[{"data":1,"prerenderedAt":552},["ShallowReactive",2],{"navigation":3,"\u002Fen\u002Fblog\u002Fkubernetes-digital-sovereignty":294,"\u002Fen\u002Fblog\u002Fkubernetes-digital-sovereignty-surround":547},[4,8,12,16,20,24,28,32,36,40,44,48,52,56,60,64,68,72,76,80,84,88,92,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,207,219,250,287],{"title":5,"path":6,"stem":7},"Build and Deploy a Modern Website in 5 Minutes","\u002Fen\u002Fblog\u002Fbuild-with-loveable","en\u002F3.blog\u002F1.build-with-loveable",{"title":9,"path":10,"stem":11},"The Vercel Alternative for the German Mittelstand: Sovereign Hosting on Hetzner with lowcloud","\u002Fen\u002Fblog\u002Fdigital-sovereignty-lowcloud-vs-vercel-b2b","en\u002F3.blog\u002F10.digital-sovereignty-lowcloud-vs-vercel-b2b",{"title":13,"path":14,"stem":15},"Cloud Sovereignty Framework: How the EU Is Finally Making Cloud Sovereignty Measurable","\u002Fen\u002Fblog\u002Fcloud-sovereignty-framework","en\u002F3.blog\u002F12.cloud-sovereignty-framework",{"title":17,"path":18,"stem":19},"Avoiding Cloud Vendor Lock-in: What Real Sovereignty Means Technically","\u002Fen\u002Fblog\u002Fcloud-vendor-lock-in","en\u002F3.blog\u002F13.cloud-vendor-lock-in",{"title":21,"path":22,"stem":23},"Digital Sovereignty with Kubernetes: When Is Open Source Truly Sovereign?","\u002Fen\u002Fblog\u002Fkubernetes-digital-sovereignty","en\u002F3.blog\u002F14.kubernetes-digital-sovereignty",{"title":25,"path":26,"stem":27},"What Is DevOps as a Service and When Does It Actually Make Sense?","\u002Fen\u002Fblog\u002Fdevops-as-a-service","en\u002F3.blog\u002F15.devops-as-a-service",{"title":29,"path":30,"stem":31},"Cloud Sovereignty Governance: Why This Topic Belongs in the Boardroom, Not the Server Room","\u002Fen\u002Fblog\u002Fcloud-sovereignty-governance","en\u002F3.blog\u002F16.cloud-sovereignty-governance",{"title":33,"path":34,"stem":35},"PaaS vs. DaaS: What","\u002Fen\u002Fblog\u002Fpaas-vs-daas","en\u002F3.blog\u002F17.paas-vs-daas",{"title":37,"path":38,"stem":39},"Sovereign Cloud: Can SaaS Really Maintain Control Over Your Data?","\u002Fen\u002Fblog\u002Fsovereign-cloud-saas-data-control","en\u002F3.blog\u002F18.sovereign-cloud-saas-data-control",{"title":41,"path":42,"stem":43},"DevOps vs. DevOps as a Service – Which One Fits Your Team?","\u002Fen\u002Fblog\u002Fdevops-vs-devops-as-a-service","en\u002F3.blog\u002F19.devops-vs-devops-as-a-service",{"title":45,"path":46,"stem":47},"Docker Fundamentals -  Understanding Container Virtualization","\u002Fen\u002Fblog\u002Fhow-docker-works","en\u002F3.blog\u002F2.how-docker-works",{"title":49,"path":50,"stem":51},"The 7 Biggest DevOps Problems in SMBs – And How to Fix Them","\u002Fen\u002Fblog\u002Fdevops-problems-smb","en\u002F3.blog\u002F20.devops-problems-smb",{"title":53,"path":54,"stem":55},"PostgreSQL Helm Chart: How to Deploy Postgres on Kubernetes","\u002Fen\u002Fblog\u002Fpostgresql-helm-chart-kubernetes","en\u002F3.blog\u002F21.postgresql-helm-chart-kubernetes",{"title":57,"path":58,"stem":59},"Platform Engineering vs. DevOps – What","\u002Fen\u002Fblog\u002Fplatform-engineering-vs-devops","en\u002F3.blog\u002F22.platform-engineering-vs-devops",{"title":61,"path":62,"stem":63},"Cloud Act vs. GDPR: The Risk for EU Businesses","\u002Fen\u002Fblog\u002Fcloud-act-vs-gdpr","en\u002F3.blog\u002F23.cloud-act-vs-gdpr",{"title":65,"path":66,"stem":67},"Cut IT Costs with Automation: The Biggest