Development Organisation Structure
This page provides visual representations of the software development organisation for CloudStack capabilities across the four cooperative jurisdictions (UK, EU, Canada, Australia).
Key Principle: Each jurisdiction retains sovereignty over its infrastructure and deployment decisions. The cooperative structure enables shared development effort and knowledge transfer without centralised control.
Cooperative Governance Structure
graph TB
subgraph Steering["ποΈ STEERING COMMITTEE
(Strategic Direction)"] SC["Steering Committee
4 Senior Reps (1 per jurisdiction)
Monthly meetings"] end subgraph Technical["βοΈ TECHNICAL GOVERNANCE"] TB["Technical Board
All WG Leads + Architects
Bi-weekly"] SEC["Security Council
4 Security Leads
Weekly"] end subgraph Working["π₯ WORKING GROUPS (8 Domains)"] WG1["WG1: Platform
Engineering"] WG2["WG2: Compute &
Containers"] WG3["WG3: Storage &
Data"] WG4["WG4: Networking"] WG5["WG5: Security &
Identity"] WG6["WG6: Messaging &
Integration"] WG7["WG7: Observability"] WG8["WG8: Analytics"] end subgraph Jurisdictions["π JURISDICTION TEAMS"] UK["π¬π§ UK Team
~15 suppliers
~75 people"] EU["πͺπΊ EU Team
~96 suppliers
~480 people"] CA["π¨π¦ Canada Team
~9 suppliers
~45 people"] AU["π¦πΊ Australia Team
~6 suppliers
~30 people"] end SC --> TB SC --> SEC TB --> WG1 & WG2 & WG3 & WG4 TB --> WG5 & WG6 & WG7 & WG8 SEC --> WG5 WG1 --> UK & EU & CA & AU WG2 --> UK & EU & CA & AU WG3 --> UK & EU & CA & AU WG4 --> UK & EU & CA & AU WG5 --> UK & EU & CA & AU WG6 --> UK & EU & CA & AU WG7 --> UK & EU & CA & AU WG8 --> UK & EU & CA & AU style SC fill:#1d70b8,color:#fff style TB fill:#00703c,color:#fff style SEC fill:#d4351c,color:#fff style WG1 fill:#f3f2f1 style WG2 fill:#f3f2f1 style WG3 fill:#f3f2f1 style WG4 fill:#f3f2f1 style WG5 fill:#f3f2f1 style WG6 fill:#f3f2f1 style WG7 fill:#f3f2f1 style WG8 fill:#f3f2f1 style UK fill:#012169,color:#fff style EU fill:#003399,color:#fff style CA fill:#ff0000,color:#fff style AU fill:#00008B,color:#fff
(Strategic Direction)"] SC["Steering Committee
4 Senior Reps (1 per jurisdiction)
Monthly meetings"] end subgraph Technical["βοΈ TECHNICAL GOVERNANCE"] TB["Technical Board
All WG Leads + Architects
Bi-weekly"] SEC["Security Council
4 Security Leads
Weekly"] end subgraph Working["π₯ WORKING GROUPS (8 Domains)"] WG1["WG1: Platform
Engineering"] WG2["WG2: Compute &
Containers"] WG3["WG3: Storage &
Data"] WG4["WG4: Networking"] WG5["WG5: Security &
Identity"] WG6["WG6: Messaging &
Integration"] WG7["WG7: Observability"] WG8["WG8: Analytics"] end subgraph Jurisdictions["π JURISDICTION TEAMS"] UK["π¬π§ UK Team
~15 suppliers
~75 people"] EU["πͺπΊ EU Team
~96 suppliers
~480 people"] CA["π¨π¦ Canada Team
~9 suppliers
~45 people"] AU["π¦πΊ Australia Team
~6 suppliers
