Oracle Compute Cloud@Customer Isolated – Sovereign Public Sector Hosting for Oracle Partners

Jul 7, 2025 | OCI Dedicated Region, Oracle Alloy, Oracle Cloud Infrastructure, Oracle Compute Cloud@Customer, Sovereign Cloud

Across Europe, public sector organisations are under increasing pressure to modernise their IT environments while maintaining full control over data, infrastructure, and operations. This is where Oracle partners can step in. With Oracle Compute Cloud@Customer Isolated (C3I), they now have the opportunity to offer sovereign cloud hosting services tailored to the needs of governments and regulated industries.

Oracle’s approach to digital sovereignty is not abstract. It is based on clearly defined principles that are embedded in the platform itself. With C3I, data – whether user data, metadata, or telemetry -remains entirely within the customer’s environment. Nothing is transmitted back to Oracle. The complete OCI control plane runs locally, fully disconnected from Oracle’s global infrastructure. This ensures that compliance requirements can be met without compromise.

Transparency and control are fundamental. There is no ongoing operator access to the system because C3I is an air-gapped, disconnected solution. Once installed, Oracle has no remote access to the environment. The installation and activation – including any expansion, such as GPU or storage racks – is handled on-site by Oracle’s field team. Ongoing operations, monitoring, and support are managed entirely by the hosting service provider (HSP), not by Oracle. Customers define their access policies, manage their own encryption keys, and control every layer of the platform.

Unlike traditional hosted solutions, C3I delivers the full Oracle Cloud Infrastructure (OCI) IaaS portfolio, along with key platform services such as Oracle Kubernetes Engine (OKE), all deployed within the HSP’s own data centre. This empowers Oracle Partners to offer modern, cloud-native infrastructure and container services to public-sector tenants, while keeping everything firmly under local control and governance.

What Makes C3I a Game‑Changer?

Besides OCI Dedicated Region, Alloy, and Oracle Isolated Cloud Region, C3I is Oracle’s most secure and sovereign cloud deployment model. One of the main drivers for adopting Oracle Compute Cloud@Customer Isolated is the need to run classified workloads in fully isolated environments. In this context, governments with strict regulations, ministries of defense, and intelligence services represent the key targeted customers.

What sets C3I apart is that its architecture is the entire control plane, the brain of OCI, is deployed inside the partner’s (or customer’s) premises. Again, there is no connection to Oracle’s public cloud regions, no shared management layer, and no external operator access. Once the system is installed, Oracle no longer has access. There is no remote telemetry, no persistent administrator credentials, and no automated updates. Every action, including patching, must be initiated and approved by the partner’s operators.

Despite its strict isolation, C3I delivers the same developer experience as the public cloud. Users can work with the same APIs, tools, and automation workflows. All core OCI services are available, from compute and storage to networking and IAM. This makes it possible to run modern applications, automate deployments, and enforce security policies. Just like in the public cloud, but with full control.

For Oracle partners, this opens new doors.

Hosting Multiple Tenants with IAM and Compartment Isolation

To serve multiple tenants on shared C3I infrastructure, Oracle relies on the strength of its Identity and Access Management (IAM) framework. Each tenant is hosted in a dedicated compartment, which acts as a logical and administrative boundary. Resources are isolated, policies are scoped, and access is strictly defined. IAM ensures that each tenant sees only what they are supposed to see and nothing more.

With compartments, policies, and groups, providers can implement fine-grained access control while still maintaining a clear operational model.

Oracle Compute Cloud@Customer Hosting Service Provider Model

On the networking side, Virtual Cloud Networks (VCNs) are provisioned per tenant. If connectivity is required between VCNs – let’s say, for shared services or for intercommunication – Dynamic Routing Gateways (DRGs) are used to establish secure and controlled interconnections. This approach allows for scalable, tenant-aware architectures without compromising performance or sovereignty.

C3I is Ready for AI – GPU Expansion Racks

C3I is not just built for traditional workloads. It is also designed to support next-generation applications, including those that require hardware acceleration. Currently, through dedicated GPU expansion racks, Oracle partners can add up to 48 NVIDIA L40S GPUs to a single C3I deployment. These GPUs are integrated into the system’s high-speed network and storage architecture, making them available to tenants just like any other OCI resource.

This capability allows Hosting Service Providers to offer GPU-as-a-Service directly to public-sector clients – ideal for AI, ML, and data analytics workloads that must remain within national borders. All resources are managed through the same local OCI control plane, keeping everything under the same compliance and operational framework.

The sensitive nature of government data demands absolute sovereignty. With Oracle C3I, sovereign AI becomes a reality.

Red Hat OpenShift Support

For Oracle Partners hosting public sector tenants on C3I, delivering enterprise-grade container platforms is critical. That’s why C3I fully supports Red Hat OpenShift, enabling end-customers to run their containerized workloads with confidence and flexibility.

OpenShift brings a comprehensive Kubernetes-based platform with advanced features like developer tools, integrated CI/CD pipelines, and robust security controls. By running OpenShift on C3I, customers benefit from a sovereign, isolated environment that meets strict regulatory demands, while leveraging the rich ecosystem and productivity of Red Hat’s market-leading container platform.