Lever","\u002Fen\u002Fblog\u002Freduce-it-costs-automation","en\u002F3.blog\u002F24.reduce-it-costs-automation",{"title":69,"path":70,"stem":71},"NIS2 Compliance for DevOps Teams: What You Need to Do","\u002Fen\u002Fblog\u002Fnis2-compliance-devops","en\u002F3.blog\u002F25.nis2-compliance-devops",{"title":73,"path":74,"stem":75},"Self-Hosted EU Alternatives: Host LibreOffice & More","\u002Fen\u002Fblog\u002Fself-hosted-eu-alternatives","en\u002F3.blog\u002F26.self-hosted-eu-alternatives",{"title":77,"path":78,"stem":79},"DORA Compliance for DevOps: What the EU Resilience Act Means","\u002Fen\u002Fblog\u002Fdora-compliance-devops","en\u002F3.blog\u002F27.dora-compliance-devops",{"title":81,"path":82,"stem":83},"Cloud TCO: Hidden Costs AWS, Azure & GCP Don't Show You","\u002Fen\u002Fblog\u002Fcloud-tco-hidden-costs","en\u002F3.blog\u002F28.cloud-tco-hidden-costs",{"title":85,"path":86,"stem":87},"Data Residency vs. Data Sovereignty: What Really Matters","\u002Fen\u002Fblog\u002Fdata-residency-vs-data-sovereignty","en\u002F3.blog\u002F29.data-residency-vs-data-sovereignty",{"title":89,"path":90,"stem":91},"Self-Host n8n on Hetzner: Complete Docker Setup Guide","\u002Fen\u002Fblog\u002Fself-hosted-n8n-on-hetzner","en\u002F3.blog\u002F3.self-hosted-n8n-on-hetzner",{"title":93,"path":94,"stem":95},"Manual Deployments: An Underestimated Risk for SMBs","\u002Fen\u002Fblog\u002Fmanual-deployment-risks","en\u002F3.blog\u002F30.manual-deployment-risks",{"title":97,"path":98,"stem":99},"DevOps Tool Sprawl: How It Happens and How to Stop It","\u002Fen\u002Fblog\u002Fdevops-tool-sprawl","en\u002F3.blog\u002F31.devops-tool-sprawl",{"title":101,"path":102,"stem":103},"Kubernetes Monitoring: Using Logs and Metrics Effectively","\u002Fen\u002Fblog\u002Fkubernetes-monitoring-logs-metrics","en\u002F3.blog\u002F32.kubernetes-monitoring-logs-metrics",{"title":105,"path":106,"stem":107},"OB7 Case Study: Website Deployment Without Infrastructure Overhead","\u002Fen\u002Fblog\u002Fob7-case-study-lowcloud-deployment","en\u002F3.blog\u002F33.ob7-case-study-lowcloud-deployment",{"title":109,"path":110,"stem":111},"DevOps in SMBs: Why Missing Roles Become a Real Risk","\u002Fen\u002Fblog\u002Fmissing-devops-roles-smb","en\u002F3.blog\u002F34.missing-devops-roles-smb",{"title":113,"path":114,"stem":115},"Simplify Kubernetes Configuration: The Path to Human-Readable Cloud","\u002Fen\u002Fblog\u002Fsimplify-kubernetes-configuration","en\u002F3.blog\u002F35.simplify-kubernetes-configuration",{"title":117,"path":118,"stem":119},"Collaborative DevOps: How Modern Teams Build Cloud Apps Together","\u002Fen\u002Fblog\u002Fcollaborative-devops-teams","en\u002F3.blog\u002F36.collaborative-devops-teams",{"title":121,"path":122,"stem":123},"Knowledge Documentation in DevOps Teams: How to Actually Reduce Your Bus Factor","\u002Fen\u002Fblog\u002Fdevops-knowledge-documentation-bus-factor","en\u002F3.blog\u002F37.devops-knowledge-documentation-bus-factor",{"title":125,"path":126,"stem":127},"What Is PaaS? Platform as a Service Explained","\u002Fen\u002Fblog\u002Fwhat-is-paas","en\u002F3.blog\u002F38.what-is-paas",{"title":129,"path":130,"stem":131},"EU AI Act Hosting: What Changes for AI Workload Operators","\u002Fen\u002Fblog\u002Feu-ai-act-hosting","en\u002F3.blog\u002F39.eu-ai-act-hosting",{"title":133,"path":134,"stem":135},"Docker Compose Tutorial: Managing Multi-Container Apps Made Easy","\u002Fen\u002Fblog\u002Fdocker-compose-for-beginners","en\u002F3.blog\u002F4.docker-compose-for-beginners",{"title":137,"path":138,"stem":139},"Full-Stack