~30 people"] end SC --> TB SC --> SEC TB --> WG1 & WG2 & WG3 & WG4 TB --> WG5 & WG6 & WG7 & WG8 SEC --> WG5 WG1 --> UK & EU & CA & AU WG2 --> UK & EU & CA & AU WG3 --> UK & EU & CA & AU WG4 --> UK & EU & CA & AU WG5 --> UK & EU & CA & AU WG6 --> UK & EU & CA & AU WG7 --> UK & EU & CA & AU WG8 --> UK & EU & CA & AU style SC fill:#1d70b8,color:#fff style TB fill:#00703c,color:#fff style SEC fill:#d4351c,color:#fff style WG1 fill:#f3f2f1 style WG2 fill:#f3f2f1 style WG3 fill:#f3f2f1 style WG4 fill:#f3f2f1 style WG5 fill:#f3f2f1 style WG6 fill:#f3f2f1 style WG7 fill:#f3f2f1 style WG8 fill:#f3f2f1 style UK fill:#012169,color:#fff style EU fill:#003399,color:#fff style CA fill:#ff0000,color:#fff style AU fill:#00008B,color:#fff
Steering Committee
Technical Board
Security Council
Working Groups
Governance Bodies
| Body | Composition | Decision Authority | Cadence |
|---|---|---|---|
| Steering Committee | 1 senior rep per jurisdiction (CTO/Director level) | Budget, strategic priorities, production go-live approval | Monthly |
| Technical Board | All Working Group leads + Chief Architects | Architecture decisions, standards, interoperability | Bi-weekly |
| Security Council | Security lead from each jurisdiction | Security standards, incident response, pen test approval | Weekly |
| Working Groups | Domain experts from across jurisdictions | Technical specifications, code review, testing standards | Weekly |
Working Groups & Capability Ownership
graph LR
subgraph WG1["WG1: Platform Engineering"]
direction TB
WG1L["Lead: EU (Germany)"]
CAP_CS["CloudStack Core"]
CAP_TF["OpenTofu Providers"]
CAP_K8S["Kubernetes Service"]
end
subgraph WG2["WG2: Compute & Containers"]
direction TB
WG2L["Lead: EU (France)"]
CAP_VM["VM Compute"]
CAP_FAAS["FaaS (OpenFaaS)"]
CAP_CONT["Container Runtime"]
end
subgraph WG3["WG3: Storage & Data"]
direction TB
WG3L["Lead: UK"]
CAP_S3["Object Storage"]
CAP_BLOCK["Block Storage"]
CAP_FILE["File Storage"]
end
subgraph WG4["WG4: Networking"]
direction TB
WG4L["Lead: EU (Netherlands)"]
CAP_VPC["VPC/SDN"]
CAP_LB["Load Balancers"]
CAP_DNS["DNS Service"]
end
subgraph WG5["WG5: Security & Identity"]
direction TB
WG5L["Lead: UK"]
CAP_IAM["IAM (Keycloak)"]
CAP_KMS["KMS (OpenBao)"]
CAP_WAF["WAF/DDoS"]
end
subgraph WG6["WG6: Messaging"]
direction TB
WG6L["Lead: Canada"]
CAP_QUEUE["Message Queues"]
CAP_STREAM["Event Streaming"]
CAP_PUBSUB["Pub/Sub"]
end
subgraph WG7["WG7: Observability"]
direction TB
WG7L["Lead: Australia"]
CAP_MON["Monitoring"]
CAP_LOG["Logging"]
CAP_TRACE["Tracing"]
end
subgraph WG8["WG8: Databases"]
direction TB
WG8L["Lead: EU (Germany)"]
CAP_RDB["PostgreSQL"]
CAP_NOSQL["NoSQL"]
CAP_CACHE["Caching"]
end
style WG1 fill:#e3f2fd
style WG2 fill:#e8f5e9
style WG3 fill:#fff3e0
style WG4 fill:#fce4ec
style WG5 fill:#f3e5f5
style WG6 fill:#e0f2f1
style WG7 fill:#fff8e1
style WG8 fill:#e8eaf6
Working Group Responsibilities
| Working Group | Lead Jurisdiction | Capabilities Owned | Key Technologies |
|---|---|---|---|
| WG1: Platform Engineering | πͺπΊ EU (Germany) | CloudStack core, OpenTofu, K8s service | CloudStack, OpenTofu, CAPC |
