Uncategorized

Keeping Sovereignty on Track: How France’s National Railway Runs on Open Source

At KubeCon CloudNativeCon Europe, SNCF demonstrated how combining Kubernetes and OpenStack enables large-scale, sovereign cloud infrastructure, balancing public cloud flexibility with on-prem control to support critical national operations.

April 13, 2026
SetWidth100 AllisonPrice
image

When Thomas Comtet took the keynote stage at KubeCon + CloudNativeCon Europe 2026 in Amsterdam, he opened with a set of numbers that put the room in perspective. SNCF, France’s national railway operator, employs 284,000 people worldwide, carries five million passengers every single day, operates 15,000 trains daily, and runs more than 2,000 applications in production. It is among the world’s largest mass transit operators, and its Île-de-France commuter network alone ranks as the second-busiest in the world after Tokyo’s.

For an organization of that scale, security, reliability, safety, and cybersecurity are existential concerns. So when the conversation turns to digital sovereignty, SNCF has a very particular take on the subject.

“At SNCF, we use a slightly different terminology,” Comtet told the audience. “We prefer to call it strategic autonomy, something more into action and less royalist.”

That framing shaped the entire keynote, delivered jointly by Comtet, Head of Container and Cloud Native Platforms at SNCF, and Yann Rotilio, Senior Staff Engineer and Kubernetes Specialist. Their message was clear: sovereignty for SNCF has never been about retreating behind the walls of a private data center. It is about assembling valuable, reliable, interchangeable, and non-toxic solutions into platforms where applications can be wisely hosted, whether in public clouds, private clouds, or at the edge.

From Cloud Migration to Cloud Maturity

SNCF’s cloud transformation story began in 2018 with the launch of a large-scale migration program. Eight years later, the results speak for themselves. Today, 70% of SNCF’s 2,000-plus applications run across public clouds, modernized through containers, serverless architectures, and managed services. The remaining 30% stay in SNCF’s own data centers, placed there through a systematic application classification process that determines which workloads are permitted to move to the public cloud and which must remain on-premises.

The technology mix tells its own story: roughly 45% of applications rely on fully managed cloud services, 30% are cloud-native workloads, and 25% run on virtual machines or bare metal. Comtet noted that even after eight years of running Kubernetes clusters, demand from internal teams continues to grow. “We’re now working with the late majority of our internal adopters,” he said, “and the demand is still skyrocketing.”

Kubernetes as the Control Plane

Kubernetes quickly became a central pillar of SNCF’s transformation. The company now operates more than 200 Kubernetes clusters across Azure and AWS, with Kubernetes powering roughly 30% of its application portfolio. But what SNCF learned along the way was more than just operational.

“Kubernetes is not just a container orchestrator,” the keynote abstract explains. “It is the control plane for modern application platforms.” SNCF discovered that Kubernetes performs best when it runs on infrastructure that is predictable, programmable, and fully under your control. Networking, storage, compute, and load balancing all need to be designed to serve Kubernetes rather than constrain it.

That insight became the guiding principle for SNCF’s private cloud strategy.

Why OpenStack

To bring public-cloud-grade capabilities to its on-premises workloads, SNCF needed an infrastructure layer that could deliver full automation and programmability beneath Kubernetes. In 2023, the team selected OpenStack.

The decision was deliberate. OpenStack provides the foundation that enables SNCF to deliver a cloud-native platform with public cloud parity while maintaining its sovereignty and governance requirements. It also serves a second, equally important purpose: providing straightforward VM-based infrastructure for workloads that do not need the complexity of a container orchestration platform. As the keynote abstract put it, “simple solutions for simple needs.”

The final slide of the presentation told that story visually, listing the full roster of OpenStack projects SNCF uses in production: Keystone, Nova, Glance, Neutron, Horizon, Cinder, Heat, Telemetry, Swift, Ironic, Trove, Kolla, Magnum, Sahara, Barbican, TripleO, and Zaqar. It is a comprehensive deployment by any measure.

From Draisine to TGV

One of the keynote’s most memorable moments came from Rotilio, who used a railway metaphor to describe how SNCF’s on-premises Kubernetes capabilities have evolved. When the team first created on-prem clusters six years ago, infrastructure options were limited. The result was operational and resilient, but it fell far short of being a practical alternative to managed public cloud services.

“We didn’t want a ‘Draisine,’” Rotilio said, referencing the hand-powered rail cart. “We needed a TGV.”  Train à Grande Vitesse is a high-speed train capable of reaching up to 320 km/h (200 mph).

The problem, he explained, was automation. So the team decided to rebuild everything from scratch, “purposefully assembling layer upon layer of modern open source foundations” to expand the platform’s capabilities. The keynote slides illustrated this transformation through a spider chart spanning five dimensions: app automation, control-plane management, node lifecycle, load balancing, and storage. The early platform barely registered on any axis. The rebuilt version, powered by what Rotilio described as “cloud native integration,” filled the chart almost completely.

That bedrock of open source projects includes not just OpenStack but also a wide array of Cloud Native Computing Foundation (CNCF) tools: Helm, KEDA, OPA, ORAS, and many others, all selected because they meet SNCF’s criteria of being valuable, reliable, interchangeable, and non-toxic.

Recognition on the KubeCon Stage

SNCF’s work did not go unnoticed by the broader community. At the same KubeCon event, the CNCF recognized SNCF with its 2026 Top End User Award for the company’s large-scale cloud migration and innovative private cloud strategy. The award citation highlighted how SNCF uses Kubernetes as a unified abstraction layer across public and private environments and specifically called out OpenStack’s role in providing public-cloud parity, full automation, and operational control.

It is the kind of validation that underscores a point the OpenInfra community has been making for years: OpenStack and Kubernetes are not competing technologies. They are complementary layers in a modern infrastructure stack, and organizations operating at scale are proving that every day. A combination we often refer to as the OpenInfra Blueprint, an open source infrastructure combination that has become a standard in the global market. 

What Comes Next

The overall result of SNCF’s journey, as the speakers described it, is a high-performance, open source platform where Kubernetes serves as the consistent abstraction layer across every environment, public and private alike. Applications can be modernized at scale while the organization retains full control of its infrastructure’s future.

For an operator responsible for the safety and mobility of millions of people every day, that combination of agility and control is what strategic autonomy actually looks like in practice. And for the open source community, SNCF’s story is a powerful reminder that the projects we build together run some of the most critical infrastructure on the planet.

Allison Price
Latest posts by Allison Price (see all)