Developer Reality: What the Title Actually Means","\u002Fen\u002Fblog\u002Ffull-stack-developer-reality","en\u002F3.blog\u002F40.full-stack-developer-reality",{"title":141,"path":142,"stem":143},"Cloud Egress Fees Compared: AWS vs. Azure vs. GCP Pricing","\u002Fen\u002Fblog\u002Fcloud-egress-fees","en\u002F3.blog\u002F41.cloud-egress-fees",{"title":145,"path":146,"stem":147},"Bring Your Own Cloud: What the Model Means and Why It","\u002Fen\u002Fblog\u002Fbring-your-own-cloud","en\u002F3.blog\u002F42.bring-your-own-cloud",{"title":149,"path":150,"stem":151},"Zero-Config Kubernetes: Why Simplicity Wins","\u002Fen\u002Fblog\u002Fzero-config-kubernetes","en\u002F3.blog\u002F43.zero-config-kubernetes",{"title":153,"path":154,"stem":155},"Minimalist Cloud Architecture: Why Less Complexity Means More Stability","\u002Fen\u002Fblog\u002Fminimalist-cloud-architecture","en\u002F3.blog\u002F44.minimalist-cloud-architecture",{"title":157,"path":158,"stem":159},"Software Deployment for SMBs: How Small Teams Ship Faster","\u002Fen\u002Fblog\u002Fsmb-software-deployment","en\u002F3.blog\u002F45.smb-software-deployment",{"title":161,"path":162,"stem":163},"EU Data Act: What Businesses and DevOps Teams Need to Know","\u002Fen\u002Fblog\u002Feu-data-act-business-devops","en\u002F3.blog\u002F46.eu-data-act-business-devops",{"title":165,"path":166,"stem":167},"Data Governance Act: What SMBs and DevOps Teams Need to Know","\u002Fen\u002Fblog\u002Fdata-governance-act-devops-guide","en\u002F3.blog\u002F47.data-governance-act-devops-guide",{"title":169,"path":170,"stem":171},"Self-Host Docmost with Docker Compose and Traefik: Complete Guide","\u002Fen\u002Fblog\u002Fself-host-docmost-with-docker-and-traefik","en\u002F3.blog\u002F5.self-host-docmost-with-docker-and-traefik",{"title":173,"path":174,"stem":175},"What Is Kubernetes? A Practical Guide to Container Orchestration","\u002Fen\u002Fblog\u002Fwhat-is-kubernetes","en\u002F3.blog\u002F6.what-is-kubernetes",{"title":177,"path":178,"stem":179},"The Cloud Illusion: Why a Server Location in Germany Doesn’t Guarantee Digital Sovereignty","\u002Fen\u002Fblog\u002Fcloud-illusion-digital-sovereignty","en\u002F3.blog\u002F7.cloud-illusion-digital-sovereignty",{"title":181,"path":182,"stem":183},"S3-Compatible Object Storage: The Best Solutions at a Glance","\u002Fen\u002Fblog\u002Fs3-compatible-object-storage","en\u002F3.blog\u002F8.s3-compatible-object-storage",{"title":185,"path":186,"stem":187},"Deployment as a Bottleneck: When AI Codes Faster Than You Can Deploy","\u002Fen\u002Fblog\u002Fdeployment-bottleneck","en\u002F3.blog\u002F9.deployment-bottleneck",{"title":189,"path":190,"stem":191,"children":192,"icon":206},"Getting Started","\u002Fen\u002Fdocs\u002Fgetting-started","en\u002F1.docs\u002F1.getting-started\u002F1.index",[193,196,201],{"title":194,"path":190,"stem":191,"icon":195},"Introduction","i-lucide-house",{"title":197,"path":198,"stem":199,"icon":200},"Get Started","\u002Fen\u002Fdocs\u002Fgetting-started\u002Fget-started","en\u002F1.docs\u002F1.getting-started\u002F2.get-started","i-lucide-rocket",{"title":202,"path":203,"stem":204,"icon":205},"How It Works","\u002Fen\u002Fdocs\u002Fgetting-started\u002Fhow-it-works","en\u002F1.docs\u002F1.getting-started\u002F3.how-it-works","i-lucide-lightbulb",false,{"title":208,"path":209,"stem":210,"children":211,"icon":206},"Guides","\u002Fen\u002Fdocs\u002Fguides","en\u002F1.docs\u002F2.guides\u002F1.index",[212,214],{"title":208,"path":209,"stem":210,"icon":213},"i-lucide-book-open",{"title":215,"path":216,"stem":217,"icon":218},"Connect