| WG2: Compute & Containers | πͺπΊ EU (France) | VM compute, FaaS, container orchestration | KVM, OpenFaaS, Knative |
| WG3: Storage & Data | π¬π§ UK | Object, block, file storage | MinIO, Ceph, GlusterFS |
| WG4: Networking | πͺπΊ EU (Netherlands) | VPC, load balancing, DNS, CDN | OVS, HAProxy, PowerDNS |
| WG5: Security & Identity | π¬π§ UK | IAM, KMS, secrets, WAF | Keycloak, OpenBao, ModSecurity |
| WG6: Messaging & Integration | π¨π¦ Canada | Queues, streaming, pub/sub | RabbitMQ, Kafka, NATS |
| WG7: Observability | π¦πΊ Australia | Monitoring, logging, tracing | Prometheus, Loki, Jaeger |
| WG8: Databases | πͺπΊ EU (Germany) | Relational, NoSQL, caching | PostgreSQL, ScyllaDB, Valkey |
Capability Domain Map
graph TB
subgraph Platform["PLATFORM LAYER"]
CS[("βοΈ CloudStack
IaaS Foundation")] end subgraph Compute["COMPUTE DOMAIN"] VM["π₯οΈ VM Compute
(EC2 equiv)"] K8S["βΈοΈ Kubernetes
(EKS equiv)"] FAAS["β‘ FaaS
(Lambda equiv)"] end subgraph Storage["STORAGE DOMAIN"] OBJ["π¦ Object Storage
(S3 equiv)"] BLK["πΎ Block Storage
(EBS equiv)"] FILE["π File Storage
(EFS equiv)"] end subgraph Database["DATABASE DOMAIN"] PG["π PostgreSQL
(RDS equiv)"] NOSQL["π NoSQL
(DynamoDB equiv)"] CACHE["β‘ Cache
(ElastiCache equiv)"] end subgraph Network["NETWORK DOMAIN"] VPC["π VPC/SDN"] LB["βοΈ Load Balancer
(ALB/NLB equiv)"] DNS["π DNS
(Route53 equiv)"] CDN["π CDN
(CloudFront equiv)"] end subgraph Security["SECURITY DOMAIN"] IAM["π€ IAM
(Keycloak)"] KMS["π KMS
(OpenBao)"] WAF["π‘οΈ WAF/DDoS"] end subgraph Messaging["MESSAGING DOMAIN"] QUEUE["π¬ Queues
(SQS equiv)"] STREAM["π‘ Streaming
(Kinesis equiv)"] EVENTS["π¨ Events
(EventBridge equiv)"] end subgraph Observability["OBSERVABILITY DOMAIN"] MON["π Metrics
(CloudWatch equiv)"] LOG["π Logging
(CloudWatch Logs)"] TRACE["π Tracing
(X-Ray equiv)"] end CS --> VM & K8S & FAAS CS --> OBJ & BLK & FILE CS --> VPC VPC --> LB & DNS & CDN K8S --> PG & NOSQL & CACHE K8S --> IAM & KMS K8S --> QUEUE & STREAM & EVENTS K8S --> MON & LOG & TRACE IAM --> VM & K8S & OBJ KMS --> OBJ & BLK & PG style CS fill:#1d70b8,color:#fff style VM fill:#e3f2fd style K8S fill:#e3f2fd style FAAS fill:#e3f2fd style OBJ fill:#fff3e0 style BLK fill:#fff3e0 style FILE fill:#fff3e0 style PG fill:#e8f5e9 style NOSQL fill:#e8f5e9 style CACHE fill:#e8f5e9 style VPC fill:#fce4ec style LB fill:#fce4ec style DNS fill:#fce4ec style CDN fill:#fce4ec style IAM fill:#f3e5f5 style KMS fill:#f3e5f5 style WAF fill:#f3e5f5 style QUEUE fill:#e0f2f1 style STREAM fill:#e0f2f1 style EVENTS fill:#e0f2f1 style MON fill:#fff8e1 style LOG fill:#fff8e1 style TRACE fill:#fff8e1
IaaS Foundation")] end subgraph Compute["COMPUTE DOMAIN"] VM["π₯οΈ VM Compute
(EC2 equiv)"] K8S["βΈοΈ Kubernetes
(EKS equiv)"] FAAS["β‘ FaaS
(Lambda equiv)"] end subgraph Storage["STORAGE DOMAIN"] OBJ["π¦ Object Storage
(S3 equiv)"] BLK["πΎ Block Storage
(EBS equiv)"] FILE["π File Storage
(EFS equiv)"] end subgraph Database["DATABASE DOMAIN"] PG["π PostgreSQL
(RDS equiv)"] NOSQL["π NoSQL