A Sovereign Platform That Grows With You

C3I starts with a strong baseline: 552 cores, 6.7 TB of RAM, and 150 TB of storage. But it doesn’t stop there. The platform can scale to 6’072 cores, 73.7 TB of memory, 3.65 Petabytes of high-capacity storage, and 1.2 Petabytes of high-performance storage.

Unlocking a New Business Model for Oracle Partners

For Oracle Partners, C3I creates a new type of service opportunity. Instead of simply reselling cloud subscriptions, they can operate a sovereign cloud environment, offering secure, isolated, and scalable hosting to public sector clients. It is a cloud environment you can trust, built for those who need to guarantee data residency and operational autonomy.

With C3I, Oracle provides the tools. Now it is time for partners to build the services.

Oracle Compute Cloud@Customer – The Sovereign Cloud Platform Europe Has Been Waiting For

Jul 2, 2025 | Kubernetes, OCI Dedicated Region, Oracle Alloy, Oracle Cloud Infrastructure, Oracle Compute Cloud@Customer, Sovereign Cloud

Europe has always taken data privacy, neutrality, and independence seriously. Whether you are operating in government, healthcare, banking, or energy, the message is clear: sensitive workloads need to stay within national borders. However, sovereignty shouldn’t come at the expense of innovation, agility, or cost efficiency. This is exactly where Oracle Compute Cloud@Customer (C3) steps in.

With C3, you are not forced to choose between the benefits of public cloud and the control of on-prem infrastructure. You get both. Oracle brings a consistent, fully managed OCI experience directly into your data center or trusted hosting environment.

This is cloud designed for data residency and regulatory alignment, without compromise. Customers retain full operational control thanks to Oracle’s secure Operator Control and disconnected operating model, giving you full autonomy over who can access what and when. If you don’t want Oracle to touch it, they won’t.

But this isn’t just about compliance, it’s about enabling innovation. With C3, organizations can develop once and run anywhere. You can build modern applications on OCI using containers, Kubernetes, or virtual machines (VMs), and then deploy them on-prem with C3, in a public OCI region, or any hybrid setup. This gives developers and architects freedom, without forcing the business into compliance headaches.

Even more compelling: C3 is priced the same as the public OCI regions. No “on-prem premium.” Unlike other hyperscalers that charge more for bringing cloud services into your data center, Oracle keeps the economics consistent. That means you can deploy at scale wherever you need it, without blowing your IT budget. And because OCI is up to 60% cheaper than competitors – especially for IaaS-heavy workloads and managed Kubernetes – C3 becomes not just a compliance play, but a strategic cost advantage.

For organizations already running Exadata Cloud@Customer (ExaCC), the transition to C3 is seamless. You extend the same OCI architecture from your Oracle Database infrastructure to your full application landscape – compute, storage, network, containers, and more – all under one public OCI control plane. One architecture, one operational model, full sovereignty.

And for those looking to modernize full application stacks from databases to middleware to frontend services, C3 provides the flexibility to run both Oracle and open-source technologies.

Note: Those requiring the full breadth of OCI services in a sovereign, connected environment, Oracle also offers OCI Dedicated Region.

Oracle Compute Cloud@Customer Isolated – The Next Level of Sovereignty

Oracle has taken the concept of sovereign cloud one step further. With Oracle Compute Cloud@Customer Isolated (C3I), organizations can now run cloud-native workloads in a fully air-gapped environment, without any operational dependency on Oracle. No outbound connections. No Oracle-managed control plane. No shared infrastructure. Just full autonomy and local control. C3I Oracle owned and customer/partner managed.

it’s a real, production-ready deployment model for mission-critical and highly regulated environments. Designed specifically for governments, defense, intelligence, and critical infrastructure operators like Telcos, Compute Cloud@Customer Isolated addresses scenarios where even a standard sovereign cloud isn’t enough.

The platform runs the same core OCI services (compute, storage, networking, Kubernetes) but is completely disconnected from Oracle’s global cloud infrastructure. Everything is deployed on-premises in your trusted facility, and operated entirely by your own team or a national partner under your control. Oracle is not in the loop. No telemetry is sent back. No patching happens unless you initiate it.

For Europe, this matters. Regulations are tightening. Risk tolerance is dropping. And cloud decisions now sit under the spotlight of data strategy, digital self-determination, and public trust. With C3I, organizations don’t need to compromise. You can modernize legacy infrastructure, run secure workloads, and meet the strictest data protection laws without handing over operational control to a foreign hyperscaler.

Oracle Compute Cloud@Customer Isolated

So if you’re building for maximum sovereignty, whether for a national security project, a classified analytics platform, or a regulated healthcare system, C3I gives you the control you need, without the complexity of building it all from scratch.

Note: those requiring the full breadth of OCI services in a sovereign, air-gapped environment, Oracle also offers an Isolated Region. It delivers the complete OCI stack, including advanced PaaS and data services, fully disconnected and deployed inside your own data center. It’s the natural next step when C3I isn’t enough.

