仅欧洲替代方案 Fly.io.
Fly.io ("Fly") is a US-headquartered edge compute platform that runs Firecracker microVMs in 30+ regions including Amsterdam, Frankfurt, Paris, Madrid and Stockholm. Fly Inc. is a Delaware corporation, the EU regions are EU-located but US-controlled, and the CLOUD Act applies. Fly's technical approach (microVMs at the edge, near-instant cold start, simple `fly deploy`) is genuinely innovative; replacing it with a sovereign EU stack means trading that specific multi-region edge model for either a region-fixed deployment or a self-managed equivalent on EU infrastructure.
"欧盟区域"不等于主权。四个问题决定一切。
数据驻留告诉你数据在哪里。主权告诉你哪个法律体系可以强制访问。四个答案都必须成立——否则该技术栈就不主权。
数据物理存储在哪里?
不是"在云中"——而是哪个数据中心、在哪个国家、受哪个司法管辖区管辖。
您的数据路径中还有谁?
每一个接触数据的供应商:CDN、邮件中继、错误追踪、分析管道。
哪些法律可以强制披露?
美国总部的供应商受 FISA 702 和 CLOUD Act 管辖——即使数据存放在法兰克福。
谁实际持有加密密钥?
如果云供应商同时持有数据和密钥,无论 DPA 如何,他们都能读取数据。
在司法管辖权和密钥托管上失败。
欧盟数据、美国母公司、默认路径中的美国次级处理者、供应商管理的密钥。
四项全部通过。
托管在欧盟、由欧盟总部基础设施提供。默认路径中零美国次级处理者。客户持有或欧盟 KMS 密钥。在您的第 28 条 DPA 中按名称列出。
为什么团队正在退出 Fly.io
Fly.io exits we have scoped come from regulated workloads (healthcare SaaS, fintech) where the multi-region edge pattern was nice-to-have but the US-jurisdictional processor was a blocker. The honest answer for these workloads: most don't actually need 30 regions, they need 2-3 EU regions with low latency. That requirement is met by Hetzner Falkenstein + Hetzner Helsinki, or OVH Roubaix + Frankfurt, with a CDN like Bunny.net for static assets — which collectively serves EU users with sub-50ms latency and full EU jurisdiction.
Fly.io 服务及其仅欧盟等效方案
迁移不是"换一个盒子"。下面的映射是我们为离开以下平台的客户运行的 Fly.io 基于 Schrems II — 完全欧盟司法管辖权,数据路径中没有美国母公司。
| Fly.io 服务 | 仅欧盟替代方案 | 工程说明 |
|---|---|---|
| Fly Machines (microVMs) | Hetzner Cloud, OVH Public Cloud, Scaleway, self-hosted Firecracker on EU bare metal | For most workloads, regular VMs with multi-region deployment via DNS GeoIP cover the use case. For true microVM-per-request, self-hosted Firecracker on EU compute is the sovereign answer. |
| Fly Apps (PaaS layer) | Coolify on Hetzner with multi-server clustering, Scaleway Serverless Containers, Dokku | Coolify's multi-server feature handles multi-region deployment patterns. |
| Fly Postgres (clustered) | OVH Managed PostgreSQL with replicas, Aiven multi-region EU, self-managed Patroni cluster | Patroni on EU compute is the open-source pattern that powers Fly's own Postgres offering. |
| Fly Redis (Upstash) | OVH Managed Redis, Aiven Redis, Dragonfly self-hosted | Note: Upstash itself is US-headquartered, so Fly Redis is US-on-US. |
| Fly Volumes | Hetzner Volumes, OVH Block Storage, Scaleway Block Storage | Standard NVMe-backed volumes; size-equivalent. |
| Fly Proxy (Anycast) | Bunny.net + EU origin, Cloudflare → Bunny migration first, self-managed Anycast on EU IXP peering | Bunny.net offers Anycast routing across EU; for true global Anycast on EU jurisdiction, self-managed via BGP at an IXP is the path. |
| Fly Postgres failover (multi-region) | Patroni multi-region on EU compute, OVH Multi-AZ Postgres | For EU-only multi-region (e.g. NL + DE active-active with regional failover), Patroni handles it. |
| Fly Secrets | Hashicorp Vault on EU infra, Coolify environment variables, Doppler self-hosted | Vault is the production-grade answer for any non-trivial secrets workload. |
| flyctl / fly deploy DX | Coolify CLI, GitLab CI deploy steps, custom Docker push to Scaleway | The DX gap is real but closeable. Coolify's `coolify deploy` is the closest equivalent. |
| Fly LiteFS (replicated SQLite) | Self-hosted LiteFS on EU compute, rqlite, dqlite | LiteFS is open-source; self-host on Hetzner with multi-region replication. |
我们如何迁移离开 Fly.io
典型的中端市场迁移分三个阶段进行。以下数字假设一个 6-10 人的工程团队和中等复杂的应用程序技术栈。
Region strategy decision
Audit which Fly regions you actually use and which ones serve real traffic. For most EU-customer-facing apps, 2-3 EU regions cover it; for global apps, decide on the multi-region pattern (DNS GeoIP, Anycast, regional failover).
Database + storage migration
Fly Postgres replicated to EU managed PostgreSQL or Patroni cluster. Volumes mirrored. Secrets moved to Vault.
App cutover
Apps redeployed on Coolify or Scaleway. DNS migrated to GeoIP routing if multi-region needed. Fly account decommissioned after verification window.
5-year TCO on Fly exits varies more than other US-cloud exits because Fly's pricing model is unusual (per-second microVM billing). For steady-state workloads, Hetzner is dramatically cheaper. For very spiky workloads with long idle periods, Fly's scale-to-zero is hard to match cost-effectively in the EU sovereign space without serverless options like Scaleway Serverless Containers.
常见问题
Fly's "no surveillance" marketing — does it actually mean sovereignty?
Fly.io has been transparent about not being on the US hyperscaler critical-infrastructure surveillance lists. That's an operational claim, not a jurisdictional one. As a US Delaware corporation, Fly is subject to the CLOUD Act regardless of how they market themselves. The legal exposure is the same as any other US-jurisdictional provider.
How do we replace the "microVM cold start" feature?
For most workloads, microVM cold start is a nice-to-have rather than a hard requirement. If you genuinely need it, self-hosted Firecracker on EU compute (the same technology Fly uses) is the path. We deploy this for clients with specific microVM needs.
What about LiteFS for SQLite at the edge?
LiteFS is open-source. Self-host on EU compute with multi-region replication. The migration is mostly mechanical because LiteFS uses standard SQLite under the hood.
How long does a Fly.io exit take?
For a typical workload (a few apps, a Postgres cluster, some volumes): 2–4 weeks elapsed. For multi-region setups with Anycast and LiteFS: 4–8 weeks. The biggest schedule risk is replicating the multi-region pattern, not the technical work itself.
Are there any genuinely Fly-like EU options?
Not yet a 1:1 match in the EU sovereign space. The closest combination is Coolify multi-server + DNS GeoIP for routing + EU managed Postgres. It's not as polished as Fly's integrated experience, but it's sovereign and operationally simpler at the cost of some DX.
What about Fly's GPU offering?
Fly's GPU instances (A10, L40S) compete in inference workloads. Scaleway H100 instances are the EU sovereign alternative for current-generation GPU compute. For older generations, Hetzner has competitive pricing.