(DynamoDB equiv)"] CACHE["β‘ Cache
(ElastiCache equiv)"] end subgraph Network["NETWORK DOMAIN"] VPC["π VPC/SDN"] LB["βοΈ Load Balancer
(ALB/NLB equiv)"] DNS["π DNS
(Route53 equiv)"] CDN["π CDN
(CloudFront equiv)"] end subgraph Security["SECURITY DOMAIN"] IAM["π€ IAM
(Keycloak)"] KMS["π KMS
(OpenBao)"] WAF["π‘οΈ WAF/DDoS"] end subgraph Messaging["MESSAGING DOMAIN"] QUEUE["π¬ Queues
(SQS equiv)"] STREAM["π‘ Streaming
(Kinesis equiv)"] EVENTS["π¨ Events
(EventBridge equiv)"] end subgraph Observability["OBSERVABILITY DOMAIN"] MON["π Metrics
(CloudWatch equiv)"] LOG["π Logging
(CloudWatch Logs)"] TRACE["π Tracing
(X-Ray equiv)"] end CS --> VM & K8S & FAAS CS --> OBJ & BLK & FILE CS --> VPC VPC --> LB & DNS & CDN K8S --> PG & NOSQL & CACHE K8S --> IAM & KMS K8S --> QUEUE & STREAM & EVENTS K8S --> MON & LOG & TRACE IAM --> VM & K8S & OBJ KMS --> OBJ & BLK & PG style CS fill:#1d70b8,color:#fff style VM fill:#e3f2fd style K8S fill:#e3f2fd style FAAS fill:#e3f2fd style OBJ fill:#fff3e0 style BLK fill:#fff3e0 style FILE fill:#fff3e0 style PG fill:#e8f5e9 style NOSQL fill:#e8f5e9 style CACHE fill:#e8f5e9 style VPC fill:#fce4ec style LB fill:#fce4ec style DNS fill:#fce4ec style CDN fill:#fce4ec style IAM fill:#f3e5f5 style KMS fill:#f3e5f5 style WAF fill:#f3e5f5 style QUEUE fill:#e0f2f1 style STREAM fill:#e0f2f1 style EVENTS fill:#e0f2f1 style MON fill:#fff8e1 style LOG fill:#fff8e1 style TRACE fill:#fff8e1
Capability Dependency Matrix
Capabilities must be developed in order of dependencies. The following shows the build sequence:
gantt
title Capability Development Sequence
dateFormat YYYY-MM
section Foundation
CloudStack Core :done, cs, 2025-01, 3M
VPC/Networking :done, vpc, 2025-01, 3M
IAM (Keycloak) :active, iam, 2025-02, 4M
KMS (OpenBao) :active, kms, 2025-02, 3M
section Storage
Block Storage :blk, after vpc, 2M
Object Storage (MinIO) :obj, after kms, 3M
File Storage :file, after blk, 2M
section Compute
VM Compute :vm, after vpc, 2M
Kubernetes Service :k8s, after vm, 4M
FaaS (OpenFaaS) :faas, after k8s, 3M
section Database
PostgreSQL Operator :pg, after k8s, 3M
NoSQL (ScyllaDB) :nosql, after k8s, 3M
Cache (Valkey) :cache, after k8s, 2M
section Networking
Load Balancer :lb, after vpc, 2M
DNS Service :dns, after vpc, 2M
API Gateway :apigw, after lb, 3M
section Messaging
Message Queue :mq, after k8s, 2M
Event Streaming :kafka, after k8s, 3M
section Observability
Monitoring (Prometheus) :mon, after k8s, 2M
Logging (Loki) :log, after obj, 2M
Tracing (Jaeger) :trace, after k8s, 2M
CI/CD Pipeline & Deployment Flow
flowchart TB
subgraph Developer["π¨βπ» DEVELOPER"]
DEV[Local Development]
COMMIT[Git Commit]
end
subgraph GitLab["π¦ SHARED GITLAB (EU-hosted)"]
MR[Merge Request]
REVIEW["Code Review
(2 approvers from