Cloud-Native at Home – Modernizing Legacy Workloads on C3

Whether you are building microservices, deploying containers with Kubernetes, or refactoring legacy applications, C3 gives you the flexibility and tools to modernize at your own pace without sending data to the public cloud.

For many organizations, this is especially relevant when looking at existing on-premises environments. C3 opens a new path for modernizing applications without a full lift-and-shift. You can gradually move critical services from traditional virtual machines into containers, adopt infrastructure-as-code practices, and standardize on CI/CD pipelines. All within a compliant, in-country environment that mirrors public OCI.

Using OCI services like OKE (Oracle Kubernetes Engine) on C3, teams can deploy cloud-native apps alongside traditional workloads. It is entirely possible to run a legacy database VM next to containerized microservices, with consistent networking, storage, and security policies across both. This hybrid model is ideal for customers who want to modernize existing applications incrementally, without taking unnecessary risks.

For VMware and Nutanix customers, C3 provides a future-ready landing zone. You can continue to run VM-based workloads on OCI-compatible compute shapes and use that as the foundation to containerize where it makes sense. This avoids expensive rewrites or disruptive replatforming. Instead, C3 supports a phased modernization strategy.

Note: OKE on C3 is free. Standard OCI pricing for VM nodes applies.

Oracle Compute Cloud@Customer Supports Red Hat OpenShift

Oracle Compute Cloud@Customer (C3) keeps expanding its capabilities for customers, and a key recent addition is support for Red Hat OpenShift.

Artificial Intelligence on Compute Cloud@Customer

With Oracle’s announcement in February 2025, customers can add Nvidia GPUs to C3 deployments with the following key features:

Independent scaling of GPUs, compute, and storage: up to 48 L40S NVIDIA GPUs, 6,624 OCPUs with 80.4 TB of memory, and a mix of up to 3.65 PB of high-capacity storage and 1.2 PB of high-performance storage.
Powerful GPU VMs: up to four NVIDIA L40S GPUs, 108 Intel Xeon 8480+ CPU cores, 800-GB DDR5 memory, and 400 Gbps network bandwidth for the most demanding workloads.
Ultra-fast network connectivity: 800-Gbps data center connectivity that can directly connect an Exadata Cloud@Customer Machine to combine the power of GPUs with Oracle Database 23ai’s integrated AI Vector Search.

Description of multicloud-customer-and-oci.png follows

EU Sovereign Operations for Oracle Compute Cloud@Customer

In May 2025, Oracle announced the availability of Oracle EU Sovereign Operations for C3. This means, that C3 now also runs in the EU Sovereign Cloud, with the same pricing and the same service you know from commercial OCI regions.

Previously, operations and automation for Compute Cloud @ Customer were handled via global OCI control planes. With EU Sovereign Operations, that changes:

All automation and admin services now reside within Oracle’s EU Sovereign Cloud regions
Operations are managed by Oracle teams based in the EU, ensuring compliance
Hardware deployment and support is delivered by personnel authorized to work in the customer’s country

EU Sovereign Operations for Compute Cloud@Customer is offered with the control plane located in one of Oracle EU Sovereign Cloud regions, currently either Madrid, Spain or Frankfurt, Germany. This service is offered in European Union member countries and other select countries in Europe. The service delivers the same features, functions, value and service level objectives (SLOs) offered with Compute Cloud@Customer service with control planes from OCI Compute public regions.

Last Comments

In short, Oracle Compute Cloud@Customer is not just a cloud, it’s your sovereign cloud. It gives enterprises the tools they need to stay compliant, stay competitive, and stay in control. And that is what the next generation of digital sovereignty should look like.

Sovereignty Without Stagnation And The Real Cost of Operational Autonomy

Jul 1, 2025 | OCI Dedicated Region, Oracle Alloy, Oracle Cloud Infrastructure, Sovereign Cloud

Everyone talks about sovereignty. But few talk about the trade-offs.
Across Europe, especially in Germany and Switzerland, operational autonomy is often seen as the gold standard for digital sovereignty. The idea: full control, no external dependencies, no surprises.

In theory, it’s a strong posture.
In practice? It can easily slow you down.

For highly regulated industries, it’s tempting to build walls around your systems to reduce exposure. But when operational autonomy becomes the central design principle, innovation suffers. You are no longer building for performance or scalability. You are building to minimize risk. And over time, that architecture becomes hard to evolve.

This is the balance we need to strike: Sovereignty without stagnation.

Autonomy Comes at a Cost

Operational autonomy/sovereignty means exactly what it says. It is the ability to run your digital environment independently, without reliance on foreign entities, external support teams, or global platforms. In regulated markets, that’s attractive. It means you control access, processes, and ultimately, risk.

But here’s the thing: autonomy isolates.

To maintain autonomy, many institutions move to self-managed stacks, siloed environments, or custom platforms that minimize external control, but also block external innovation.

Security updates? Slower.
Platform upgrades? Riskier.
Integration with modern SaaS or AI services? Most probably not.

In Germany and Switzerland, I have seen several projects stall for months. Not because the technology wasn’t ready, but because the operational model couldn’t support agile change. Teams were so focused on controlling every layer that they lost the ability to adopt new capabilities at speed.

Autonomy must not come at the cost of adaptability!