a Container Registry","\u002Fen\u002Fdocs\u002Fguides\u002Fcontainer-registries","en\u002F1.docs\u002F2.guides\u002F2.container-registries","i-lucide-container",{"title":220,"path":221,"stem":222,"children":223,"icon":206},"App Services","\u002Fen\u002Fdocs\u002Fapp-services","en\u002F1.docs\u002F3.app-services\u002F1.index",[224,225,230,235,240,245],{"title":220,"path":221,"stem":222,"icon":200},{"title":226,"path":227,"stem":228,"icon":229},"Build Settings","\u002Fen\u002Fdocs\u002Fapp-services\u002Fbuild-settings","en\u002F1.docs\u002F3.app-services\u002F2.build-settings","i-lucide-settings",{"title":231,"path":232,"stem":233,"icon":234},"Env Variables","\u002Fen\u002Fdocs\u002Fapp-services\u002Fenvironment-variables","en\u002F1.docs\u002F3.app-services\u002F3.environment-variables","i-lucide-key",{"title":236,"path":237,"stem":238,"icon":239},"Custom Domains","\u002Fen\u002Fdocs\u002Fapp-services\u002Fcustom-domains","en\u002F1.docs\u002F3.app-services\u002F4.custom-domains","i-lucide-globe",{"title":241,"path":242,"stem":243,"icon":244},"Health Checks","\u002Fen\u002Fdocs\u002Fapp-services\u002Fhealth-checks","en\u002F1.docs\u002F3.app-services\u002F5.health-checks","i-lucide-heart-pulse",{"title":246,"path":247,"stem":248,"icon":249},"Autoscaling","\u002Fen\u002Fdocs\u002Fapp-services\u002Fautoscaling","en\u002F1.docs\u002F3.app-services\u002F6.autoscaling","i-lucide-scaling",{"title":251,"path":252,"stem":253,"children":254,"icon":206},"Helm Releases","\u002Fen\u002Fdocs\u002Fhelm-releases","en\u002F1.docs\u002F4.helm-releases\u002F1.index",[255,257,262,267,272,277,282],{"title":251,"path":252,"stem":253,"icon":256},"i-lucide-package",{"title":258,"path":259,"stem":260,"icon":261},"Deploy PostgreSQL","\u002Fen\u002Fdocs\u002Fhelm-releases\u002Fdeploy-postgresql","en\u002F1.docs\u002F4.helm-releases\u002F2.deploy-postgresql","i-lucide-database",{"title":263,"path":264,"stem":265,"icon":266},"Deploy Redis","\u002Fen\u002Fdocs\u002Fhelm-releases\u002Fdeploy-redis","en\u002F1.docs\u002F4.helm-releases\u002F3.deploy-redis","i-lucide-zap",{"title":268,"path":269,"stem":270,"icon":271},"Deploy n8n","\u002Fen\u002Fdocs\u002Fhelm-releases\u002Fdeploy-n8n","en\u002F1.docs\u002F4.helm-releases\u002F4.deploy-n8n","i-lucide-workflow",{"title":273,"path":274,"stem":275,"icon":276},"Deploy RustFS","\u002Fen\u002Fdocs\u002Fhelm-releases\u002Fdeploy-rustfs","en\u002F1.docs\u002F4.helm-releases\u002F5.deploy-rustfs","i-lucide-hard-drive",{"title":278,"path":279,"stem":280,"icon":281},"Deploy OpenSearch","\u002Fen\u002Fdocs\u002Fhelm-releases\u002Fdeploy-opensearch","en\u002F1.docs\u002F4.helm-releases\u002F6.deploy-opensearch","i-lucide-search",{"title":283,"path":284,"stem":285,"icon":286},"Deploy Keycloak","\u002Fen\u002Fdocs\u002Fhelm-releases\u002Fdeploy-keycloak","en\u002F1.docs\u002F4.helm-releases\u002F7.deploy-keycloak","i-lucide-shield-check",{"title":288,"path":289,"stem":290,"children":291,"icon":206},"Glossary","\u002Fen\u002Fdocs\u002Fglossary","en\u002F1.docs\u002F5.glossary\u002F1.index",[292],{"title":288,"path":289,"stem":290,"icon":293},"i-lucide-book-a",{"id":295,"title":21,"authors":296,"badge":302,"body":303,"date":537,"description":538,"extension":539,"image":540,"lastUpdated":542,"meta":543,"navigation":544,"path":22,"published":544,"seo":545,"stem":23,"tags":302,"__hash__":546},"posts\u002Fen\u002F3.blog\u002F14.kubernetes-digital-sovereignty.md",[297],{"name":298,"to":299,"avatar":300},"Thomas