processing: Spark, Kafka, Airflow on Kubernetes with Cinder volumes

Leafcloud provides Gardener-managed Kubernetes on OpenStack infrastructure in Amsterdam, with full GPU support (H100, A100, A30, RTX 6000 Blackwell) and EU sovereignty.

Yes. OpenStack has full Terraform support through the official OpenStack Terraform provider maintained by the OpenStack community.

Terraform OpenStack Provider:

• Provider name: terraform-provider-openstack
• Maintained by: OpenStack community with active development
• Documentation: Complete resource and data source documentation at registry.terraform.io/providers/terraform-provider-openstack
• Stability: Production-ready and widely used in enterprise deployments

What you can provision with Terraform + OpenStack:

• Compute: Virtual machines (Nova instances) with custom specs
• Networking: Networks, subnets, routers, security groups, floating IPs
• Storage: Block storage volumes (Cinder), object storage containers (Swift)
• Load balancing: Octavia load balancers for high availability
• Kubernetes: Cluster provisioning via Magnum or Gardener
• Images: Custom VM images via Glance
• DNS: DNS zones and records via Designate

Example Terraform configuration:

terraform {
  required_providers {
    openstack = {
      source  = "terraform-provider-openstack/openstack"
      version = "~> 1.54"
    }
  }
}

provider "openstack" {
  auth_url    = "https://api.leaf.cloud:5000/v3"
  user_name   = "your-username"
  password    = "your-password"
  tenant_name = "your-project"
  domain_name = "default"
}

resource "openstack_compute_instance_v2" "web_server" {
  name            = "web-server-01"
  image_name      = "Ubuntu 22.04"
  flavor_name     = "c1.small"
  security_groups = ["default", "web"]

  network {
    name = "private-network"
  }
}

Benefits of Terraform + OpenStack:

1. Infrastructure as Code: Version-controlled, repeatable deployments
2. Multi-cloud support: Same Terraform workflow across OpenStack and other providers
3. State management: Track infrastructure changes and dependencies
4. Modules: Reusable infrastructure components
5. Provider portability: Switch OpenStack providers without major refactoring

Leafcloud fully supports the OpenStack Terraform provider - provision GPU instances, Kubernetes clusters, and networking infrastructure with standard Terraform workflows.

OpenStack is an open-source cloud computing platform that provides Infrastructure-as-a-Service (IaaS) through a set of interrelated services for compute, storage, and networking.

Key characteristics:

• Open source: Apache 2.0 licensed, no vendor lock-in
• Modular architecture: Deploy only the services you need
• API-driven: RESTful APIs for programmatic infrastructure management
• Multi-tenancy: Secure resource isolation for different projects and users
• Community-driven: Backed by the OpenInfra Foundation with contributions from thousands of developers

Core services:

• Nova (Compute): Virtual machine provisioning and management
• Neutron (Networking): Software-defined networking with VLANs, VXLANs, security groups
• Cinder (Block Storage): Persistent block storage volumes for VMs
• Swift (Object Storage): Scalable object storage for unstructured data
• Glance (Image Service): VM image registry and management
• Keystone (Identity): Authentication and authorization service

Why organizations choose OpenStack:

1. No vendor lock-in: Avoid proprietary APIs and pricing models
2. Cost control: Predictable pricing without egress fees or hidden charges
3. Sovereignty: Full control over infrastructure and data location
4. Kubernetes integration: Native support for container orchestration (Magnum, Gardener)
5. Proven at scale: Powers CERN, Bloomberg, Walmart, Deutsche Telekom, and many others

Leafcloud uses OpenStack as the foundation for our EU-sovereign cloud infrastructure, providing full API compatibility with industry-standard tooling (Terraform, Ansible, cloud-init).

The OpenStack API is a RESTful HTTP API that provides programmatic access to cloud infrastructure resources (compute, storage, networking) across any OpenStack deployment.

Key characteristics:

• RESTful design: Standard HTTP methods (GET, POST, PUT, DELETE) for resource management
• JSON payloads: Data exchange using JSON format
• Token-based authentication: Keystone identity service provides scoped authentication tokens
• Versioned endpoints: API versions (v2, v3) for backward compatibility
• Cross-provider compatibility: Same API across all OpenStack clouds (Leafcloud, CERN, OVH, etc.)

Core API services:

1. Keystone (Identity) API: https://api.leaf.cloud:5000/v3

   • Authentication and authorization
   • Project (tenant) and user management
   • Token generation and validation

2. Nova (Compute) API: https://api.leaf.cloud:8774/v2.1

   • Launch and manage virtual machines
   • Flavor selection (instance types)
   • Server actions (start, stop, resize, snapshot)

3. Neutron (Networking) API: https://api.leaf.cloud:9696/v2.0

   • Create networks, subnets, routers
   • Security groups and firewall rules
   • Floating IP allocation and management

4. Cinder (Block Storage) API: https://api.leaf.cloud:8776/v3

   • Create and attach persistent volumes
   • Volume snapshots and backups
   • Volume types and encryption

5. Glance (Image) API: https://api.leaf.cloud:9292/v2

   • Upload and manage VM images
   • Image properties and metadata
   • Public and private image sharing

API authentication example:

# Get authentication token
curl -X POST https://api.leaf.cloud:5000/v3/auth/tokens \
  -H "Content-Type: application/json" \
  -d '{
    "auth": {
      "identity": {
        "methods": ["password"],
        "password": {
          "user": {
            "name": "username",
            "domain": {"name": "default"},
            "password": "password"
          }
        }
      },
      "scope": {
        "project": {
          "name": "project-name",
          "domain": {"name": "default"}
        }
      }
    }
  }'