What really matters is who controls your operations:

Who can push updates to your systems?
Who manages escalation paths during outages?
Whose legal jurisdiction governs your support team?

This is the level of detail that regulators (and boards) now care about.
And yes, achieving this depth of control is hard. That is why many organizations default to “isolation”: they lock down their stack and cut themselves (disconnect) off from global services.

But this model only works for a while. Eventually, innovation pressure builds. AI, automation, cloud-native services – none of that fits cleanly into a closed system. Without a platform to safely absorb innovation, operational autonomy becomes a bottleneck, not a strength.

The Open Source Conversation – Freedom With Limits

Open source has always played an important role in reducing lock-in and increasing transparency. It gives you flexibility, choice, and in many cases even real control.

But we also need to acknowledge its limits, especially in enterprise environments.

Take the example of a Swiss industrial company. They run over 400 applications – a mix of off-the-shelf software, legacy platforms, and newer cloud-native solutions. They have adopted Kubernetes, Grafana, Prometheus, and open-source databases where it made sense. But they also rely on integrated enterprise systems for finance, HR, procurement, and logistics.

Could they replace every component with open source?
Maybe. But at what cost?

Who supports the platform during an audit?
Who integrates change management and compliance controls?
Who signs off on operational resilience?

This is where the promise of open source meets the reality of enterprise IT: not everything can or should be rebuilt just to reduce dependency. Open source is an important ingredient. But sovereignty also means being able to make informed choices, not ideological ones.

What I am seeing is this: teams spend months assembling monitoring stacks, security tools, compliance scripts etc., only to realize they have created something fragile, difficult to maintain, and sometimes completely undocumented for auditors.

The irony? In chasing autonomy, some organizations built systems less resilient than the platforms they were trying to avoid.

This is where pre-built sovereign cloud platforms can help. Not by locking you in, but by giving you compliance-aligned services that still let you move fast. With built-in logging, encryption, incident management, and support under local legal control, the platform handles the regulatory foundation. So your team can focus on what matters.

Isolation vs. Informed Independence

So, to summarize it, there are two paths organizations typically choose:

1. The Isolation Model

Control everything, self-manage infrastructure, and avoid foreign providers. This delivers maximum autonomy but at the cost of agility. Teams fall behind on updates, and integration becomes painful. Yep, innovation slows. Eventually, autonomy becomes a form of isolation.

2. The Informed Independence Model

Use a sovereign cloud platform with built-in compliance, local operations, and enterprise-grade services. Maintain flexibility and adopt open standards. But don’t reinvent what is already secure and certified. This lets you meet regulatory requirements without stalling digital progress. An example would be the EU Sovereign Cloud from Oracle.

Control Matters – But So Does Momentum

Sovereignty is about control. But let’s not forget: innovation needs momentum.

You can’t afford to build static systems in a dynamic world.
Yes, autonomy protects you, but only if you can also evolve, scale, and adapt.

The real challenge in sovereign cloud isn’t just achieving control.
It is doing it without losing your ability to build and innovate.

And that’s the future we need to design for: Sovereignty, without stagnation.

Enabling Public Sector Unity – How Oracle Alloy Could Power a Government Cloud and Cross-Agency Collaboration

Jun 19, 2025 | OCI Dedicated Region, Oracle Alloy, Oracle Cloud Infrastructure

Building a “National Cloud” or a “Government Cloud” is a major strategic endeavour with implications for digital sovereignty, data protection, operational efficiency, and national resilience. Oracle Alloy is a powerful technology platform that can support such an initiative and that allows governments and large organizations to operate their own branded cloud, based on Oracle Cloud Infrastructure (OCI). It provides all the capabilities of OCI – compute, storage, networking, databases, security, AI/ML, analytics, and more – but it is deployed in your data centers with a local control plane.

In the heart of Europe, where neutrality, security, and privacy are mandatory infrastructure principles, your government is uniquely positioned to lead a global shift: from owning cloud infrastructure to renting it.

Disclaimer: This article reflects my opinions and views, not necessarily my employer’s.

From Lethargy to Leadership in Government IT

Let’s be honest. Too much of government IT has become stuck in survival mode.

Across Europe and around the world, some public institutions are weighed down by aging systems, fragmented infrastructure, and long procurement cycles. Innovation is slow, integration is painful, and by the time new technologies are implemented, they are already years behind what is available in the commercial sector.

This isn’t due to a lack of intelligence or intention. It is a product of the traditional government IT operating model: risk-averse, capital-intensive, and structurally disconnected from the pace of global cloud innovation. The result? Public sector agencies spend the bulk of their budgets maintaining legacy environments, not improving services.

Oracle Alloy could offer a clean break from that cycle and not by outsourcing sovereignty to a foreign hyperscaler, but by shifting how innovation enters government infrastructure in the first place.

And the goal isn’t just to modernize infrastructure. It’s to enable a new culture inside government IT. One where agencies experiment faster, share components more easily, and co-develop services that benefit citizens directly.

This is the moment for public sector IT to stop playing catch-up and start leading.

A Cloud You Rent. A Cloud You Don’t Own

The same actions lead to the same results. That is true in life and true in the IT world. Perhaps it is time for something new.

