Early access: Swiss sovereign Kubernetes, in development

Managed Kubernetes, actually managed

VSHN runs the full Kubernetes lifecycle for you: version upgrades, the immutable Talos OS, networking, ingress, and storage, on Swiss sovereign cloud. A standardized platform with predictable scope, for teams who want production clusters without operating them, and without enterprise overhead.

Register your interest

A managed control plane is not managed Kubernetes

Most "managed Kubernetes" offerings hand you a control plane and leave the rest to you: node lifecycle, version upgrades, ingress, storage, observability, and figuring out why an upgrade broke your add-ons. Managed Kubernetes takes ownership of the whole platform lifecycle instead, on one standardized, opinionated stack. You get Kubernetes as a first-class interface, not a platform abstracted away.

Operated, not just provisioned

We take responsibility for running Kubernetes, not just spinning it up. VSHN owns cluster provisioning, version upgrades, OS updates, and the core platform components on a defined maintenance schedule. Your engineers stop coordinating upgrades and chasing add-on compatibility, and get back to shipping applications on a platform that stays current.

One opinionated platform

A consistent, standardized stack instead of bespoke per-cluster setups: Talos as the immutable OS, Cilium for networking, the Gateway API for ingress, and Rook / Ceph for storage. Standardization is what makes the service predictable to run and predictable to price, and what lets us operate it reliably at scale.

Fewer platform decisions

You do not need to evaluate CNIs, ingress controllers, storage backends, or upgrade strategies. Those decisions are already made, validated, and operated by VSHN. That reduced cognitive load is the point: a smaller, well-bounded platform your team can reason about instead of a sprawling DIY stack nobody fully owns.

Predictable, productized scope

Managed Kubernetes is a product with a defined scope, not an open-ended consulting engagement. You know what the platform includes, what VSHN operates, and what stays yours. That predictability extends to a productized commercial model rather than effort-based or per-project billing that is hard to forecast.

Swiss sovereign by default

The platform runs on Swiss sovereign infrastructure, starting with cloudscale.ch, a Swiss provider operating data centers exclusively in Switzerland. Your data and control plane stay in Switzerland, under Swiss law, with no hyperscaler dependency. Sovereignty without the cost and overhead of an enterprise platform.

A clear responsibility line

You always know exactly what we operate and what stays with you. VSHN owns the platform lifecycle; you own your workloads and their behaviour. This bounded model is deliberate: it keeps the service simple, lower cost, and honest about where platform responsibility ends and application responsibility begins.

A dedicated cluster, not a shared slice

You get a dedicated Kubernetes cluster, not a tenant slice of a shared platform. That matters for advanced teams: you can install your own custom operators, cluster-wide CRDs, admission webhooks, and node-level configuration that multi-tenant platforms have to restrict. You get full control of the cluster, with VSHN still running the platform underneath.

Who runs what

The responsibility line is drawn on purpose, and we make it explicit. VSHN operates the platform lifecycle. You operate your applications. Nothing in between is left ambiguous.

VSHN operates

  • Control plane and worker node availability within the managed scope
  • Kubernetes version upgrades on a defined maintenance schedule
  • Talos immutable OS updates and base configuration
  • Core platform components: Cilium networking, Gateway API ingress, Rook / Ceph storage, OIDC access
  • Baseline security patching of the platform
  • Platform-level monitoring and incident reaction

You operate

  • Your workloads, deployments, and application configuration
  • Application compatibility across Kubernetes and OS updates
  • Scaling, failover, and resilience of your applications
  • Application-level security, secrets, and compliance
  • Add-ons and integrations beyond the standard platform

The service runs on standardized configurations during business hours, with reactive support rather than around-the-clock operations. That bounded scope is what keeps it simpler and lower cost than enterprise platforms. If you need continuous coverage or regulated-grade guarantees, Managed OpenShift is the better fit.

The platform we operate for you

Immutable, API-driven OS base on Talos Linux: no SSH, no configuration drift

Cluster lifecycle management via Cluster API

Autoscaling of worker nodes

Full, unrestricted Kubernetes API access: standard kubectl and cluster-admin, no proprietary abstraction layer

Networking with Cilium (open source)

Ingress via the Kubernetes Gateway API, with cloud load balancing

Persistent storage via Rook / Ceph

Identity and access: OIDC single sign-on with Kubernetes RBAC

Cloud-native integration: CSI storage drivers and the cloud controller manager (CCM)

Basic observability: platform logs and metrics

API-first, built entirely on open-source components with no enterprise licensing

Managed Kubernetes FAQ

What is Managed Kubernetes from VSHN?

Managed Kubernetes is a standardized, lifecycle-managed Kubernetes platform operated by VSHN on Swiss sovereign cloud. VSHN provisions the cluster, runs version upgrades, updates the immutable Talos operating system, and operates the core platform components, so your team can run production workloads without operating the cluster themselves.

How is this different from a managed control plane like Exoscale SKS or STACKIT?

Managed control planes operate the API server and etcd, then leave node lifecycle, upgrades, ingress, storage, and observability to you. Managed Kubernetes extends responsibility into the full platform lifecycle: VSHN owns the upgrades and the opinionated platform stack, so a managed control plane becomes an actually managed Kubernetes platform.

How is this different from Managed OpenShift?

Managed OpenShift is the enterprise option: continuous operations, higher service levels, and the broader tooling that regulated industries need. Managed Kubernetes is deliberately simpler and lower cost, with a bounded scope and business-hours support. It targets non-regulated teams for whom an enterprise platform is more than they need.

Which operating system and components run on the platform?

The platform is built on Talos Linux, an immutable, API-managed Kubernetes OS with no SSH and no configuration drift. Networking uses Cilium, ingress uses the Kubernetes Gateway API, persistent storage uses Rook and Ceph, and access uses OIDC. Cluster lifecycle is driven by Cluster API, all from open-source components.

Where does it run, and is my data sovereign?

The first iteration runs on cloudscale.ch, a Swiss cloud provider operating data centers exclusively in Switzerland. Your workloads and the cluster control plane stay in Switzerland, under Swiss law, with no hyperscaler dependency. Additional Swiss sovereign providers may follow based on demand from early-access participants.

What service level and support can I expect?

Managed Kubernetes is a baseline-tier service operated during business hours, with reactive support and platform-level monitoring rather than continuous around-the-clock operations. This bounded service model is intentional and keeps the platform affordable. Teams that need continuous coverage should look at VSHN's enterprise platforms instead.

Who is responsible for my applications?

VSHN operates the platform lifecycle: control plane and node availability, Kubernetes and OS upgrades, and the core components. You remain responsible for your workloads, their compatibility across upgrades, scaling and resilience, and application-level security. The responsibility line is explicit so nothing falls through the cracks.

Is the platform built on open source?

Yes. Every layer of the platform uses open-source components: Talos Linux, Cluster API, Cilium, the Gateway API, and Rook with Ceph. There is no enterprise licensing in the stack, which avoids vendor lock-in on the orchestration layer and keeps the cost structure of the service lower than license-heavy enterprise platforms.

How do I get started, and when is it available?

Managed Kubernetes is in active development. Register your interest to join the early-access group, tell us about your clusters and workloads, and help shape the platform, the supported providers, and the service scope. We will follow up to discuss whether the platform fits your needs and your timeline.

Register your interest in Managed Kubernetes

Managed Kubernetes is in active development. Tell us about your clusters and workloads to join the early-access group and help shape the platform. We will follow up to discuss fit and timing. There is no commitment.