A coherent European/non-US cloud strategy: building railroads for the cloud economy
In the earlier post ‘But how to get to that European cloud?’ I alluded to a coherent strategy that might get us to such a non-US cloud. In the present article I hope to clarify what this could mean, and why I think it could work. Here I focus especially on what should happen concretely, and who should do it. Note that this page is compatible/congruent with the latest EuroStack document.
This document will continue to be updated as feedback comes in, so do check back later! Meanwhile I’d already like to thank the large cast of contributors, proof readers, sounding boards, thank you! These posts would not be possible without your help.
The concrete problem is that right now European companies and governments:
- In practice do not want to use anything other than their current American cloud provider
- And often also can’t use anything else since they currently rely on services only Americans offer
Both points should be addressed, obviously in reverse order. It makes no sense to force/stimulate people to use solutions that do not in practice exist.
Regarding point 2, there are people who claim that the European cloud has no feature gap compared to the US. These people are being overly clever with definitions. There are multiple kinds of cloud services, as outlined in the piece The (European) cloud ladder: from virtual server to MS 365. Crucial and industry standard kinds of cloud services simply do not have exact work-alikes from European providers.
Anyone who is in denial over this is not contributing to a solution. No one should be saying “just use cloud x as alternative to AWS/Google/Azure”. There is no “just” here. Right now, significant rework is required to migrate to European alternatives. This is because lots of places have allowed themselves to be locked in to highly proprietary hard to disentangle cloud services. It is not even possible to swiftly migrate modern projects from one US cloud to another one. Let alone to a European cloud that works significantly differently and offers fewer native services.
Meanwhile, there are people that say the gap is SO large we should not even be attempting to plug it. This is also not true. Europe is good with certain kinds of cloud services, and we should build on those (as I’ll outline below). And the things we are good at already, with skilled workers, allow for the provision of great services - but not in the same way that the big US cloud providers make this happen. And this is the challenge. This is the gap we should bridge.
We should do something
“We” need to address points 1 and 2 from above in order to get Europe at least somewhat sovereign again, so it can process its own citizens’ data without the need for US permission, and without the need to give the US access to all our secrets, documents and files. It would also be lovely for our local economies if we could buy our services locally & could escape already promised US price rises.
In the previous paragraph I put “we” between quotes since we can’t just say Europe should invest in better clouds. For one, Europe is a geographical region and a land mass can’t do anything. Furthermore, even Europe’s institutions and countries can’t just will or invest a better cloud into existence.
Any prescription for the future should therefore concretely say who should do what.
This is not easy. Europe’s traditional methods are not well suited to this problem. Helicopter money by supplying large amounts of funds (compare Horizon Europe) is unlikely to lead to the kind of innovation we want. While the various IPCEI projects are a step in the right direction, we again see lots of consortia mostly talking and writing.
Similarly, impressive EU programs like Galileo and Copernicus have delivered wonderful things, but are very much projects with 10 - 15 year road maps, where you know exactly where you want to go. Our current cloud challenge is nothing like that.
We need different methods to improve our situation. In what follows I present a coherent strategy, one composed of many ’no regrets’ actions. Things that will move us in the right direction anyhow. Yet the full effect will of course only be achieved if everything happens in concert.
This page is rather Europe-centric, but from Canadian, Australian and New Zealand contacts, I gather the concerns there are very similar, and it seems likely we could band together.
There are a few existing initiatives that say similar things, like for example today’s document ‘Deploying the EuroStack: what’s needed now’
Why not just build another Amazon/Google/Azure?
In brief, it is tempting to “just” build a hyperscaler. Some companies do claim they are doing this, or even claim they are already there. I’m not aware however of any credible initiative that is getting traction. Specifically, STACKIT (part of Schwartz Digits, also known as the “LIDL Cloud”) is sometimes positioned as a European hyperscaler. Yet it is nothing like that. This is partially due to incorrect assumptions from the market, much helped by an aggressive STACKIT PR pitch.
