Perspectives, mises à jour et histoires de notre équipe
Learn how to deploy production-grade Kubernetes clusters on bare metal, OpenStack, and public cloud using a single Cluster API-based workflow with Navos. Step-by-step tutorial with manifests.
Data residency is not data sovereignty. The CLOUD Act, CADA, and Canadian procurement policy are forcing a shift toward infrastructure you can control.
Navos runs on unmodified upstream Kubernetes and Cluster API. Learn why that architectural choice matters for portability, multi-cloud, and no-lock-in cluster management.
OpenStack isn't the right answer for every team or workload, and knowing when it isn't matters as much as knowing when it is. An honest guide to fit, from a team that's been operating it since 2011.
We've been part of the OpenStack community since Bexar, the second release, in 2011. Our CEO, Mohammed Naser, has chaired the Technical Committee, served as PTL across multiple projects, and sits on the OpenInfra Foundation board. Since 2016, we've contributed infrastructure to OpenDev, the development and CI backbone for the OpenStack community, including GPU-enabled instances and high-memory VMs that keep the project's testing pipeline running.
We have a history of deploying new OpenStack releases on the same day they launch, which is made possible because of how deeply our team invests in the upstream development process.
We are telling you this because it's the context for what follows. This post argues, in some cases, that you should not use OpenStack. That argument is only worth reading if it comes from people who have earned an opinion on the subject.
This is a genuine guide to fit. If you are evaluating OpenStack, whether to build on it, operate it yourself, or use a cloud that runs it, here is an honest account of where it belongs and where it doesn't.
OpenStack is infrastructure software for building and operating clouds: compute, networking, storage, identity, orchestration, and more assembled into a coherent platform. It is the open-source alternative to AWS, Azure, and GCP. Where hyperscalers ask you to rent infrastructure on their terms, OpenStack lets you build and own a cloud on yours. The control, the hardware, the network topology, the data residency, the cost model, and the upgrade cadence are yours to govern.
That ownership is both its value and its weight. OpenStack gives you power that hyperscalers explicitly withhold. It also requires that you be capable of using that power, which is a real qualification and not a polite caveat.
The hyperscalers have spent hundreds of billions building services that do not yet exist in open infrastructure: serverless compute with millisecond billing, globally replicated databases with automatic failover across continents, fully managed ML training pipelines with custom silicon. If your workload's competitive advantage depends on one of these services, you should use them. The open infrastructure ecosystem closes gaps over time, but the gap is real today for certain workloads.
OpenStack is well suited to workloads with predictable capacity profiles, which is most workloads in most organizations. For a consumer product that could go from a hundred requests per second to a hundred thousand overnight, a hyperscaler's elastic capacity carries genuine value. You are paying for optionality, and for some workload profiles that optionality is worth the cost.
Some compliance frameworks, government contracts, and industry certifications are scoped to named platforms. FedRAMP-authorized services, certain financial frameworks, and specific healthcare data agreements sometimes specify hyperscalers by name. When compliance requires a particular platform, use that platform.
OpenStack has a real learning curve. Running it well requires people who understand how networking, storage, and compute interact at a level below what most application developers ever need. If your entire engineering team is focused on shipping a product, the operational overhead of self-managed infrastructure is a genuine cost. Using a hyperscaler's managed services while you build the team to think about infrastructure differently is a reasonable call. Revisit the question when your scale and team make it worth revisiting.
This is the section most vendors skip. We're including it because a team running OpenStack beyond its operational capacity has a bad time, and no one benefits from that.
If every workload you run is a container, your storage requirements are object storage and managed databases, and you have no bare metal or VM-level requirements, you may not need the layer OpenStack provides. Managed Kubernetes gives you workload orchestration without requiring you to own the compute layer beneath it. OpenStack earns its place when you need that layer. If you genuinely do not, you are paying for abstraction you are not using.
If your infrastructure team knows Kubernetes well and has never operated OpenStack, and your workloads fit cleanly in containers, adding OpenStack is adding a large unfamiliar system to reach a capability you already have. The learning investment is only justified if OpenStack gives you something specific you cannot get from managed Kubernetes alone: bare metal, data sovereignty, VM workloads, economics at significant scale.
Small-footprint edge deployments at retail locations, manufacturing floors, or remote facilities often cannot support a proper OpenStack control plane. Lightweight Kubernetes distributions serve these use cases well. OpenStack has edge capabilities and the community is actively developing them, but for many current edge deployment patterns, Kubernetes alone is the simpler and more reliable choice.
If your engineers are building applications that will run on GKE or EKS in production and you want a private development environment that mirrors that experience, managed Kubernetes is a better fit than OpenStack with Kubernetes on top. The mapping is cleaner and the tooling transfers more directly.
Container orchestration needs compute underneath it. OpenStack provides that layer, along with networking, storage, and identity, as a coherent whole. If your infrastructure includes virtual machines, be that for databases, for Windows workloads, or for applications that predate containers, you need something beneath your container layer. OpenStack is the best open-source answer to that.
We built MigrateKit specifically for this transition: it is an open-source near-live migration toolkit for moving VMware environments to OpenStack, because the "we have a lot of VMs and we want out of our current platform" problem is one we have helped many organizations work through.
Healthcare data in a specific jurisdiction. Financial transaction data with strict audit requirements. Workloads that cannot share infrastructure for compliance or contractual reasons. Defence and government deployments with network isolation requirements. These are not niche cases. They represent a large and growing share of serious infrastructure requirements, and they are ones that hyperscalers structurally cannot address. OpenStack on hardware you control, in a location you specify, with people under your authority managing it, is the answer.
At sufficient scale, the per-unit economics of public cloud become punishing. The inflection point varies by workload characteristics and operational capacity, but it exists, and it is lower than most people expect. If you are spending seven figures annually on hyperscaler compute that could run on owned or leased hardware, the math is worth doing carefully. Many organizations have found that the operational investment in OpenStack pays back within a year or two at that scale.
Hyperscalers deprecate services, change pricing, modify APIs, and make product decisions that affect your operations. Open infrastructure gives you a fundamentally different relationship with change: the community governs the roadmap, the software is yours to inspect and modify, and you are not subject to a vendor's product strategy. For organizations where that autonomy matters, and for many it matters a great deal, OpenStack is the right foundation.
The question is not whether OpenStack is good. The question is whether it is right for your specific situation, and that requires looking at your workloads, your team, your compliance requirements, and your operational appetite honestly.
If you are working through an infrastructure decision and you are uncertain whether you are ready for OpenStack, the most useful thing we can tell you is: talk to someone who has operated it at scale and ask about the failure modes, not the success stories. Ask what they would do differently. Ask what the first year looked like. The community is open about this, which is one of the things that makes it worth being part of.
If you conclude that OpenStack is not the right answer for you right now, that is a good conclusion to reach before committing resources.
VEXXHOST has been contributing to the OpenStack community since 2011 and operates production clouds for organizations ranging from research institutions to commercial enterprises. We build Atmosphere, a production-ready OpenStack platform supporting managed private cloud, public cloud, and hybrid deployments. We are a Gold Member of the OpenInfra Foundation and a member of the Linux Foundation, CNCF, and Ceph Foundation. If you are working through an infrastructure decision and want a direct conversation, we are happy to have it.
Choose from Atmosphere Cloud, Hosted, or On-Premise.
Simplify your cloud operations with our intuitive dashboard.
Run it yourself, tap our expert support, or opt for full remote operations.
Leverage Terraform, Ansible or APIs directly powered by OpenStack & Kubernetes