Ens","\u002Fabout\u002Fthomasens",{"src":301},"\u002Fimages\u002Fblog\u002Fauthors\u002Fthomas.jpeg",null,{"type":304,"value":305,"toc":521},"minimark",[306,314,317,322,325,352,355,369,373,382,385,390,393,396,400,403,406,410,413,416,419,423,426,432,438,448,452,459,462,466,469,501,504,507,510],[307,308,309,313],"p",{},[310,311,312],"a",{"href":174},"Kubernetes"," was created by Google. Yet European companies and government agencies use it as the foundation for their sovereign cloud strategy. This is not a contradiction, if you understand which dimension of sovereignty really matters.",[307,315,316],{},"The debate often revolves around the wrong question. The relevant question is not \"Was the code written in the EU?\" but rather: \"Who controls access to my data and systems at runtime?\" This article explains the difference, why it matters in practice, and what Kubernetes has to do with it.",[318,319,321],"h2",{"id":320},"what-digital-sovereignty-actually-means","What digital sovereignty actually means",[307,323,324],{},"The term is widely used but rarely clearly defined. In the context of cloud infrastructure, three dimensions can be distinguished:",[326,327,328,340,346],"ul",{},[329,330,331,335,336,339],"li",{},[332,333,334],"strong",{},"Data sovereignty:"," Control over where data resides, who can access it, and how it is processed. For a detailed breakdown of why ",[310,337,338],{"href":86},"data residency differs from data sovereignty",", see our dedicated analysis.",[329,341,342,345],{},[332,343,344],{},"Operational sovereignty:"," Control over platform operations (admin access, updates, incident handling, key management).",[329,347,348,351],{},[332,349,350],{},"Legal immunity:"," Protection through applicable law and jurisdiction (e.g., EU\u002FGerman law, protection against extraterritorial access claims).",[307,353,354],{},"These three dimensions are related but not identical. A tool can be strong in dimension three while simultaneously failing in dimension one or two, depending on how it is deployed.",[307,356,357,358,364,365,368],{},"In a previous blog post, we described the ",[310,359,363],{"href":360,"rel":361},"https:\u002F\u002Fcommission.europa.eu\u002Fdocument\u002Fdownload\u002F09579818-64a6-4dd5-9577-446ab6219113_en",[362],"nofollow","Cloud Sovereignty Framework",", where data sovereignty, operational sovereignty, legal immunity, and how sovereignty is defined and measured play a central role. You can find it in our ",[310,366,367],{"href":14},"Cloud Sovereignty Framework article",".",[318,370,372],{"id":371},"kubernetes-and-its-roots-at-google","Kubernetes and its roots at Google",[307,374,375,376,381],{},"Google released Kubernetes as an open-source project in 2014, based on internal systems like Borg. In 2016, the project was handed over to the Cloud Native Computing Foundation (",[310,377,380],{"href":378,"rel":379},"https:\u002F\u002Fwww.cncf.io\u002F",[362],"CNCF","), which is part of the Linux Foundation. Today, Kubernetes is one of the most active open-source projects worldwide, with maintainers from dozens of companies and organizations.",[307,383,384],{},"The code is licensed under the Apache 2.0 license, one of the most permissive open-source licenses available. This means any organization can use, modify, distribute, and commercially deploy Kubernetes without paying license