jani@raatti:~ $ cat ~/blog/europe-has-datacenters-it-needs-a-cloud.md
---
title:

"Europe Has Datacenters. It Needs a Cloud."

date: 2026-07-14
author: jani
categories: [Cloud]
reading_time: 17 min
cover: "eu-cloud-featured.jpg"
---
A dark circuit-board map of Europe traced in glowing gold, with data cables running west across the Atlantic toward North America and a burnt scorch mark where the transatlantic link frays.

On June 29th the US Supreme Court decided, in Trump v. Slaughter, that the FTC answers to the president after all. Interesting constitutional law, not my department. What is my department: the EU-US Data Privacy Framework leans on the FTC being independent, the European Commission mentions that independence 259 times in the adequacy decision, and Max Schrems has already loaded the third torpedo. Safe Harbor sank in 2015. Privacy Shield sank in 2020. If you are keeping score at home, transatlantic data frameworks now get deprecated on roughly the same schedule as Google messaging apps, and with about the same amount of warning. The difference is that nobody has to re-architect their compliance posture every time Google retires another chat client.

The short version. Europe has world-class datacenters and cannot assemble them into a public cloud you could actually move onto. I checked: 49 European providers, 31 features, 18 DevOps ecosystem signals, 491 sourced claims. The pattern repeats everywhere. The compute is fine, the managed-service layer above it is thin, the tooling ecosystem is half-built, and there is no European answer to Cloudflare Enterprise at any grade. Most comparisons stop at the feature catalog; this one measures the layer a DevOps team lives in, whether the Terraform providers, autoscalers, and cost tools that make a cloud usable without in-house glue exist at all, because that is where Europe is thin and where nobody else is looking. If the data bridge falls a third time, you cannot lift and shift to Europe today. You can assemble a patchwork. This is exactly what that patchwork looks like, with numbers instead of vibes.

That is the version for people who decide budgets. Now that the CTOs have their soundbite and wandered off to a meeting, the rest of us, the ones who will have to run this, can get into the details.

The adequacy decision is still in force and the lawsuit will take years, so this is not a fire alarm. It is a good moment to ask the question every European architect has been postponing since 2015: if we had to run on European infrastructure, could we?

One idea sits under everything that follows, so it is worth stating plainly. Sovereignty is not about where the software was written or where the servers are bolted down. It is about whose courts can compel the company that operates them. An EU subpoena stops at the EU border. A US subpoena follows an American parent company wherever its servers happen to sit, which is the whole reason three data-transfer frameworks in a row have buckled. Every category in this article is really one question wearing different clothes: which legal system can reach in and take the data.

Finland makes the principle concrete. AWS holds a PiTuKri attestation across 183 services, which means a US hyperscaler can pass Finland’s own national cloud-security criteria while staying exactly as reachable by a US subpoena as before. Only the strictest classified tier hard-bars foreign-authority access; the rest is security assurance, not jurisdiction, and the two get conflated constantly. A security certificate is not a sovereignty guarantee, and Finland seems to agree: it is replacing PiTuKri with a new national criteria library begun in 2025.

So I checked, every claim carrying its own source and no vendor paying for the answer. Here is what survived contact with evidence.

Finding one: the schema does not lie

Marketing pages negotiate. Terraform provider schemas do not. My audit script pulls every resource type a provider exposes through its Terraform provider and buckets them into capability categories. If your schema has instance, network and volume and nothing else, you sell VM rental. If it has rdb_instance, mnq_queue, function and iam_policy, you sell a cloud.

Highlights from the machine, verified by humans afterwards:

Scaleway confirmed 25 of 31 features, the strongest EU-native result, including SQS-compatible queues with FIFO and dead-letter support. It also got selected for the European Commission’s €180M sovereign cloud framework this year, so someone in Brussels reads schemas too.

OVHcloud, Europe’s revenue leader at a verified €1.084B, confirmed 21. It has the broadest managed database list in Europe and still no general-purpose serverless platform. To be fair, serverless does exist at OVH if you enter through the AI aisle: AI Endpoints is a serverless inference API by its own description, and AI Deploy will happily run any Docker container with autoscaling and per-minute billing, provided you are comfortable calling your web app a model. Meanwhile the general-purpose serverless container product has been an open ticket on OVH’s public roadmap since 2021. The revenue champion and the capability champion are different companies, which no ranking ever tells you.

