With more than 15 multi-data center cloud infrastructures, Infomaniak is one of the few cloud providers in Europe to master its data centers, develop its own technologies and guarantee sovereign cloud services. This ensures a clear legal framework, a committed data confidentiality policy and job creation at local level while helping develop Europe’s technological independence. In this article, we explain what a cloud is, who its architects are and what criteria must be met to assert that a cloud is truly sovereign.

What is the cloud?

Thanks to the cloud, our data can be accessed anywhere at any time. This technology is transforming our economy profoundly and to understand how it works, let’s make an analogy:

The Internet can be seen as a country, with regions and roads connecting towns and villages. When we open an app on our smartphone, we actually travel through several cities, all connected by high-speed roads, to access our data. Against this backdrop, the Infomaniak cloud is a major city with a variety of buildings and services that host and drive our customers’ data and digital services.

Siméon Gourlin, Site Reliability Engineer (SRE) at Infomaniak

A cloud infrastructure is like a modern neighbourhood. It consists of typical buildings that can be installed flexibly and extensively: 

  • Computing instances: this is usually the foundation of a cloud infrastructure that defines the computing power (CPU) and memory (RAM) of virtual machines running applications or other computing operations.
  • Storage resources: this is the space in which data is stored (files, databases, applications, etc.).
  • GPU instances: these are extremely powerful graphical resources for language processing, AI training, cryptography, video encoding or complex computations.
  • Network resources: all the components that make it possible to connect applications powered in the cloud (DNS, VPN, IP addresses, load balancers, firewalls, etc.) and ensure their availability and security.

foundation-cloud-computing

These building blocks form the foundation of cloud computing, and it is no coincidence that companies are embracing this technology, as it has many benefits:

  • Scalability and full flexibility: companies can increase or reduce their IT resources dynamically and transparently, enabling them to manage peak loads without investing in expensive hardware.
  • Cost reduction: companies no longer need to acquire and maintain IT infrastructure. They only pay for the resources they actually use.
  • High availability: thanks to its flexibility, cloud computing makes it possible to ensure the redundancy of its services, to speed up the recovery of its activities after an incident and to minimise disruption for customers.
  • Ecology: cloud computing prevents infrastructure from becoming oversized, thereby promoting energy efficiency and reducing carbon emissions due to poor hardware management.

For companies, the added value of a cloud provider is therefore to opportunity to delegate the availability, reliability and performance of their IT infrastructure.

The pillars of our sovereign cloud infrastructure

In the analogy of our city, we seek to master all the components of our infrastructure and we succeed in doing so. We don’t just resell licences and rent premises like in a shopping centre. We are the architect, town planner, landlord, shopkeeper and resident all at the same time.

At Infomaniak, the cloud infrastructure plays a dual role:

To understand what data sovereignty means, let’s take a closer look at how the cloud works at Infomaniak. This “pyramid” diagram shows the different levels of our cloud:

pyramid-level-cloud

1 – Data centers

The cloud is based on servers running both day and night, summer and winter. These are placed in very secure locations – data centers.

At Infomaniak,

2 – Cloud computing software (virtualisation and IaaS)

When everything is ready in terms of power, hardware and network, these tens of thousands of servers (which run on Linux / Debian) must be orchestrated by a software layer called OpenStack, which is free. It is at this level that it becomes possible to create cloud infrastructures.

As a cloud provider and provider of SaaS solutions such as kSuite and SwissTransfer, we are the first customer of our cloud services. To date, Infomaniak manages more than 100 PB of data in more than 15 separate infrastructures with largely automated industrial processes.

To do this, we support and contribute to various open source projects, and we also develop our own tools, including OCI, which automates many deployment operations:

  • Server configuration (BIOS, RAID, etc.)
  • Configuration of operating systems (installation, security)
  • Software configuration (OpenStack installation and dependency management)
  • OpenStack configuration (new server or modification of an existing element)
  • Overall monitoring of infrastructure and systems
  • Compliance testing

With OCI, we can deploy servers automatically according to their purpose and monitor them. Engineers no longer have to worry about technical parameters (hypervisor, storage, etc.) as most tasks are standardised, which increases the security of the infrastructure.

Olivier Chaze, Site Reliability Engineer (SRE) – Infomaniak Production

In addition to powering our own SaaS solutions such as kDrive, this same infrastructure is made available to customers in the form of the Public Cloud (IaaS). This solution enables companies to power their IT in our data centers with our sovereign and environmentally-friendly cloud computing solutions, while managing their infrastructure autonomously. We call this an infrastructure as a service, because it’s literally Infomaniak’s in-house infrastructure that companies use as they want, paying only for the resources they actually need.

3 – On-demand development environments (PaaS)

Based on our own cloud infrastructure, we have developed additional services that make life easier for developers, who don’t necessarily want or have the skills to manage all the building blocks of their cloud infrastructure. Our solutions enable them to deploy applications easily in a turnkey cloud, with the technologies they need and guaranteed resources.

That’s exactly what our PaaS solutions do:

  • Managed cloud server: as simple as a shared web hosting, this solution offers numerous technologies that can be deployed in a single click with guaranteed resources.
  • Cloud VPS: with this solution, it is possible to deploy Windows or Linux instances in a single click to power your applications with the technologies of your choice, while mastering all aspects of your virtual server.
  • Jelastic Cloud: this service offers an intuitive GUI allowing you to deploy development environments in redundant infrastructures with numerous technologies such as Kubernetes, Docker, Java, Node.js, Ruby and many more.