different jurisdictions)"] MERGE[Merge to Main] TAG[Release Tag] end subgraph Pipeline["π CI/CD PIPELINE"] subgraph Build["BUILD STAGE"] TF_BUILD[OpenTofu Validate] HELM_BUILD[Helm Lint/Package] CONTAINER[Container Build] end subgraph Test["TEST STAGE"] UNIT[Unit Tests] INTEGRATION[Integration Tests] PERF[Performance Tests] end subgraph Security["SECURITY STAGE"] SAST[SAST Scan] SCA[Dependency Scan] SECRETS[Secrets Scan] TFSEC[OpenTofu Scan] end end subgraph Staging["π§ͺ STAGING (All 4 Jurisdictions)"] UK_STG["π¬π§ UK Staging"] EU_STG["πͺπΊ EU Staging"] CA_STG["π¨π¦ CA Staging"] AU_STG["π¦πΊ AU Staging"] end subgraph Approval["β APPROVAL GATE"] WG_APPROVE["Working Group
Technical Sign-off"] SEC_APPROVE["Security Council
Security Sign-off"] JURIS_APPROVE["Jurisdiction Leads
(All 4 must approve)"] SC_APPROVE["Steering Committee
Production Go-Live"] end subgraph Production["π PRODUCTION (Independent)"] UK_PROD["π¬π§ UK Production"] EU_PROD["πͺπΊ EU Production"] CA_PROD["π¨π¦ CA Production"] AU_PROD["π¦πΊ AU Production"] end DEV --> COMMIT --> MR MR --> REVIEW --> MERGE MERGE --> Build --> Test --> Security Security -->|Pass| UK_STG & EU_STG & CA_STG & AU_STG Security -->|Fail| MR UK_STG & EU_STG & CA_STG & AU_STG --> WG_APPROVE WG_APPROVE --> SEC_APPROVE --> JURIS_APPROVE --> SC_APPROVE MERGE --> TAG TAG --> SC_APPROVE SC_APPROVE --> UK_PROD & EU_PROD & CA_PROD & AU_PROD style DEV fill:#e3f2fd style MR fill:#fff3e0 style REVIEW fill:#fff3e0 style Security fill:#ffebee style SAST fill:#ffcdd2 style SCA fill:#ffcdd2 style SECRETS fill:#ffcdd2 style TFSEC fill:#ffcdd2 style SC_APPROVE fill:#00703c,color:#fff style UK_PROD fill:#012169,color:#fff style EU_PROD fill:#003399,color:#fff style CA_PROD fill:#ff0000,color:#fff style AU_PROD fill:#00008B,color:#fff
(2 approvers from
different jurisdictions)"] MERGE[Merge to Main] TAG[Release Tag] end subgraph Pipeline["π CI/CD PIPELINE"] subgraph Build["BUILD STAGE"] TF_BUILD[OpenTofu Validate] HELM_BUILD[Helm Lint/Package] CONTAINER[Container Build] end subgraph Test["TEST STAGE"] UNIT[Unit Tests] INTEGRATION[Integration Tests] PERF[Performance Tests] end subgraph Security["SECURITY STAGE"] SAST[SAST Scan] SCA[Dependency Scan] SECRETS[Secrets Scan] TFSEC[OpenTofu Scan] end end subgraph Staging["π§ͺ STAGING (All 4 Jurisdictions)"] UK_STG["π¬π§ UK Staging"] EU_STG["πͺπΊ EU Staging"] CA_STG["π¨π¦ CA Staging"] AU_STG["π¦πΊ AU Staging"] end subgraph Approval["β APPROVAL GATE"] WG_APPROVE["Working Group
Technical Sign-off"] SEC_APPROVE["Security Council
Security Sign-off"] JURIS_APPROVE["Jurisdiction Leads
(All 4 must approve)"] SC_APPROVE["Steering Committee
Production Go-Live"] end subgraph Production["π PRODUCTION (Independent)"] UK_PROD["π¬π§ UK Production"] EU_PROD["πͺπΊ EU Production"] CA_PROD["π¨π¦ CA Production"] AU_PROD["π¦πΊ AU Production"] end DEV --> COMMIT --> MR MR --> REVIEW --> MERGE MERGE --> Build --> Test --> Security Security -->|Pass| UK_STG & EU_STG & CA_STG & AU_STG Security -->|Fail| MR UK_STG & EU_STG & CA_STG & AU_STG --> WG_APPROVE WG_APPROVE --> SEC_APPROVE --> JURIS_APPROVE --> SC_APPROVE MERGE --> TAG TAG --> SC_APPROVE SC_APPROVE --> UK_PROD & EU_PROD & CA_PROD & AU_PROD style DEV fill:#e3f2fd style MR fill:#fff3e0 style REVIEW fill:#fff3e0 style Security fill:#ffebee style SAST fill:#ffcdd2 style SCA fill:#ffcdd2 style SECRETS fill:#ffcdd2 style TFSEC fill:#ffcdd2 style SC_APPROVE fill:#00703c,color:#fff style UK_PROD fill:#012169,color:#fff style EU_PROD fill:#003399,color:#fff style CA_PROD fill:#ff0000,color:#fff style AU_PROD fill:#00008B,color:#fff
