ClusterMAX Named vCluster as a Security Requirement

AI Cloud providers are being evaluated against 142 criteria. Whether or not they know it.

SemiAnalysis is the leading AI infrastructure research firm. Their ClusterMAX framework is a 142-point rating system built specifically to help enterprise AI buyers evaluate GPU cloud providers. It covers 10 dimensions: security, lifecycle, orchestration, storage, networking, reliability, monitoring, pricing, partnerships, and availability. Each criterion represents a concrete expectation, not a preference, but a measurable requirement. Providers are scored against all of them.

Enterprise buyers are using ClusterMAX to shortlist vendors, set procurement requirements, and hold providers to documented standards. For AI Cloud operators, your ClusterMAX score is entering sales conversations whether you are tracking it or not.

We mapped how vCluster Platform helps providers address each of the 142 criteria: directly, via integration, or on the roadmap. We published the full breakdown at vcluster.com/clustermax. But before we get to the numbers, the criterion that matters most is not one we put there ourselves.

vCluster is named in the security criteria

In the Security category, ClusterMAX includes this requirement:

"vCluster or similar isolation beyond container-based only"

This is not an example. It is not a suggestion. It is a stated security criterion that AI Cloud providers are evaluated against. SemiAnalysis identified tenant cluster isolation as a requirement for serving enterprise customers and named vCluster as the reference implementation.

Container namespaces are not enough. Providers running shared GPU workloads across tenants with container-only isolation fail this criterion. The ClusterMAX Security category flags the absence of tenant cluster isolation as a critical failure, meaning providers cannot serve the primary market their business is designed for.

How vCluster maps to ClusterMAX

We audited all 142 ClusterMAX criteria against vCluster Platform's capabilities. The result: 87 criteria addressed, either directly, via integration, or on the roadmap.

Across the 10 categories:

Security: Dedicated control plane and worker nodes per tenant, kernel-level isolation via vNode, automated network isolation at provisioning.

Lifecycle: Production-ready tenant GPU clusters via vCluster Templates. GPU Operator, MOFED, and driver stack deployed and maintained fleet-wide.

Orchestration: Self-service Kubernetes with kubeconfig delivered at provisioning, SSO and RBAC isolated per tenant, GPU device assignment automatic.

Storage: PVC, hostPath, and S3 work natively. Automated backups with configurable retention. VolumeSnapshot support built in.

Networking: IB and RoCEv2 fabric automation via Netris. SHARP collective operations supported.

Reliability: GPU health via DCGM, XID, ECC, thermal, PCIe, and NVLink all monitored per tenant. IB fabric health via Netris-UFM integration.

Monitoring: Multi-tenant observability stack based on Grafana and Prometheus. Validated dashboards for GPU and control plane metrics.

Pricing: Per-tenant usage metering via vBilling and DCGM. Chargeback and showback require an external billing integration.

Partnerships: Full CNCF ecosystem compatibility. GPU Operator, DCGM, and IB/RoCEv2 stack enable NCP technical requirements for operators.

Availability: Hardware-agnostic provisioning via vMetal. H100, H200, B200, and NVL72 all register without platform changes.

If you want a step-by-step walkthrough of how to use vCluster to address these criteria and work toward a ClusterMAX Gold rating, the full guide is here: Achieving ClusterMAX Gold with vCluster.

What this means if you run an AI cloud

Your ClusterMAX score reflects your infrastructure choices. Providers who built on vCluster to deliver tenant cluster isolation arrive at an evaluation with the hardest security criterion already met and a named advantage in the framework enterprise buyers are reading.

Providers who have not may want to understand what closing that gap looks like.

The full breakdown is at vcluster.com/clustermax. Every criterion, how we address it, and where we are still building.

vCluster Platform gives AI Cloud providers the infrastructure layer to address ClusterMAX criteria at scale. See the full coverage breakdown.