4 – SaaS applications such as kSuite and SwissTransfer

The last layer of the pyramid is the tip of the iceberg, the one that the general public and businesses know and use in their day-to-day work:

Our in-house expertise in cloud infrastructure

For over 13 years, we have been building OpenStack infrastructures that power cloud services used daily by millions of people across Europe.

The availability and security of our cloud infrastructures are ensured by our system engineers, known as SRE (Site Reliability Engineer), as they are the guardians of the reliability of “our city”. They define security rules, the redundancy of equipment and best practices to ensure that all components of our infrastructure are as resilient and secure as possible.

Ensuring the security of our cloud infrastructures

At the heart of our business, a number of our SRE’s tasks concern security. Here are a few examples:

  • limitations of network access and physical access
  • data encryption
  • analysis of security feedback
  • software updates
  • standardisation of processes (ISO 27001, ISO 9001)

Ensuring the constant availability of cloud services

To avoid as many incidents as possible, our infrastructure is redundant and consists of multiple data centres. This means that if an anomaly is detected, relay mechanisms are automatically activated to ensure the continued availability of services. 

Behind the uninterrupted availability of the cloud, there are actually many events that users don’t notice if we’re doing our job properly. Predicting events is such a key issue that we spend a significant amount of our time in R&D designing redundant systems and creating tools to anticipate predictable but unexpected events.

Martial Fol, Infomaniak Production Manager

On a day-to-day basis, the SREs ensure the stability and performance of services through:

  • physical maintenance (replacement of defective hardware, upgrading servers to increase their power, installing new servers, etc.)
  • software updates (operating system, maintenance scripts, open source software, etc.)
  • the continuous monitoring of infrastructures (system load rates, service availability, etc.)
  • evolution of our infrastructures (capacity planning and design) 
  • automation of routine and deployment operations (information gathering for analytics, migration of services when loaded, etc.).

To ensure data accessibility, we treat the cloud as a living organism. It’s a constant balance of updates, user issues, events, hacking attempts, etc. We need to develop the best tools to monitor all the parameters of this constantly changing environment.

Olivier Chaze, Site Reliability Engineer (SRE) – Infomaniak Production

The mission of our SREs is to anticipate and manage incidents so that they never impact users. Investigation is at the heart of our SREs’ activities, because even if an event is not always problematic, it must always be dealt with before the alarms sound. It is therefore necessary to understand the situation and intervene to resolve it before it can cause any disruption.

Because we manage our own infrastructures without an intermediary provider, our engineers can quickly move through the entire chain if a problem occurs.

Open source or proprietary cloud: why is it important?

Web giants use proprietary technologies to operate their cloud services, and this poses some major challenges, which we will examine further at the end of this article. At Infomaniak, we use open-source technologies because they offer substantial long-term benefits:

  • Stable and very competitive prices: we are not dependent on licences or critical software to guarantee the operation and scalability of our cloud services. With the same configuration, this offers computing instances up to 40x more advantageous than AWS.
  • Interoperable and without proprietary locks: by deploying your IT at Infomaniak, you remain free to change providers easily or combine several providers anywhere in the world while ensuring very strict control of the legal framework surrounding your customers’ data. It’s also possible to combine proprietary technologies with Infomaniak’s cloud services if you need very specific services that we don’t yet offer.
  • Digital sovereignty: the software that accesses and processes your data is either open source or developed by Infomaniak. Strictly stored in Switzerland, your data is not processed by proprietary software or subject to extraterritorial laws. If a state wishes to access your data, it must follow local legal channels. The flexibility of open source technologies makes it possible to choose transparent network equipment such as Open Network, which reduces the risk of data leakage.
  • Improved security: open source technologies allow engineers around the world to see, verify and enhance the security of source code. This is a level of transparency that proprietary solutions don’t allow, thereby building trust in data management. Our cloud service offering focuses on 80% of business needs, simplifying configuration, implementation and management and reducing implementation security risks.
  • Reliable: the open source technology that powers our cloud infrastructures (OpenStack) is used by NASA, CERN, governments and major industrial groups around the world such as Adobe, Bloomberg, Blizzard Entertainment, Nike and Volkswagen.

Mastering your data means mastering your cloud services

Infomaniak now has all the know-how needed to structure the performance of its services as well as ensuring data security and resilience in the event of a failure. Our infrastructure and processes meet the needs of businesses and public administrations that need to grow in the cloud.

Martial Fol, Infomaniak Production Manager

With the flexibility of cloud computing comes the central issue of data control. When choosing cloud services, you need to have all the answers to these questions:

  • Who owns the data?
  • Who can access it?
  • Where are they located?
  • What is the local data law of the countries where your customers are located?
  • Which software and technologies process this data? 

Control over your data depends on your choice of cloud provider. In Switzerland and Europe, regulations are very strict when it comes to data privacy, but the largest cloud providers in the world such as Amazon Web Services, Google Cloud Platform, Microsoft Azure and Alibaba Cloud are American and Chinese companies. 

Depending on the legal framework of the cloud provider, foreign authorities may access the data without notifying you before or even afterwards, for example. for economic or intelligence purposes. This issue is even more important with cloud computing, as data can be stored worldwide with a single partner, exposing it to multiple jurisdictions.

At Infomaniak, the data centers, software and data are managed by a single company with a clear and unique legal framework: the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR). We offer sovereign cloud services that enable companies to take full control of their data.

Learn more about Infomaniak’s cloud solutions