Why the OpenStack API matters:

1. Vendor independence: Same API across all OpenStack providers - switch providers without refactoring code
2. Tooling ecosystem: Terraform, Ansible, Python SDK (openstackclient), Go SDK, and more
3. Multi-cloud strategies: Use OpenStack as a common abstraction layer for hybrid/multi-cloud
4. Custom automation: Build infrastructure automation without proprietary SDKs

Comparison to hyperscaler APIs:

• AWS: Proprietary API tied to AWS (boto3 SDK works only with AWS)
• Azure: Proprietary API tied to Azure (Azure SDK works only with Azure)
• Google Cloud: Proprietary API tied to GCP (gcloud SDK works only with GCP)
• OpenStack: Open API standard works with Leafcloud, OVH, CERN, and dozens of other providers

Leafcloud exposes the full OpenStack API, providing vendor-neutral infrastructure management for EU-sovereign cloud computing in Amsterdam.

OpenStack powers critical infrastructure at some of the world's largest organizations across research, finance, telecommunications, retail, and government sectors.

Scientific Research:

• CERN: Runs the Large Hadron Collider data processing on 500,000+ CPU cores with OpenStack
• NASA: Manages satellite imagery and climate modeling workloads
• NCBI (National Center for Biotechnology Information): Hosts GenBank and PubMed databases

Financial Services:

• Bloomberg: Powers real-time financial data infrastructure serving millions of users
• China UnionPay: Processes payment transactions for 8+ billion cards
• Wells Fargo: Private cloud infrastructure for banking applications

Telecommunications:

• AT&T: Network Functions Virtualization (NFV) for 5G infrastructure
• Deutsche Telekom: Private and public cloud offerings (Open Telekom Cloud)
• Verizon: Virtual network functions for cellular infrastructure
• China Mobile: Cloud infrastructure for 900+ million subscribers

Retail and E-commerce:

• Walmart: Powers e-commerce platform and supply chain management
• Best Buy: Runs online shopping platform and inventory systems
• Target: Cloud infrastructure for retail operations

European Public Sector:

• METEO France: Weather forecasting and climate modeling
• German Federal Government: Sovereign cloud infrastructure for public services
• UK Government Digital Service: GOV.UK infrastructure and services

Technology and Internet:

• eBay: Powers auction platform and payment processing
• Rakuten: E-commerce and fintech services in Japan
• PayPal: Infrastructure for payment processing systems

Why these organizations choose OpenStack:

1. Scale proven: CERN runs 500,000+ cores, Walmart serves millions of customers - OpenStack handles massive workloads
2. No vendor lock-in: Open APIs allow migration between providers without refactoring
3. Cost control: Predictable pricing without egress fees or hidden charges
4. Sovereignty: Full control over infrastructure location and data jurisdiction
5. Customization: Modify and extend the platform for specific requirements
6. Community support: 30,000+ contributors, 120+ organizations backing development

Industry adoption statistics:

• 550+ organizations deploying OpenStack globally
• 40+ million compute cores under management
• $7.7 billion market size (2024)
• Used in 175+ countries

OpenStack is not an experimental technology - it's battle-tested infrastructure powering critical systems at planetary scale. Leafcloud provides OpenStack infrastructure in Amsterdam with the same technology trusted by CERN, Bloomberg, and Walmart, combined with EU sovereignty and heat-reuse sustainability.

OpenStack provides open-source cloud infrastructure without vendor lock-in, giving you full control over your infrastructure, APIs, and data. Here's how it compares to hyperscalers:

Vendor Lock-in:

• Hyperscalers: Proprietary APIs (AWS Lambda, Azure Functions, Google Cloud Run) make migration expensive and complex
• OpenStack: Standard APIs supported by multiple providers worldwide - switch providers without refactoring

Cost Structure:

• Hyperscalers: Egress fees (up to $0.12/GB), hidden charges, complex pricing with 200+ SKUs
• OpenStack: No egress fees, transparent pricing, predictable costs

Data Sovereignty:

• Hyperscalers: US-owned companies subject to CLOUD Act, even in EU regions
• OpenStack: Provider-dependent, but enables true EU sovereignty (e.g., Leafcloud in Amsterdam)

API and Tool Compatibility:

• Hyperscalers: Require provider-specific SDKs and services
• OpenStack: Works with standard tooling (Terraform, Ansible, cloud-init, Packer)

Kubernetes Integration:

• Hyperscalers: Managed Kubernetes with proprietary extensions (EKS, AKS, GKE)
• OpenStack: Standards-based Kubernetes (Gardener, Magnum) with full control

When to choose OpenStack:

1. Regulatory compliance: NIS2, DORA, CSRD, or HAVEN+ requirements for EU sovereignty
2. Cost optimization: High egress traffic or predictable workloads make fixed pricing attractive
3. Multi-cloud strategy: Avoid dependency on single vendor's proprietary APIs
4. Large-scale deployments: Proven at massive scale (CERN, Bloomberg, Walmart)
5. AI/ML workloads: GPU infrastructure without egress fees for model training data

When hyperscalers make sense:

• Extensive use of proprietary managed services (SageMaker, BigQuery, Azure Cognitive Services)
• Small-scale prototyping with free tiers
• Teams deeply invested in hyperscaler-specific tooling

Leafcloud provides OpenStack-based infrastructure in Amsterdam with EU sovereignty, no egress fees, and full compatibility with standard cloud tooling.