fees or being required to contribute source code back.",[386,387,389],"h3",{"id":388},"the-cncf-as-a-governance-model","The CNCF as a governance model",[307,391,392],{},"What many don't know: Google no longer has formal veto power over the direction of Kubernetes. CNCF governance regulates how decisions are made. The Kubernetes Steering Committee and the Technical Oversight Committee are composed of members from various companies. No single corporation determines the roadmap.",[307,394,395],{},"This is a relevant characteristic for sovereignty questions because it means the continuity and development of the project are not tied to the fate of a single company.",[318,397,399],{"id":398},"open-source-as-a-sovereignty-factor-but-not-the-sole-deciding-one","Open source as a sovereignty factor, but not the sole deciding one",[307,401,402],{},"Open-source code offers real advantages for digital sovereignty: The code is auditable. Security vulnerabilities can be found and reported by the community. There is no vendor lock-in at the license level. Anyone who wants to can fork.",[307,404,405],{},"Yet open source is not a free pass. The decisive question is not where the code comes from, but where it runs.",[386,407,409],{"id":408},"the-crucial-distinction-where-does-the-code-run","The crucial distinction: Where does the code run?",[307,411,412],{},"A Kubernetes cluster running on AWS, GCP, or Azure in a US region is subject to US law, even if Kubernetes itself is open source. The CLOUD Act of 2018 obliges US companies, under certain circumstances, to grant authorities access to data, regardless of where that data is physically stored.",[307,414,415],{},"This means: Running Kubernetes on a US hyperscaler may leave a gap in data sovereignty, not because of Kubernetes, but because of the operating model.",[307,417,418],{},"Turn it around: Kubernetes, operated on your own hardware or in an EU data center by a European provider, with no contractual relationship to a US company, is a substantially different starting point.",[318,420,422],{"id":421},"digital-sovereignty-with-kubernetes-in-practice","Digital sovereignty with Kubernetes in practice",[307,424,425],{},"What does this mean for architecture decisions? Some guidelines that make the difference in practice:",[307,427,428,431],{},[332,429,430],{},"Location of operations:"," Kubernetes clusters should run in data centers that are exclusively subject to EU law. ISO 27001 certification and no parent company in the US are sensible minimum requirements.",[307,433,434,437],{},[332,435,436],{},"Managed vs. self-managed:"," Running Kubernetes yourself gives maximum control but carries the operational burden. Managed Kubernetes offerings from European providers can be a good balance, provided the operators meet the requirements mentioned above.",[307,439,440,443,444,447],{},[332,441,442],{},"Supply chain:"," Which container images, ",[310,445,446],{"href":54},"Helm charts",", and operator deployments are being used? Here too: open source is more auditable than proprietary software, but it is no automatic guarantee of security.",[386,449,451],{"id":450},"the-cloud-act-and-its-implications","The CLOUD Act and its implications",[307,453,454,455,458],{},"The Clarifying Lawful Overseas Use of Data Act (",[310,456,457],{"href":62},"CLOUD Act",", 2018) allows US authorities to demand that US companies hand over data stored outside the United States. This directly affects AWS, Microsoft, Google, and