Also, even with all the will and money in the world, it is a stupendous challenge to recreate the existing hyperscalers 1:1. It is also debatable if we should even want to replace one economic behemoth by another carbon copy.
Finally, there is no obvious organization or company where one could “order” such a hyperscaler from. We can’t procure ourselves out of this problem.
The coherent strategy
To recap, in the previous post I suggested a European strategy, here represented somewhat more concretely:
- The EU must communicate in word and deed that European privacy standards will eventually be enforced, making the use of U.S. cloud services increasingly uncertain—especially for sensitive personal data (Article 9 GDPR).
- Governments should actively signal a genuine willingness to do business within Europe. Be prepared to take a creative approach to procurement and use WTO GPA Article III exceptions for privacy and security (if not now, then when?). Also, recognize that the US itself no longer believes in the WTO—so let’s not use WTO rules just to do them a favor!
- Government agencies must hire (and properly pay) people who have deep industry knowledge. That’s the only way to develop effective industrial policies. Also, start doing more projects in-house without relying on consultants or external procurement—nothing teaches you more than hands-on experience.
- Work with experts to identify key cloud functionalities that do not yet have strong open-source implementations, then commission their development or improve existing software. Follow these principles to ensure the results are well-documented, standardized, secure, and easy to use. Germany’s Sovereign Tech Agency demonstrates one way how this can be done effectively.
- At the EU level, commission the development of key services like “Eumail,” “Eutube,” and a European alternative to Google Docs. Encourage the use of software from point 4 and support providers that embrace these solutions.
- Follow an “Airbus model”: use procurement policies to encourage the consolidation of the European industry—something made easier if the software from point 4 sees widespread adoption.
- Take legal action based on point 1 to show that enforcement is serious.
- Establish local copies of the successful German SPRIND agency to further actual innovation.
- In the event of a trade war, consider imposing import tariffs on U.S. cloud services.
- Move government/sensitive services that do not rely on US-only services to local cloud providers.
- Make sure universities, colleges and vocational schools stop teaching students exclusively about US-based cloud services!
Some of these steps (such as points 3, 4, and 8) are good ideas regardless. Others only make sense as part of a broader, coherent package. For example, it wouldn’t make much sense to pursue legal action (point 7) to force companies to switch to alternative providers if those providers don’t yet exist.
Now, there are many reasons why the points above would ordinarily be impossible. Massive state sponsorship for industry, disregarding/fighting WTO rules etc. But do recall that we live in tremendously weird times. Extraordinary things are now conceivable.
Also, note that this is of course not the only possible strategy. However, we can’t also do ‘business as usual’ and expect to end up with a European cloud. We can’t “Horizon Europe” or “ReArm Europe” this. Nor can we reuse the Copernicus or the Galileo playbooks - these plans have had admirable results, but the cloud situation is much more complex, dynamic and diverse.
For more detail, it might be worth at this point to take a(nother) look at the post But how to get to that European cloud? before continuing with this article.
Photo by Christian Lue on Unsplash
Specifically on point 4: building out cloud capabilities
As outlined in the earlier post “The (European) cloud ladder: from virtual server to MS 365” the cloud is not just one thing.
Some cloud services are very well represented in Europe (like network bandwidth, renting server capacity or storage). So well represented in fact that Americans come buy these services from us.
Other cloud services however are harder to find in Europe. Or sometimes can’t be found at all. Yet European companies and governments are moving to such proprietary US-only services in droves. To get back in the game, we need to plug these gaps and make sure we offer such services here as well.
Right now, companies and governments are unwilling and often practically speaking unable to base their services on European cloud providers. With some effort, we could improve on this. At that point, we’re only left with governments and companies that are unwilling to use something else. But at least they could. And legislation/trade wars might make them want to.
Great cloud services require:
- Excellent hardware/networking/storage underneath
- Software that is ready to scale & sell
- Integration in a service/provisioning/support platform
In Europe we have ‘1’ covered. Companies like Hetzner, Leaseweb, IONOS, OVH and others do this very well.
Interestingly, even Amazon/Google/Azure base many of their services on existing open source products, like for example PostgreSQL. They also invest heavily in these products.
