Day 1 - Talks

Welcome speech by Marius Feldmann, ALASCA's Chairman of the Board

Marius Feldmann
ALASCA e.V.

Keynote by ALASCA Summit's gold sponsor Yorizon GmbH & Co. KG

Keynote by ALASCA Summit's gold sponsor UhuruTec AG

Keynote by ALASCA Summit's gold sponsor secunet Security Networks GmbH 

09:50-10:00
Gerhard Bader
Yorizon GmbH & Co. KG

10:00-10:10
Matthias Haag
UhuruTec AG

10:10-10:20
Kai Martius 
secunet Security Networks AG

This talk will provide insight into the project ALASCA FOCIS, funded by the SMWA, in order to drive forward the further development, demonstration and dissemination of open source software and standards for cloud services in the Saxon ecosystem. A central concern of this project is the active involvement of regional and supraregional organisations, universities and small and medium-sized enterprises in the development process.

This talk covers the overall project goals, the current status after about half of its runtime as well as our plans for the upcoming months. 

As it is one of our most important project goals, we are excited to present the first of two demonstrators of the ALASCA stack - an SCS-standard conform Cluster for our ALASCA community.

10:40-10:50

Matthias Büchse 
ALASCA FOCIS

OpenStack is powerful - but often frustratingly incomplete. During the ALASCA Hackathon in Stuttgart, we set out to fill one of its more obvious gaps: a billing dashboard that shows how much each customer's virtual machines actually cost. The feature you need when your customers only knew AWS before.

Instead of reinventing the interface, we built a standalone, extensible UI using our open-source framework raclette. It adds missing features today and lays the foundation for even more features tomorrow: simplified views, reimagined workflows, or entirely new capabilities.

10:50-11:00

Michelle Fuchs
Pacifico Digital Explorations GmbH

Coffee Break

Digital sovereignty goes far beyond data sovereignty. In discussions with the industry, the Sovereign Cloud Stack project has worked out three more areas that need addressing for infrastructure platforms:

  1. Technical standards that ensure the provider switching capability
  2. A complete, modular openly developed open source implementation of these standards in production grade software
  3. Knowledge building and transparency especially on operations of such infrastructure.


The presentation will start with a short overview and then deep dive into the technology decisions taken for the reference implementation and answer the following questions: 

  • Why have we chosen Kubernetes?
  • Why did we put Kubernetes on a virtualisation layer?
  • How do we judge what software components are eligilble to become part of the reference implementation?
  • How do we avoid fragmentation and keep providers alilgned?
  • What tools and processes help us with being predictable?
  • How do we achieve a high level of security? How do Reviews, Pipelines and the CI process work?

 

We'll also give an honest view on what worked out better than anticipated and what technical challenges remain to be solved.

Kurt Garloff
s7n Cloud Services GmbH

Cluster API is great for spinning up Kubernetes clusters, but it leaves organisations hanging when it comes to production operations. Teams still need to figure out node images, configure CNI/CSI drivers, handle upgrades safely, and manage all the moving pieces that make clusters actually work.

SCS ClusterStacks builds on top of CAPI to solve these real problems. It packages everything together-Kubernetes config, node images, and core components-into tested, versioned stacks that just work. No more stitching together random components and hoping they play nicely.

This talk will demo both approaches live, show where vanilla CAPI falls short, and explain why ClusterStacks is exactly the kind of operational tooling ALASCA should be pushing. It's open source, production-ready, and gives organisations full control without vendor lock-in-perfect for digital sovereignty.

The problem? Nobody knows about ClusterStacks. While CAPI gets all the CNCF spotlight, this genuinely better solution sits in the shadows. ALASCA could change that.

Key topics:

  • Why CAPI alone isn't enough for production
  • How ClusterStacks fixes the operational gaps
  • Why this matters for ALASCA's mission
  • What we should do about it

Karsten Samaschke 
VanillaCore GmbH 

Martin Pilka
dNation Cloud

Following up on our ALASCA Round Table in March, we are reopening the discussion on European Initiatives towards a digitally sovereign cloud solution and want to keep the conversation going on the future prospects and challenges that still need to be overcome on the path to digital sovereignty in order to ensure future progress.

Moderator:
tbd.

Stephan Ilaender
STACKIT GmbH & Co. KG

Christian Berendt 23Technologies GmbH

Kurt Garloff
s7n Cloud Services GmbH

Lunch Break

Open source software is a key enabler to gain digital sovereignty. But there are also risks in using Open Source Software which is not maintained by a stable community. In this talk, we want to highlight how to discover stable communities in an automated way. With our tool, users can identify projects with stable communities and the Open Source community gets aware of projects seeking for more support.

14:00-14:10

Anastasia Vöhringer
DISQU GmbH 

Marcel Beyer
DISQU GmbH 

This talk will cover a quick dive into the rapid rise of SONiC as the state-of-the-art network
operating system for data centre use and focus on the advantages of disaggregated systems compared with closed, proprietary ones. 

The future is already here: Ethernet is surpassing Infiniband, becoming the defacto industrial standard for AI data centres. We will also take a quick look at virtualising network environments using GNS3.

14:10-14:20

Martin Hayes
STORDIS GmbH

The talk provides a brief overview of incidents in the recent past in which people, companies or governments have been or will be restricted in their actions due to a lack of digital sovereignty. The talk will focus on the social consequences and how to avert damage rather than on technical details.