other hyperscalers.",[307,460,461],{},"For European organizations processing sensitive data, such as health data, government data, or data subject to NIS2 or GDPR, this is a real risk. It has nothing to do with whether Kubernetes is open source or not. It is about who holds the operating contract.",[318,463,465],{"id":464},"when-is-kubernetes-truly-sovereign","When is Kubernetes truly sovereign?",[307,467,468],{},"A pragmatic checklist for teams that want to clarify this question for their organization:",[326,470,471,477,483,489,495],{},[329,472,473,476],{},[332,474,475],{},"Operator:"," Is the operator a company headquartered exclusively in the EU, with no US parent company?",[329,478,479,482],{},[332,480,481],{},"Data center:"," Is the infrastructure located in an EU data center that is exclusively subject to EU law?",[329,484,485,488],{},[332,486,487],{},"Contractual situation:"," Are there no contractual relationships that could enable US authorities to access data?",[329,490,491,494],{},[332,492,493],{},"Auditability:"," Are only open-source components used whose code is publicly accessible?",[329,496,497,500],{},[332,498,499],{},"Portability:"," Is the architecture designed so that switching operators is possible without data loss?",[307,502,503],{},"If you can answer yes to all five points, you are running Kubernetes sovereignly, regardless of the fact that the code originally came from Google.",[307,505,506],{},"The origin of the code is a question of history. Control over operations is a question of the present.",[508,509],"hr",{},[307,511,512,513,520],{},"If you want to run Kubernetes in a sovereign environment without the effort of fully self-managed operations, ",[310,514,517],{"href":515,"rel":516},"https:\u002F\u002Flowcloud.de",[362],[332,518,519],{},"lowcloud"," is the right choice: a Kubernetes-based PaaS, operated exclusively in German data centers under EU law. No US hyperscaler, no dependencies that undermine operational sovereignty.",{"title":522,"searchDepth":523,"depth":523,"links":524},"",2,[525,526,530,533,536],{"id":320,"depth":523,"text":321},{"id":371,"depth":523,"text":372,"children":527},[528],{"id":388,"depth":529,"text":389},3,{"id":398,"depth":523,"text":399,"children":531},[532],{"id":408,"depth":529,"text":409},{"id":421,"depth":523,"text":422,"children":534},[535],{"id":450,"depth":529,"text":451},{"id":464,"depth":523,"text":465},"2026-03-05","Kubernetes was created by Google. Yet European companies and government agencies use it as the foundation for their sovereign cloud strategy. This is not a contradiction, if you understand which dimension of sovereignty really matters.","md",{"src":541},"\u002Fimages\u002Fblog\u002Fkubernetes-digital-sovereignty.jpg","2026-03-19",{},true,{"title":21,"description":538},"tjitTruKMsdIQfqdRY5Xj1HPqM4DRZqgzNrsO24OBEs",[548,550],{"title":17,"path":18,"stem":19,"description":549,"children":-1},"Vendor lock-in is the unspoken business model of many cloud platforms. This article shows what avoiding cloud vendor lock-in actually looks like and how lowcloud architecturally breaks this pattern.",{"title":25,"path":26,"stem":27,"description":551,"children":-1},"DevOps as a Service sounds like yet another buzzword. But behind it lies a concrete model that can take real work off development teams, when applied correctly. This article explains what DaaS means, what a provider actually delivers, and where the limits of the model lie.",1775388343697]