Open Telekom Cloud topped everything at 27 of 31. It also still runs on a Huawei-built OpenStack fork from 2016, with roughly 30% of servers carrying Huawei components and no public removal timeline. The concern here is not that the technology is Chinese. Open source forks, and hardware is hardware. The concern is a single-vendor dependency sitting under the infrastructure, on a vendor squarely in the crossfire of export controls and sanctions. Sovereignty is about whose laws can reach your data, and a supply chain that one export ruling can sever is a thread worth pulling. T-Systems CEO Ferri Abolhassan calls the concern a “pseudo-discussion.” I admire the confidence.

Hetzner confirmed 11, which sounds like an insult until you look at the ecosystem side, where it turns into the plot twist.

And the funniest one: the open-source world already ran this experiment. OpenStack’s healthy projects are compute, networking, storage and identity. Its DBaaS, messaging, and functions projects all stagnated or got retired. The community, with no CLOUD Act and no excuses, hit exactly the same wall as Europe’s providers: the bottom of the stack is buildable in the open, the managed service layer apparently is not.

Finding two: it’s not a real cloud until DevOps has tools for it

Here is my actual thesis, and you can have it for free: a cloud is not real for practitioners until the standard toolchain supports it without writing glue in-house. The provider’s catalog is half the story. The other half is whether somebody else already maintains the integrations.

The audit results are gloriously mixed. Upstream cluster-autoscaler ships cloud providers for Hetzner, Scaleway, OVH, Exoscale and IONOS. external-dns covers nine EU providers. Scaleway and Hetzner maintain their own Ansible collections, and several more EU providers have been upstreamed into community.general, the shared collection that ships with nearly every Ansible install. In ecosystem terms that is adoption, not charity: the community chose to maintain them. Crossplane adds an official Scaleway provider and community ones for a few others, still more than DigitalOcean can say. The Kubernetes ecosystem, bless it, has quietly adopted Europe.

Then you leave the k8s bubble. cert-manager’s core DNS01 solvers: Route53, CloudDNS, AzureDNS, Cloudflare, DigitalOcean, Akamai. European providers in the core list: zero. Community webhooks or nothing. Velero first-party backup plugins: AWS, Azure, GCP. Infracost, the cost-estimation tool: AWS, Azure, GCP, full stop. I predicted zero EU coverage before checking, and I have rarely been so annoyed to be right. Even the tooling that tells you what your infrastructure costs assumes your infrastructure is American.

This is what hyperscaler lock-in comes down to. Not the services. Ten thousand integrations that other people maintain for free. Every missing integration is a line item in somebody’s platform team budget, forever. Which is why Hetzner, with its 11 features, is a real DevOps cloud (official CCM, CSI, upstream autoscaler, an ecosystem that borders on a fandom), while a telco cloud with a fat service catalog and no Terraform provider is a very expensive appliance.

Finding three: nobody can even measure this market

The plan was simple: map every EU provider with €100M+ in cloud revenue. The plan survived. My assumptions did not. Europe turns out to be littered with big providers offering too little and small providers offering nearly everything, and being small and efficient is not a crime. The €100M filter measures invoicing, not capability, and the first thing it caught was the revenue math itself.

IONOS reports roughly €1.3B in revenue. Sounds like a European cloud champion. Then you open the FY2025 filing and find the actual “Cloud Solutions” segment: €187.0M. The headline number overstates the cloud business by roughly a factor of seven; the rest is hosting and domains. Schwarz Digits reports €1.9B, which includes cybersecurity and, delightfully, Lidl’s e-commerce. Scaleway’s revenue hides inside iliad’s group accounts and has not been broken out since 2022. Hetzner publishes nothing at all, in the grand German family-business tradition, while quietly operating one of Europe’s largest networks: its own product pages state 47.15 Tbit of total bandwidth (up from 5.27 Tbit/s in 2019), over 500,000 server units, and an investment in the C-Lion1 Baltic submarine cable back in 2015. A company that discloses no revenue but co-owns a submarine cable. You will learn more about Hetzner from a traceroute than from any registry.

Meanwhile, Databricks alone runs at roughly $6.9B annualized. One American data platform vendor out-earns every native European cloud combined. Whatever we think the EU cloud market is, we are estimating it, not measuring it.

Finding four: there are two markets, and Europe is losing the important one

The self-service market is where you and I live: credit card, API token, Terraform apply. Here Europe is fine. Hetzner beats DigitalOcean on price and performance, Scaleway has the most complete EU service catalog, and UpCloud’s MaxIOPS storage delivers some of the fastest VM disks in the business, at a price and an egress fee structure that will not ambush you at month’s end. No complaints at the VM tier. (If you want the running catalogue of who lives here, European Alternatives keeps a decent directory, and usefully draws the same line this article does: it separates managed-service “cloud platforms” from plain VPS hosters.)