Security Gates (Pipeline Blockers)
flowchart LR
subgraph Gates["π‘οΈ MANDATORY SECURITY GATES"]
G1["SAST
(Semgrep)
Block: HIGH/CRITICAL"] G2["Dependency Scan
(Trivy)
Block: CRITICAL CVE"] G3["Secrets Scan
(Gitleaks)
Block: Any Secret"] G4["OpenTofu Scan
(tfsec)
Block: HIGH/CRITICAL"] G5["Container Scan
(Trivy)
Block: CRITICAL CVE"] G6["DAST
(OWASP ZAP)
Block: HIGH Risk"] end CODE[Code] --> G1 --> G2 --> G3 --> G4 --> G5 --> STAGING STAGING[Staging] --> G6 --> PROD[Production] G1 -->|FAIL| BLOCK1[β Pipeline Blocked] G2 -->|FAIL| BLOCK2[β Pipeline Blocked] G3 -->|FAIL| BLOCK3[β Pipeline Blocked + Alert] G4 -->|FAIL| BLOCK4[β Pipeline Blocked] G5 -->|FAIL| BLOCK5[β Pipeline Blocked] G6 -->|FAIL| BLOCK6[β Production Blocked] style G1 fill:#ffcdd2 style G2 fill:#ffcdd2 style G3 fill:#ffcdd2 style G4 fill:#ffcdd2 style G5 fill:#ffcdd2 style G6 fill:#ffcdd2 style BLOCK1 fill:#d4351c,color:#fff style BLOCK2 fill:#d4351c,color:#fff style BLOCK3 fill:#d4351c,color:#fff style BLOCK4 fill:#d4351c,color:#fff style BLOCK5 fill:#d4351c,color:#fff style BLOCK6 fill:#d4351c,color:#fff style PROD fill:#00703c,color:#fff
(Semgrep)
Block: HIGH/CRITICAL"] G2["Dependency Scan
(Trivy)
Block: CRITICAL CVE"] G3["Secrets Scan
(Gitleaks)
Block: Any Secret"] G4["OpenTofu Scan
(tfsec)
Block: HIGH/CRITICAL"] G5["Container Scan
(Trivy)
Block: CRITICAL CVE"] G6["DAST
(OWASP ZAP)
Block: HIGH Risk"] end CODE[Code] --> G1 --> G2 --> G3 --> G4 --> G5 --> STAGING STAGING[Staging] --> G6 --> PROD[Production] G1 -->|FAIL| BLOCK1[β Pipeline Blocked] G2 -->|FAIL| BLOCK2[β Pipeline Blocked] G3 -->|FAIL| BLOCK3[β Pipeline Blocked + Alert] G4 -->|FAIL| BLOCK4[β Pipeline Blocked] G5 -->|FAIL| BLOCK5[β Pipeline Blocked] G6 -->|FAIL| BLOCK6[β Production Blocked] style G1 fill:#ffcdd2 style G2 fill:#ffcdd2 style G3 fill:#ffcdd2 style G4 fill:#ffcdd2 style G5 fill:#ffcdd2 style G6 fill:#ffcdd2 style BLOCK1 fill:#d4351c,color:#fff style BLOCK2 fill:#d4351c,color:#fff style BLOCK3 fill:#d4351c,color:#fff style BLOCK4 fill:#d4351c,color:#fff style BLOCK5 fill:#d4351c,color:#fff style BLOCK6 fill:#d4351c,color:#fff style PROD fill:#00703c,color:#fff
Organisation by Jurisdiction
graph TB
subgraph UK["π¬π§ UNITED KINGDOM"]
UK_GOV["UK Government
Digital Service"] UK_LEAD["UK Technical Lead"] UK_SEC["UK Security Lead
(NCSC aligned)"] UK_SUP["~15 UK Suppliers
(~75 people)"] UK_GOV --> UK_LEAD UK_LEAD --> UK_SEC UK_LEAD --> UK_SUP UK_CAP["UK-Led Capabilities:
β’ Object Storage (MinIO)
β’ IAM (Keycloak)
β’ KMS (OpenBao)
β’ Security Hardening"] end subgraph EU["πͺπΊ EUROPEAN UNION"] EU_GOV["EU Digital