To get to a European cloud that we like, the following plan seems almost trivially simple:
- Identify the most important must-have cloud services that we lack
- Determine if there is existing open source software that comes somewhat close
- Through agencies, institutes, NGOs, give open source programmers their dream job by paying them to scale up and improve that software so it is ready to power cloud services with
- Similarly, get people to work on documentation, scaling, production testing, hardening of this software
- Make standard, interoperable, profiles of how the selected services from 1 can be sold
- Stimulate European companies to deliver great cloud services using the software perfected in steps 1 through 5
These steps will allow existing IT service companies to become credible cloud suppliers, by basing their services on improved, tested and documented software, that runs on the quality existing hardware platforms that we have in Europe. This will still require a lot of (integration) work though.
Regarding point 3, it is good to know that European developers are lining up to do this job. I recently gave a talk on digital autonomy and during that talk multiple people messaged me “when can I start”.
It may be good to know that (say) 100 million euros is an historically almost unimaginably large amount of money for this kind of work. Yet on the scale of other stimulus packages, it is peanuts. Even billions of euros would be small fry. But even at these modest funding levels miracles could occur. We already have places that can make things like this happen.
The software does not specifically have to be open source, but if we want to cooperate and count on the huge enthusiasm and talent that exists in Europe, it is a tremendous help. It is far harder to collaborate on closed source proprietary solutions. You tend to spend a lot of time with lawyers and negotiators instead of developing software!
Regarding point 4, much software is “ok” but we might want to spend as much effort on improving the software as on testing, scaling and documenting it!
Regarding point 5, GAIA-X and other attempts have failed miserably at creating such standards by falling into the trap of trying to make something universal that will work for everyone, forever. With these profiles I mean something much simpler. For example, for a web hosting service, it could be “this is how you supply the certificates, this is how you upload the files, this is how you configure access control lists”. This is still going to be hard work, but it is also going to be practical.
And this is really important - such standardized services would fit very well with the world of procurement. They would break open a whole world. Lots of places simply need a rock solid database. If you offer that as a service in a standardized way, business will happen.
Note that standardized services does not mean standardized software. There is no need for everyone to run the exact same software!
This activity could perhaps be compared to the government practice of funding railroad lines to remote areas to make them economically attractive. No single company could create such a railroad on their own. But a government can do such investments which eventually benefit everyone.
And in this way by improving, testing, documenting & modifying software so it becomes a great base for modern cloud operations, governments and companies could together build the railroads on which a non-US cloud economy can run.
An example
The idea outlined above is to create a portfolio of cloud-service-ready software that lots of companies could then turn into great cloud services, based on existing hardware/storage/network capabilities.
Interestingly, something very similar has happened once already. Classic web hosters and Wordpress hosters have benefited from this exact same scenario. Everyone can become a web hoster, based on webserver Nginx or something similar. Everyone can host Wordpress. It is a great way to get into business. The software is ready for you. You “only” need to run it at scale.
These two services have of course been commoditized, but you can still run a billion euro business based on such services.
If we help create similar gold standard open source software for the most important cloud service, like key-value stores, S3-like services, AWS Cognito customer IAM (or IAM in general), we deliver a fertile landscape on which service companies could grow.
Specifically, MS 365
As noted, the cloud is not just one thing. It consists of servers, network, storage, hosting. And on top of that the more advanced services that we don’t have European work-alikes for.
But beyond that, we have the MS 365 problem. This is a complete office environment as a service, to which almost everyone is getting locked in.
For now, trying to recreate all of MS 365 is a losing proposition. There is so much functionality and lock-in in there that we can’t credibly replace their “entire IKEA catalog” in short order, and no one should be claiming they can do so.
However, that we can’t supply all the zillion frills from MS 365 does not mean we can’t offer credible other cloud services. Incidentally, we may also wonder if such an “integrated everything solution” that is the very definition of lock-in is a good idea in the first place.