Oracle Alloy is not just another version of a private cloud stack, and it is not just an appliance or limited variant of someone else’s infrastructure. It is the entire Oracle Cloud Infrastructure stack. The same hyperperformant services that power global organizations from different verticals – made available as a complete, sovereign cloud platform, on your soil, under your law.

Since I am based in Switzerland, let’s take Switzerland as a hypothetical example.

From Federal Agencies to Cantons to Hospitals

In Switzerland, the public sector is fragmented across agencies, cantons, municipalities, education and healthcare institutions. Each with their own infrastructure, standards, security models, and legacy systems. The result is duplication of effort, siloed data, different partnerships, different technologies, different contracts, and limited cross-agency innovation.

A national cloud powered by Oracle Alloy could change that. Not by centralizing everything under one inflexible system, but by enabling a federated digital infrastructure with shared standards, shared services, and trusted interoperability.

The key is standardization without centralization. Oracle Alloy would allow each public body to have its own isolated tenant, its own billing, and its own compliance scope, while sharing the same underlying services, including:

Secure identity federation (SSO, MFA, IAM)
Confidential data exchange platforms (via object storage, APIs, or data mesh patterns)
Federated analytics and dashboards
Common DevOps pipelines and cloud-native tooling
Unified observability and logging
Shared AI and machine learning models trained on in-country data

This means that a doctor in a canton hospital could access lab results or insurance data from a federal agency: securely, instantly, and with full auditability. A municipality could reuse an open-source app developed by another canton. A crisis response unit could integrate data from multiple agencies in real time. All without the friction of incompatible systems!

The Swiss national cloud would not just be infrastructure. It would be an enabler of public-sector collaboration, built on trust, scalability, and shared sovereignty. The kind of cloud that reflects Swiss federalism: distributed, resilient, and built for cooperation.

Stop Stretching the Cloud

For years, public sector IT leaders have tried to “stretch” hyperscale cloud into local data centers by deploying limited hybrid extensions like cloud appliances, edge stacks, or modified regions that offer only a fraction of what public cloud delivers. That model is the wrong approach.

Government ITs follow a cloud-smart approach and want to host the right application in the right cloud based on specific reasons and data. Without Oracle Alloy, they would do something like this:

Continue to run an on-premises virtualization stack with VMware
Stretch AWS on-premises with AWS Outposts
Another department would use Azure Local to stretch some Azure services to their local data center
Use the public regions from AWS and Azure for some workloads

Alloy lets you stop stretching. It lets you collapse public cloud, private cloud, and hybrid cloud into one integrated platform with a single control plane, consistent developer experience, and full-service parity with OCI. All hosted in your data centers. Start operating the cloud!

Sovereign But Not Isolated

One of the myths about sovereign cloud solutions is that they must come at the cost of flexibility, that once a government or public sector organization chooses a national cloud, it locks itself into a single ecosystem. But the reality, especially with Oracle Alloy, is far more nuanced and far more strategic.

Oracle Alloy is a sovereign cloud platform that respects openness. It is designed to coexist, interoperate, and integrate with other cloud providers, open-source technologies, and enterprise platforms, making it the ideal foundation for a forward-looking multi-cloud strategy.

Freedom by Design – Open Source and Flexibility

One of the most pressing concerns when governments consider adopting a cloud platform is vendor lock-in. The fear of being bound to a single commercial stack with proprietary formats, proprietary APIs, and inflexible pricing. Is not theoretical, it is real, and it shapes procurement decisions at every level of the public sector.

With Oracle Alloy, the cloud is not only sovereign but also flexible by design, thanks to deep support for and contributions to open-source software, open standards, and open governance.

At the core of Oracle Cloud Infrastructure (OCI), and thus Alloy, are technologies that reflect a strong commitment to the open-source ecosystem:

Oracle Linux is the foundation for OCI compute, but fully compatible with Red Hat, CentOS, and upstream Linux
Kubernetes and container-native technologies are first-class citizens. Alloy supports managed Kubernetes (OKE), Helm, Docker, and service meshes out of the box.
Open database compatibility is key. While Oracle Database is world-class and widely used in governments and many other global enterprises, Alloy also supports PostgreSQL, MySQL, and other open-source databases through Oracle’s managed services or BYOL (bring your own license) models.
Terraform, the IaC standard, is natively supported across OCI and Alloy, letting teams automate deployments using vendor-neutral tooling.
Oracle contributes upstream to projects like Linux, MySQL, KVM, GraalVM, Kafka,Grafana, Helm, ArgoCD, and many more.

What would it mean for Switzerland in this case? This open foundation means Switzerland is never trapped.

Whether you are running containerized microservices for a municipal portal, deploying a PostgreSQL-backed health analytics app in a hospital, or training AI models using open ML frameworks, you are using tools that aren’t locked into Oracle, and can move with you.

A national cloud powered by Alloy could even host, extend, and contribute back to public-sector open-source projects. Imagine cantons co-developing shared services, releasing reusable modules for identity, payments, or civic engagement.

Sovereignty is not just about where your data lives. It is about having the freedom to choose, adapt, and innovate on your own terms.