Commission"] EU_LEAD["EU Technical Lead
(DE/FR rotation)"] EU_SEC["EU Security Lead
(ENISA aligned)"] EU_SUP["~96 EU Suppliers
(~480 people)"] EU_GOV --> EU_LEAD EU_LEAD --> EU_SEC EU_LEAD --> EU_SUP EU_CAP["EU-Led Capabilities:
β’ CloudStack Core
β’ Kubernetes Service
β’ PostgreSQL Operator
β’ VPC/Networking
β’ FaaS Platform"] end subgraph CA["π¨π¦ CANADA"] CA_GOV["Treasury Board
Secretariat"] CA_LEAD["CA Technical Lead"] CA_SEC["CA Security Lead
(CSE aligned)"] CA_SUP["~9 CA Suppliers
(~45 people)"] CA_GOV --> CA_LEAD CA_LEAD --> CA_SEC CA_LEAD --> CA_SUP CA_CAP["CA-Led Capabilities:
β’ Message Queues
β’ Event Streaming
β’ Bilingual Support
β’ Edge Computing"] end subgraph AU["π¦πΊ AUSTRALIA"] AU_GOV["Digital
Transformation Agency"] AU_LEAD["AU Technical Lead"] AU_SEC["AU Security Lead
(ASD aligned)"] AU_SUP["~6 AU Suppliers
(~30 people)"] AU_GOV --> AU_LEAD AU_LEAD --> AU_SEC AU_LEAD --> AU_SUP AU_CAP["AU-Led Capabilities:
β’ Monitoring Stack
β’ Logging Platform
β’ DR Patterns
β’ PSPF Compliance"] end UK_LEAD <-.->|"Bi-weekly sync"| EU_LEAD EU_LEAD <-.->|"Bi-weekly sync"| CA_LEAD CA_LEAD <-.->|"Bi-weekly sync"| AU_LEAD AU_LEAD <-.->|"Bi-weekly sync"| UK_LEAD style UK fill:#f0f4ff style EU fill:#f0f4ff style CA fill:#fff0f0 style AU fill:#f0f4ff style UK_GOV fill:#012169,color:#fff style EU_GOV fill:#003399,color:#fff style CA_GOV fill:#ff0000,color:#fff style AU_GOV fill:#00008B,color:#fff
Digital Service"] UK_LEAD["UK Technical Lead"] UK_SEC["UK Security Lead
(NCSC aligned)"] UK_SUP["~15 UK Suppliers
(~75 people)"] UK_GOV --> UK_LEAD UK_LEAD --> UK_SEC UK_LEAD --> UK_SUP UK_CAP["UK-Led Capabilities:
β’ Object Storage (MinIO)
β’ IAM (Keycloak)
β’ KMS (OpenBao)
β’ Security Hardening"] end subgraph EU["πͺπΊ EUROPEAN UNION"] EU_GOV["EU Digital
Commission"] EU_LEAD["EU Technical Lead
(DE/FR rotation)"] EU_SEC["EU Security Lead
(ENISA aligned)"] EU_SUP["~96 EU Suppliers
(~480 people)"] EU_GOV --> EU_LEAD EU_LEAD --> EU_SEC EU_LEAD --> EU_SUP EU_CAP["EU-Led Capabilities:
β’ CloudStack Core
β’ Kubernetes Service
β’ PostgreSQL Operator
β’ VPC/Networking
β’ FaaS Platform"] end subgraph CA["π¨π¦ CANADA"] CA_GOV["Treasury Board
Secretariat"] CA_LEAD["CA Technical Lead"] CA_SEC["CA Security Lead
(CSE aligned)"] CA_SUP["~9 CA Suppliers
(~45 people)"] CA_GOV --> CA_LEAD CA_LEAD --> CA_SEC CA_LEAD --> CA_SUP CA_CAP["CA-Led Capabilities:
β’ Message Queues
β’ Event Streaming
β’ Bilingual Support
β’ Edge Computing"] end subgraph AU["π¦πΊ AUSTRALIA"] AU_GOV["Digital
Transformation Agency"] AU_LEAD["AU Technical Lead"] AU_SEC["AU Security Lead
(ASD aligned)"] AU_SUP["~6 AU Suppliers
(~30 people)"] AU_GOV --> AU_LEAD AU_LEAD --> AU_SEC AU_LEAD --> AU_SUP AU_CAP["AU-Led Capabilities:
β’ Monitoring Stack
β’ Logging Platform
β’ DR Patterns