Meanwhile, governments could insist that MS 365 becomes more interoperable, for example by demanding that Microsoft stops dropping email from random but important email suppliers. Or that calendering can interact with non-Microsoft platforms.
Can the existing hosters turn into full cloud service companies?
We’ve previously looked at the server/compute/hosting champions we do have in Europe. As I wrote earlier, these sell high quality wood to a world that increasingly wants furniture.
Some of these champions could make the jump into becoming full service cloud providers.
However, this is not a given. Companies typically have a very hard time changing business models. The hosting business model is by now well known, and the operators have become good at it. It is capital heavy, it rewards clever hardware planning. It is all about the economics and making sure you make money. Hosting/server companies typically do employ a bunch of software developers to make the internal services work well.
However, the cloud services business model is completely different. Providing 24/7 hardware support is of course not easy, but modern platforms make it possible to shift workloads away from hardware problems. At night, a typical hoster will have a few people on call to do this kind of thing.
Selling services however requires very different staff to be on call 24/7. And making sure you don’t get these calls at night also requires person-decades of software development work up front. Software is in that case no longer a side-show that orchestrates everything. The software IS the show! These developers might also be three times as expensive as existing staff.
Can you fix the database if it hoses itself at 3AM? Can you deal with the user account creation service getting blocked by Google over the weekend? Do you even want to?
I worry that the skills that make a company great at renting out server capacity are very different from the skills of being a 24/7 software partner. I’m not confident that hosters will successfully make this transition, or if they’d even truly want to.
It may however be possible for some large scale hosters to create (or buy!) a separate company that can do these things.
Who else?
There are lots of places already providing 24/7 software services to a limited number of customers. Some of these places are very large even. And they already have the required skill set.
And these services companies could very well build on the existing European hosting/server/compute/network/storage companies (Hetzner, Ionos, Leaseweb, OVH, those kinds of places).
The services companies have another mindset change coming up though. Modern cloud users require services that just appear. No need to get on the phone or fill out forms or go through an intake.
As a case in point, for weeks now I’ve been attempting to become a customer of the Telekom Open Cloud. But we’re still stuck in paper work somehow.
If you are an organization that is used to customer intimacy, it may hurt to do away with all that and get customers through an API. Yet this is a relatively small step to take compared to retooling your entire company from hardware to software, which is that the hosters would have to do.
And how?
It is great to offer services, but we also need business. In the coherent strategy I outlined above there is a lot of government spending on getting services that we so desperately need in Europe. Such spending could credibly bootstrap this nascent industry.
In addition, governments should also execute the other parts of the strategy. Stop procuring services that can only be delivered by hyperscalers. If European companies offer the required services, make sure that they can actually win your business.
Although individual parts of the coherent strategy do deliver some benefit on their own, it is vital to see the bigger picture. Currently governments and companies would not even want to use European cloud alternatives even if they were good. The inertia is too large. The coherent strategy also has parts that address this problem, and they should happen too. This could be as straightforward as actually enforcing the existing legislation (like GDPR, CRA, DMA, DSA, AI Act etc).
Summarizing
Europe has ample compute capacity and skills. There is lots of software around that could be improved and strengthened so it is a natural base on which to build great cloud services. Full scale service companies could use this software and run it on the existing server capacity we have here in Europe. And combined, this means that the most important cloud services are then no longer an exclusive US affair.
Governments can bootstrap this business by ordering up much needed services, and opening up procurement to capable European service providers.
The investment to upgrade the existing software to production status will be large from the software development world perspective (‘100 million euro scale’), but this is absolutely tiny compared to other projects.
Such an investment could be likened to creating the railroads on which a non-US cloud economy could grow.
If the services provided deliver standardized profiles, interoperability becomes a thing, and customers could actually procure services and have a choice.
Key to this is to not get stuck writing the ultimate standards for everyone. It has to work. Perfect is the enemy of good here. It has to deliver.
Also, the carrot won’t be enough to make Europe sovereign again. We must have our own technology under our own control, but we must also make sure that it gets used. And this too will require work, like upholding our existing legislation and acts.
Good luck!