A Commercial Cloud With a National Purpose

Oracle Alloy is an economic and governance model. As the Alloy operator, you could:

Customize the branding of the end customer console and alerts
Define pricing, rate cards, account types, and discount schedules with your end customers
Define the support structure and service levels for end customers and provide complete billing and lifecycle management
Do the onboarding and provide centralized support
Onboard third-party software vendors into a local cloud marketplace
Offer vertical zones for health, education, defense, justice – each with tailored compliance definitions
Govern access, identity, encryption, and telemetry end-to-end.

The platform would support multi-tenancy across agencies and sectors, enabling a true “cloud utility” model.

Oracle remains in the background, ensuring global-class infrastructure, high-availability SLAs, offering tier 2 and tier 3 support, access to innovation and the latest technologies, and deep engineering support. But you remain in the driver’s seat.

It gives nations a way to operate full-spectrum cloud services with hyperscale performance, but on local, sovereign terms. Not just for compliance, but for trust. Not just for data, but for the entire value chain of digital services.

The Future Is Federated

We need a model where sovereignty becomes a strategy and not a limitation.

Public sector cloud strategy isn’t about picking a winner. It is about building an architecture of trust, resilience, and choice. Oracle Alloy would enable a future where the national cloud can be the sovereign anchor, while still connecting to and coexisting with the global cloud economy.

Oracle Alloy is sovereign-first, but not cloud-exclusive. It is a platform for governments that want independence without isolation, and interoperability without compromise.

5 Strategic Paths from VMware to Oracle Cloud Infrastructure (OCI)

May 16, 2025 | OCI Dedicated Region, Oracle Alloy, Oracle Cloud Infrastructure, VMware Cloud, VMware Cloud Foundation

We all know that the future of existing VMware customers has become more complicated and less certain. Many enterprises are reevaluating their reliance on VMware as their core infrastructure stack. So, where to go next?

For enterprises already invested in Oracle technology, or simply those looking for a credible, flexible, and enterprise-grade alternative, Oracle Cloud Infrastructure (OCI) offers a comprehensive set of paths forward. Whether you want to modernize, rehost, or run hybrid workloads, OCI doesn’t force you to pick a single direction. Instead, it gives you a range of options: from going cloud-native, to running your existing VMware stack unchanged, to building your own sovereign cloud footprint.

Here are five realistic strategies for VMware customers considering OCI. Learn how to migrate from VMware to Oracle Cloud Infrastructure. It doesn’t need to be an either-or decision, it can also be an “and” approach.

1. Cloud-Native with OCI – Start Fresh, Leave VMware Behind

For organizations ready to move beyond traditional infrastructure altogether, the cloud-native route is the cleanest break you can make. This is where you don’t just move workloads; you rearchitect them. You replace VMs with containers where possible, and perhaps lift and shift some of the existing workloads. You replace legacy service dependencies with managed cloud services. And most importantly, you replace static, manually operated environments with API-driven infrastructure.

OCI supports this approach with a robust portfolio: you have got compute Instances that scale on demand, Oracle Kubernetes Engine (OKE) for container orchestration, OCI Functions for serverless workloads, and Autonomous Database for data platforms that patch and tune themselves. The tooling is modern, open, and mature – Terraform, Ansible, and native SDKs are all available and well-documented.

This isn’t a quick VMware replacement. It requires a DevOps mindset, application refactoring, and an investment in automation and CI/CD. It is not something you do in a weekend. But it’s the only path that truly lets you leave the baggage behind and design infrastructure the way it should work in 2025.

2. OCVS – Run VMware As-Is, Without the Hardware

If cloud-native is the clean break, then Oracle Cloud VMware Solution (OCVS) is the strategic pause. This is the lift-and-shift strategy for enterprises that need continuity now, but don’t want to double down on on-prem investment.

With OCVS, you’re not running a fully managed service (compared to AWS, Azure, GCP). You get the full vSphere, vSAN, NSX, and vCenter stack deployed on Oracle bare-metal infrastructure in your own OCI tenancy. You’re the admin. You manage the lifecycle. You patch and control access. But you don’t have to worry about hardware procurement, power and cooling, or supply chain delays. And you can integrate natively with OCI services: backup to OCI Object Storage, peer with Exadata, and extend IAM policies across the board.

Oracle Cloud VMware Solution

The migration is straightforward. You can replicate your existing environment (with HCX), run staging workloads side-by-side, and move VMs with minimal friction. You keep your operational model, your monitoring stack, and your tools. The difference is, you get out of your data center contract and stop burning time and money on hardware lifecycle management.

This isn’t about modernizing right now. It’s about escaping VMware hardware and licensing lock-in without losing operational control.

3. Hybrid with OCVS, Compute Cloud@Customer, and Exadata Cloud@Customer

Now we’re getting into enterprise-grade architecture. This is the model where OCI becomes a platform, not just a destination. If you’re in a regulated industry and you can’t run everything in the public cloud, but you still want the same elasticity, automation, and control, this hybrid model makes a lot of sense.

A diagram showing your tenancy in an OCI region, and how it connects to Compute Cloud@Customer in your data center.