The tender market is where governments buy, and it is a different planet. Norway’s DFØ awarded framework agreements worth roughly €850M directly to AWS, Google, Oracle and IBM in autumn 2025. Denmark routes billions through the reseller Atea. Finland disperses cloud spend through Hansel’s cloud-services dynamic purchasing system, plus Microsoft license frameworks via Crayon with a publicly announced combined value of up to €1.16B (the current Microsoft distribution framework runs 2024 to 2027 with an option year).

The clearest counterexample is Germany, whose €250M Germany-Stack AI cloud went entirely to European consortia, though the award is a third the size of Norway’s hyperscaler framework. Sweden went the other way, on policy rather than purchasing. Rather than hand a framework to the hyperscalers, it turned years of CLOUD Act caution into a national cloud policy in June 2026 that writes sovereignty risk assessment into procurement itself.

So the sovereignty debate happens in the market that buys American, while the market that buys European gets ignored by the debate. The real Nordic cloud incumbents, by procurement volume, are resellers. Nobody puts Crayon on a cloud comparison chart. Perhaps somebody should.

Finding five: the telcos are walking off the field

The telcos everyone assumed would carry the sovereign flag are leaving instead. Tietoevry sold its entire Tech Services unit to UK private equity firm Agilitas for €300 million; it now trades as Vivicta. Telia agreed in June to sell its Finnish cloud and capacity services business to Canada’s CGI, nearly 250 specialists included, and the competition authority waved it through within the month. In fairness, the Helsinki datacenter itself stays with Telia, which will rent infrastructure to CGI under the partnership. The sovereignty stays in the walls; the business leaves through the door. Telenor’s sovereign cloud launches commercially in the first half of 2027, announced four weeks before Telia signed its exit. In the space of one Nordic spring, one national telco declared cloud a sovereign duty and the other declared it somebody else’s problem. Norwegians and Finns famously agree on everything.

Telenor’s launch arrives in roughly the same window as Microsoft’s Finland Central region, which was announced back in March 2022 and whose first construction phase, per Microsoft’s own April 2026 update and Finnish press coverage, completes around the turn of 2026 and 2027 with commissioning to follow. The Nordic sovereign alternative and the hyperscaler’s local region may well cut their ribbons in the same news cycle, and only one of them arrives with a full service catalog. The segment I expected to be invisible turned out to be actively shrinking into foreign ownership.

The gaps that hurt

If you are planning a real EU architecture today, three holes will find you.

Start with the scale of what would need replacing, because it is easy to underestimate. Cloudflare sits in front of roughly 23% of all websites, and among sites that use any reverse proxy at all it holds about 83% of the market, more than the next four providers combined (W3Techs, June 2026). Akamai, the original CDN giant, is under one percent of sites by that measure. Amazon CloudFront, Fastly and Akamai together add up to around four percent. This is not a competitive market with a European laggard. It is one American company operating the front door to a quarter of the web, with a second American company and the hyperscalers splitting the scraps.

Now find the European share of that layer. You will be looking for a while. No EU-headquartered provider registers in the reverse-proxy rankings at all, and a June 2026 attribution study of 19,450 European company websites found Cloudflare the single largest internet-facing vendor in all seven markets it sampled, fronting the majority of company sites in the UK and the Netherlands and the plurality in France, Italy and Spain; only Germany and Poland resist, and only because they have unusually dense domestic hosting. Bunny.net, the continent’s best independent CDN, is a rounding error at internet scale. This is the starkest gap in the study, and the one with the most control over your traffic: whoever runs your CDN and WAF terminates your TLS and sees your plaintext. The layer with the most intimate access to European data has the least European presence.

CDN plus web application firewall. The Cloudflare and Sucuri category. One company turned out to break my “empty set” prediction at functional grade: Gcore, Luxembourg, with a real CDN, WAF, bot management, DDoS protection and Wasm edge compute bundle. Before you celebrate, the caveats: revenue is a CEO statement, the only external funding round was led by Wargaming, and the company’s founding history requires what diplomats call a careful footnote. The alternative is a patchwork: Bunny.net for CDN, Myra Security for German-grade WAF and DDoS, and nobody at all for edge compute. At enterprise scale and depth the set is still empty. If you run Cloudflare Enterprise today, there is no European drop-in, and pretending otherwise helps nobody.

PaaS and the managed middle. Serverless, event buses, the forty small conveniences. Scaleway is the only EU-native with a credible functions and queues story. Nobody has anything EventBridge-shaped. The flagship of European cloud has no Lambda equivalent in 2026, and that sentence should embarrass more people than it does.