β’ PSPF Compliance"] end UK_LEAD <-.->|"Bi-weekly sync"| EU_LEAD EU_LEAD <-.->|"Bi-weekly sync"| CA_LEAD CA_LEAD <-.->|"Bi-weekly sync"| AU_LEAD AU_LEAD <-.->|"Bi-weekly sync"| UK_LEAD style UK fill:#f0f4ff style EU fill:#f0f4ff style CA fill:#fff0f0 style AU fill:#f0f4ff style UK_GOV fill:#012169,color:#fff style EU_GOV fill:#003399,color:#fff style CA_GOV fill:#ff0000,color:#fff style AU_GOV fill:#00008B,color:#fff
Supplier Distribution
pie showData
title Supplier Distribution by Jurisdiction
"EU (96 suppliers)" : 96
"UK (15 suppliers)" : 15
"Canada (9 suppliers)" : 9
"Australia (6 suppliers)" : 6
Capability Allocation by Jurisdiction
pie showData
title Capability Ownership Distribution
"EU-Led (18 capabilities)" : 18
"UK-Led (9 capabilities)" : 9
"Canada-Led (5 capabilities)" : 5
"Australia-Led (4 capabilities)" : 4
| Jurisdiction | Suppliers | People | Capabilities Led | Focus Areas |
|---|---|---|---|---|
| πͺπΊ European Union | ~96 | ~480 | 18 (~50%) | CloudStack core, Kubernetes, databases, networking, GDPR tooling |
| π¬π§ United Kingdom | ~15 | ~75 | 9 (~25%) | Security (IAM, KMS, OpenBao), GDS patterns, storage services |
| π¨π¦ Canada | ~9 | ~45 | 5 (~14%) | Messaging, streaming, bilingual support, Arctic edge |
| π¦πΊ Australia | ~6 | ~30 | 4 (~11%) | Observability, DR patterns, PSPF compliance, APAC optimization |
Communication Channels
flowchart LR
subgraph Async["π ASYNCHRONOUS"]
GITLAB["GitLab
(Code, Issues, MRs)"] DOCS["MkDocs Portal
(Documentation)"] MATRIX["Matrix/Element
(Chat, Alerts)"] end subgraph Sync["π SYNCHRONOUS"] JITSI["Jitsi Meet
(Video Calls)"] SUMMIT["Annual Summit
(In-person, rotating)"] end subgraph Cadence["π MEETING CADENCE"] DAILY["Daily Standups
(Within teams)"] WEEKLY["Weekly WG Calls
(Working Groups)"] BIWEEKLY["Bi-weekly Board
(Technical Board)"] MONTHLY["Monthly Steering
(Steering Committee)"] ANNUAL["Annual Summit
(All hands)"] end GITLAB --> MATRIX DOCS --> MATRIX MATRIX --> JITSI JITSI --> SUMMIT style GITLAB fill:#fc6d26,color:#fff style MATRIX fill:#0dbd8b,color:#fff style JITSI fill:#1location70b8,color:#fff
(Code, Issues, MRs)"] DOCS["MkDocs Portal
(Documentation)"] MATRIX["Matrix/Element
(Chat, Alerts)"] end subgraph Sync["π SYNCHRONOUS"] JITSI["Jitsi Meet
(Video Calls)"] SUMMIT["Annual Summit
(In-person, rotating)"] end subgraph Cadence["π MEETING CADENCE"] DAILY["Daily Standups
(Within teams)"] WEEKLY["Weekly WG Calls
(Working Groups)"] BIWEEKLY["Bi-weekly Board
(Technical Board)"] MONTHLY["Monthly Steering
(Steering Committee)"] ANNUAL["Annual Summit
(All hands)"] end GITLAB --> MATRIX DOCS --> MATRIX MATRIX --> JITSI JITSI --> SUMMIT style GITLAB fill:#fc6d26,color:#fff style MATRIX fill:#0dbd8b,color:#fff style JITSI fill:#1location70b8,color:#fff
All communication infrastructure is self-hosted on sovereign infrastructure. No US-controlled services (Slack, Zoom, GitHub) are used for cooperative coordination.
Related Documentation
- Procurement & Delivery Framework - Full tender and delivery process
- CloudStack Use Cases - Technical implementation details
- Governance Model - Detailed governance structure