Here’s how it works: you run OCVS in the OCI public region for DR, or workloads that have to stay on vSphere. But instead of moving everything to the cloud, you deploy Compute Cloud@Customer (C3) and Exadata Cloud@Customer (ExaCC) on-prem. That gives you a private cloud footprint with the same APIs and a subset of OCI IaaS/PaaS services but physically located in your own facility, behind your firewall, under your compliance regime.

You manage workloads on C3 using the exact same SDKs, CLI tools, and Terraform modules as the public cloud. You can replicate between on-prem and cloud, burst when needed, or migrate in stages. And with ExaCC running in the same data center, your Oracle databases benefit from the same SLA and performance guarantees, with none of the data residency headaches.

This model is ideal if you’re trying to modernize without breaking compliance. It keeps you in control, avoids migration pain, and still gives you access to the full OCI ecosystem when and where you need it.

4. OCI Dedicated Region – A Public Cloud That Lives On-Prem

When public cloud is not an option, OCI Dedicated Region becomes the answer.

This isn’t a rack. It is an entire cloud region. You get all OCI services like compute, storage, OCVS, OKE, Autonomous DB, identity, even SaaS, deployed inside your own facility. You retain data sovereignty and you control physical access. You also enforce local compliance rules and operate everything with the same OCI tooling and automation used in Oracle’s own hyperscale regions.

サーバラック3つで自分のOracle Cloudリージョンが持てる「Oracle Dedicated Region 25」発表－ Publickey

What makes Dedicated Region different from C3 is the scale and service parity. While C3 delivers core IaaS and some PaaS capabilities, Dedicated Region is literally the full stack. You can run OCVS in there, connect it to your enterprise apps, and have a fully isolated VMware environment that never leaves your perimeter.

For VMware customers, it means you don’t have to choose between control and modernization. You get both.

5. Oracle Alloy – Cloud Infrastructure for Telcos and VMware Service Providers

If you’re a VMware Cloud Director customer or a telco/provider building cloud services for others, then Oracle just handed you an entirely new business model. Oracle Alloy allows you to offer your own cloud under your brand, with your pricing, and your operational control based on the same OCI technology stack Oracle runs themselves.

This is not only reselling, it is operating your own OCI cloud.

Becoming an Oracle Alloy partner diagram, description below

As a VMware-based cloud provider, Alloy gives you a path to modernize your platform and expand your services without abandoning your customer base. You can run your own VMware environment (OCVS), offer cloud-native services (OKE, DBaaS, Identity, Monitoring), and transition your customers at your own pace. All of it on a single platform, under your governance.

What makes Alloy compelling is that it doesn’t force you to pick between VMware and OCI, it lets you host both side by side. You keep your high-value B2B workloads and add modern, cloud-native services that attract new tenants or internal business units.

For providers caught in the middle of the VMware licensing storm, Alloy might be the most strategic long-term play available right now.

Private Cloud Autarky – You Are Safe Until The World Moves On

Mar 3, 2025 | AWS, Azure, Google Cloud, Kubernetes, OCI Dedicated Region, Oracle Alloy, Oracle Cloud Infrastructure

I believe it was 2023 when the term “autarky” was mentioned during my conversations with several customers, who maintained their own data centers and private clouds. Interestingly, this word popped up again recently at work, but I only knew it from photovoltaic systems. And it kept my mind busy for several weeks.

What is autarky?

To understand autarky in the IT world and its implications for private clouds, an analogy from the photovoltaic (solar power) system world offers a clear parallel. Just as autarky in IT means a private cloud that is fully self-sufficient, autarky in photovoltaics refers to an “off-grid” solar setup that powers a home or facility without relying on the external electrical grid or outside suppliers.

Imagine a homeowner aiming for total energy independence – an autarkic photovoltaic system. Here is what it looks like:

Solar Panels: The homeowner installs panels to capture sunlight and generate electricity.
Battery: Excess power is stored in batteries (e.g., lithium-ion) for use at night or on cloudy days.
Inverter: A device converts solar DC power to usable AC power for appliances.
Self-Maintenance: The homeowner repairs panels, replaces batteries, and manages the system without calling a utility company or buying parts.

This setup cuts ties with the power grid – no monthly bills, no reliance on power plants. It is a self-contained energy ecosystem, much like an autarkic private cloud aims to be a self-contained digital ecosystem.

Question: Which partner (installation company) has enough spare parts and how many homeowners can repair the whole system by themselves?

Let’s align this with autarky in IT:

Solar Panels = Servers and Hardware: Just as panels generate power, servers (compute, storage, networking) generate the cloud’s processing capability. Theoretically, an autarkic private cloud requires the organization to build its own servers, similar to crafting custom solar panels instead of buying from any vendor.
Battery = Spares and Redundancy: Batteries store energy for later; spare hardware (e.g., extra servers, drives, networking equipment) keeps the cloud running when parts fail.
Inverter = Software Stack: The inverter transforms raw power into usable energy, like how a software stack (OS, hypervisor) turns hardware into a functional cloud.
Self-Maintenance = Internal Operations: Fixing a solar system solo parallels maintaining a cloud without vendor support – both need in-house expertise to troubleshoot and repair everything.