Managed databases beyond the big providers. Here the answer is a Finnish company and a bit of honest patchwork. Aiven (Helsinki, €83.2M FY2025 per the filing, so close to my €100M cutoff that I waved it through on neutrality grounds) now runs GA regions on OVHcloud, UpCloud and Exoscale. That means a fully EU-jurisdiction managed Postgres, Kafka and ClickHouse stack is assemblable today, no hyperscaler in the chain. It will not feel like RDS. It will feel like three vendors and a Terraform module. It works.

There is a pleasing pattern hiding in that sentence. The database layer is the one place Europe, and Finland in particular, punches absurdly above its weight. MySQL was written more or less single-handed by Monty Widenius, a Helsinki programmer who later forked it into MariaDB when Oracle came knocking. Between them those two power a staggering share of the world’s applications, and both came out of Finland. Aiven is Helsinki-born too. So the layer where Europe is otherwise thinnest, the managed data platform, sits on foundations a Finn largely built. It is not sovereignty by design, but it is a good hand to be holding.

What needs to happen

If the legal workaround does not materialize, and three sunk frameworks suggest a pattern, the sector needs to DevOps-mature the European offerings. Not build more datacenters. Europe has datacenters the way Finland has lakes. What it needs:

A CDN and WAF option at enterprise grade, because right now that layer is one Luxembourg company with footnotes and a patchwork of specialists. A real PaaS tier, because functions and event buses are where developer gravity lives. Managed databases and queues as boring commodities, not adventures. And on the tooling side, the cheapest wins available anywhere: getting EU providers into cert-manager core, Velero, and Infracost costs less than any datacenter and moves the practitioner experience more. If you maintain an EU provider and you are wondering where to spend one engineer-quarter, it is there.

Until then, the pragmatic architecture is a patchwork, and I have made my peace with that: EU IaaS for compute, Aiven-style specialists for data, Bunny or Gcore plus Myra at the edge, self-hosted control plane where the managed one is missing. The principle that makes the patchwork coherent is simple, and it is the one I would tattoo on every procurement document in the Union:

Software can come from anywhere. Data stays inside. Now more than ever.

Run American software, run open source, run whatever wins on merit. But the operator of the infrastructure, the jurisdiction of the storage, and the keys to the encryption belong in Europe. That is not protectionism. That is the lesson three dead frameworks were trying to teach us, and this time there may not be a fourth chance to skip the homework.

Am I the first to do this? No, and that is the point

I am not the first to line these providers up, and there is a reason. I was on this early, the morning the Slaughter ruling landed. But turning it into a measurement instead of a hot take, forty-nine providers run through a research plan, a small army of agents and a few million tokens, takes longer than an opinion does, so the quicker reads got there first. EU Alternative published a clean feature-by-feature comparison of eight providers in April, verified against product catalogs, and its findings agree with mine where we overlap: message queues are rare, serverless rarer, and Hetzner offers no managed services by design. SoftwareSeni wrote a good buyer-survey landscape piece on the same jurisdiction-not-address principle. If you want a shorter read, start with either.

What this study adds is depth and a different axis. The good comparisons cover eight to a dozen providers and mostly stop at whether a box is ticked. This one grades forty-nine, and it asks the harder question underneath the tick: not just whether a feature is listed, but whether it is production-grade, and whether the toolchain a team actually relies on exists for it, a Terraform provider, a Pulumi bridge, a cluster-autoscaler, an Ansible collection, an Infracost integration. Feature-present and feature-reliable are different questions, and the gap between them is exactly where Europe thins out. That is the layer nobody else is measuring.


Takeaways for the architects who have to run it

  • Map your jurisdiction, not your vendors. The question is not “are we on AWS” but “where does our data physically rest, and under whose law does the operator sit.” Those are different questions and the second is the one that matters.
  • Separate the three axes. Infrastructure, identity/workplace, and the data platform each have their own exit cost and their own European answer. Do not price them as one migration.
  • Cost the tooling gap, not just the services. Every missing Terraform provider, cert-manager solver, or backup plugin is recurring platform-team time. That is the real lock-in.
  • Have a plan you never have to use. Portability has option value. Maintaining it has a price. Decide deliberately which you are paying for, before a court decides for you.
  • Data stays inside. Software can come from anywhere. The one line worth putting in every procurement document this year.

The dataset (49 providers, 31 features, 18 ecosystem signals, 491 sourced claims, a source for every cell) is available on request.

jani@raatti:~ $ git commit # leave a comment