A full-stack private cloud isn't just OpenStack. It's a carefully integrated set of best-in-class open-source components — routing, security, storage, orchestration, AI, and observability — that together deliver every capability you'd expect from AWS or Azure, without handing control to anyone else.
Each layer is independently operated, independently auditable, and independently replaceable. No proprietary glue. No black boxes.
Every component: Apache / MIT / GPL licensed open-source. No proprietary layers. No licence fees.
Every capability the hyperscalers sell you exists as a best-in-class open-source component. The difference: you own it, you operate it, and you pay no per-API or per-seat fees.
| Capability | SDcloud / Open Source | AWS | Azure | GCP |
|---|---|---|---|---|
| Compute | ||||
| Virtual Machines | OpenStack Nova + KVM | EC2 | Virtual Machines | Compute Engine |
| Bare Metal | OpenStack Ironic | EC2 Bare Metal | Azure Bare Metal | Bare Metal Solution |
| GPU / HPC Compute | GPU passthrough (NVIDIA / AMD) | EC2 P / G instances | NC / ND series | A2 / A3 instances |
| Auto Scaling | OpenStack Heat + KEDA | Auto Scaling Groups | VM Scale Sets | Instance Groups (MIG) |
| Storage | ||||
| Block Storage | Ceph RBD + OpenStack Cinder | EBS | Managed Disks | Persistent Disk |
| Object Storage (S3) | Ceph RGW / MinIO | S3 | Blob Storage | Cloud Storage |
| Shared File Storage | CephFS + OpenStack Manila | EFS | Azure Files | Filestore |
| Container Volumes | Longhorn / Ceph CSI | EBS CSI / EFS CSI | Azure Disk CSI | GCE PD CSI |
| Backup | Velero + Restic + Ceph Snapshots | AWS Backup | Azure Backup | Cloud Backup |
| Networking | ||||
| Virtual Private Network | OpenStack Neutron + OVN | VPC | Virtual Network | VPC |
| Load Balancer | OpenStack Octavia + HAProxy | ELB (ALB / NLB) | Azure Load Balancer | Cloud Load Balancing |
| DNS | OpenStack Designate + PowerDNS | Route 53 | Azure DNS | Cloud DNS |
| BGP Routing | VyOS + FRRouting | Transit Gateway | ExpressRoute | Cloud Router |
| VPN Gateway | WireGuard + StrongSwan | AWS VPN | Azure VPN Gateway | Cloud VPN |
| Security | ||||
| Firewall | OPNsense / VyOS + nftables | Security Groups + NACL | NSG + Azure Firewall | VPC Firewall Rules |
| IDS / IPS | Suricata + Zeek | GuardDuty | Microsoft Defender | Security Command Center |
| Secrets / Key Management | HashiCorp Vault | KMS + Secrets Manager | Key Vault | Secret Manager + Cloud KMS |
| Identity & Access | Keystone + Keycloak | IAM + Cognito | Azure AD / Entra ID | Cloud IAM |
| Containers & K8s | ||||
| Managed Kubernetes | Kubernetes + Cluster API | EKS | AKS | GKE |
| Container Network (CNI) | Cilium eBPF | VPC CNI | Azure CNI / Calico | Dataplane v2 (eBPF) |
| Container Registry | Harbor | ECR | ACR | Artifact Registry |
| GitOps / CD | Argo CD / Flux CD | CodePipeline | Azure DevOps | Cloud Deploy |
| AI / ML | ||||
| LLM Inference API | vLLM + Ollama (OpenAI-compatible) | Bedrock | Azure OpenAI Service | Vertex AI |
| Model Training | Kubeflow + Ray + DeepSpeed | SageMaker | Azure ML | Vertex AI Training |
| Vector Database (RAG) | Qdrant / Milvus / pgvector | OpenSearch (kNN) | Azure AI Search | Vertex AI Vector Search |
| Observability | ||||
| Metrics | Prometheus + Thanos | CloudWatch | Azure Monitor | Cloud Monitoring |
| Dashboards | Grafana | CloudWatch Dashboards | Azure Dashboards | Cloud Monitoring |
| Log Management | Grafana Loki + Promtail | CloudWatch Logs | Log Analytics | Cloud Logging |
| Distributed Tracing | Grafana Tempo + OpenTelemetry | X-Ray | Application Insights | Cloud Trace |
| Automation & IaC | ||||
| Infrastructure as Code | Terraform (OpenStack provider) | CloudFormation / Terraform | Bicep / ARM / Terraform | Deployment Manager |
| Configuration Management | Ansible | Systems Manager | Azure Automation | Config / Ansible |
| CI/CD Platform | GitLab CE / Gitea + Tekton | CodePipeline / CodeBuild | Azure DevOps | Cloud Build |
Feature parity based on standard deployment. Additional components may be integrated for specific requirements.
Every organisation has different needs. We can map this platform to your specific workloads, compliance requirements, and existing infrastructure.