Let me repeat it: both need in-house expertise to troubleshoot and repair everything. Everything.

The goal is self-sufficiency and independence. So, what are companies doing?

An autarkic private cloud might stockpile Dell servers or Nvidia GPUs upfront, but that first purchase ties you to external vendors. True autarky would mean mining silicon and forging chips yourself – impractical, just like growing your own silicon crystals for panels.

The problem

In practice, autarky for private clouds sounds like an extreme goal. It promises maximum control. Ideal for scenarios like military secrecy, regulatory isolation, or distrust of global supply chains but clashes with the realities of modern IT:

Once the last spare dies, you are done. No new tech without breaking autarky.
Autarky trades resilience for stagnation. Your cloud stays alive but grows irrelevant.
Autarky’s price tag limits it to tiny, niche clouds – not hyperscale rivals.
Future workloads are a guessing game. Stockpile too few servers, and you can’t expand. Too many, and you have wasted millions. A 2027 AI boom or quantum shift could make your equipment useless.

But where is this idea of self-sufficiency or sovereign operations coming from? Nowadays? Geopolitical resilience.

Sanctions or trade wars will not starve your cloud. A private (hyperscale) cloud that answers to no one, free from external risks or influence. That is the whole idea.

What is the probability of such sanctions? Who knows… but this is a number that has to be defined for each case depending on the location/country, internal and external customers, and requirements.

If it happens, is it foreseeable, and what does it force you to do? Does it trigger a cloud-exit scenario?

I just know that if there are sanctions, any hyperscaler in your country has the same problems. No matter if it is a public or dedicated region. That is the blast radius. It is not only about you and your infrastructure anymore.

What about private disconnected hyperscale clouds?

When hosting workloads in the public clouds, organizations care more about data residency, regulations, the US Cloud Act, and less about autarky.

Hyperscale clouds like Microsoft Azure and Oracle Cloud Infrastructure (OCI) are built to deliver massive scale, flexibility, and performance but they rely on complex ecosystems that make full autarky impossible. Oracle offers solutions like OCI Dedicated Region and Oracle Alloy to address sovereignty needs, giving customers more control over their data and operations. However, even these solutions fall short of true autarky and absolute sovereign operations due to practical, technical, and economic realities.

A short explanation from Microsoft gives us a hint why that is the case:

Additionally, some operational sovereignty requirements, like Autarky (for example, being able to run independently of external networks and systems) are infeasible in hyperscale cloud-computing platforms like Azure, which rely on regular platform updates to keep systems in an optimal state.

So, what are customers asking for when they are interested in hosting their own dedicated cloud region in their data centers? Disconnected hyperscale clouds.

But hosting an OCI Dedicated Region in your data center does not change the underlying architecture of Oracle Cloud Infrastructure (OCI). Nor does it change the upgrade or patching process, or the whole operating model.

Hyperscale clouds do not exist in a vacuum. They lean on a web of external and internal dependencies to work:

Hardware Suppliers. For example, most public clouds use Nvidia’s GPUs for AI workloads. Without these vendors, hyperscalers could not keep up with the demand.
Global Internet Infrastructure. Hyperscalers need massive bandwidth to connect users worldwide. They rely on telecom giants and undersea cables for internet backbone, plus partnerships with content delivery networks (CDNs) like Akamai to speed things up.
Software Ecosystems. Open-source tools like Linux and Kubernetes are part of the backbone of hyperscale operations.
Operations. Think about telemetry data and external health monitoring.

Innovation depends on ecosystems

The tech world moves fast. Open-source software and industry standards let hyperscalers innovate without reinventing the wheel. OCI’s adoption of Linux or Azure’s use of Kubernetes shows they thrive by tapping into shared knowledge, not isolating themselves. Going it alone would skyrocket costs. Designing custom chips, giving away or sharing operational control or skipping partnerships would drain billions – money better spent on new features, services or lower prices.

Hyperscale clouds are global by nature, this includes Oracle Dedicated Region and Alloy. In return you get:

Innovation
Scalability
Cybersecurity
Agility
Reliability
Integration and Partnerships

Again, by nature and design, hyperscale clouds – even those hosted in your data center as private Clouds (OCI Dedicated Region and Alloy) – are still tied to a hyperscaler’s software repositories, third-party hardware, operations personnel, and global infrastructure.

Sovereignty is real, autarky is a dream

Autarky sounds appealing: a hyperscale cloud that answers to no one, free from external risks or influence. Imagine OCI Dedicated Region or Oracle Alloy as self-contained kingdoms, untouchable by global chaos.

Autarky sacrifices expertise for control, and the result would be a weaker, slower and probably less secure cloud. Self-sufficiency is not cheap. Hyperscalers spend billions of dollars yearly on infrastructure, leaning on economies of scale and vendor deals. Tech moves at lightning speed. New GPUs drop yearly, software patches roll out daily (think about 1’000 updates/patches a month). Autarky means falling behind. It would turn your hyperscale cloud into a relic.

Please note, there are other solutions like air-gapped isolated cloud regions, but those are for a specific industry and set of customers.