14:20-14:30

Daniel Gerber 
ALASCA FOCIS 

Digital transformation requires flexible and resilient IT infrastructures that simultaneously meet the highest security standards and satisfy the growing requirements of AI workloads. This presentation presents the multi-provider cloud strategy of a managed service provider and its practical implementation to avoid vendor lock-in and optimize service availability.

At the centre of the architecture is Gardener as a universal multi-cloud middleware layer that enables the unified orchestration and management of Kubernetes clusters across different cloud providers. Gardener acts as an abstraction layer that ensures consistent deployment and management of container workloads - including GPU-intensive AI applications - regardless of the underlying Infrastructure-as-a-Service provider.

For particularly sensitive data and compliance-critical applications, the managed service provider relies on cloud pods based on OpenStack. This on-premises solution offers complete data sovereignty and meets strict regulatory requirements, while being seamlessly integrated into the multi-cloud landscape. Especially for Large Language Models (LLMs) and AI applications with mission-critical data, this architecture enables the secure operation of Foundation Models without exposing sensitive information to external providers.

Christian Berendt
23Technologies GmbH

SONiC is a network operating system that can run on various switches from different manufacturers. However, developing the upstream SONiC project or an extended or customised variant of it is very labour-intensive.

In this talk, we will provide a brief overview of SONiC and outline the challenges of building SONiC for a specific device.

Additionally, we will provide insights into a pipeline designed to build SONiC for various switches and delivering the results to a test-bed with heterogeneous switch hardware.

The talk will conclude with an outlook on a potential SONiC community project that could be maintained by the ALASCA community.

Matthias Haag
UhuruTec AG

As cloud costs rise and concerns about sovereignty, compliance, and vendor lock-in grow, many organisations are rethinking their cloud strategies. This presentation explores how a cloud-native, open approach based on Kubernetes, metal-stack.io, and SONiC offers a scalable, secure, and high-performance alternative to traditional hyperscalers.

Learn how to deploy your own open cloud using open hardware and open source software - with full control, optimised performance, and built-in compliance. Real-world examples demonstrate how cloud repatriation and sovereign cloud strategies can deliver both economic and technical advantages.

Coffee Break

DARKSOL explores the design of a distributed cloud platform for space-based compute infrastructure, targeting satellites, deep-space probes, and other off-Earth systems. Motivated by the inefficiency of current single-purpose missions, DARKSOL aims to enable secure multi-tenancy, shared hardware usage, and dynamic application deployment in space, similar to terrestrial data centres. This talk presents the current state of the project, focusing on three core areas:

  1. Application Lifecycle Management: We demonstrate how containerised applications can be orchestrated using Kubernetes over delay-/disruption-tolerant (DTN) links.
  2. Platform Architecture: We outline a model for a space-resilient, as well as technology- and distribution-independent cloud platform capable of tolerating long communication latencies, partial connectivity, and episodic contact windows.
  3. Virtualisation & Hardware Abstraction: We discuss the design of a lightweight hypervisor layer and control plane adapted to constrained onboard compute platforms and the requirements for secure application isolation.

 

We will also highlight integration points with existing cloud-native tooling, trade-offs in the system design, and ongoing work towards a deployable prototype for orbital or interplanetary demonstration.

Tobias Nöthlich
D3TN GmbH

Anastasia Vöhringer
DISQU GmbH 

Martin Messer 
Cyberus Technology GmbH

Providing a cloud service is a complex undertaking with many aspects. One important question is how to ultimately earn money with the solution. Many open source software components make it possible to build a cloud from scratch. However, billing customers for resource and service usage is a blind spot, especially if you want to use OSS here as well. The presentation presents the technical challenges against their professional background. We will show you how we designed and implemented our accounting architecture as a distributed system with a high focus on reliability and integration with the respective cloud components.

Participants should have a general, more technical understanding of typical cloud services and an idea of the business models behind them (what are customers billed for?). Experience in the architecture, development or operation of distributed systems is welcome, as is knowledge of service quality (service level indicators and objectives).

You will gain a deep insight into the specific challenges associated with the billable provision of cloud services. Some of these are at the business level, but we will mainly look at the technical requirements and the options for implementing them. We will explain how we aggregate the usage data of cloud resources as the basis of proper billing for a full stack, starting from the hardware level in a data centre to the final customer-facing infrastructure, platforms and services.

Gerd Aschemann
Freelancer

Matthias Haag
UhuruTec AG

While Germany is still debating what digital sovereignty means, other countries, with the support of large organisations such as the ITU and GIZ, have already begun to implement their digital transformation in a digitally sovereign manner, in their own data centres, exclusively with open-source technologies and parallel knowledge building. The most important building block for this is GovStack's Cloud Infrastructure Building Block, which was developed with the SCS team last year. Based on OpenStack and the Cluster API (combined in SCS), government clouds are being set up in various countries such as Eswatini, Kenya, Guinea and Ukraine, which are then operated locally. In this presentation, VanillaCore and S7n would like to show what is being implemented technically in the countries and how the countries are adopting this approach. 

Karsten Samaschke 
VanillaCore GmbH 

Food, drinks, games and much more in the summit venue!

ALL

Day 2 - Workshops

Coffee Break

A workshop that goes through the SCS standardisation and certification process from A to O. From the idea, to implementing the standards, to testing.

Participants should have a basic understanding about OpenStack and Kubernetes.

Felix Kronlage-Dammers
OSB Alliance 

This workshop starts with an overview of TAROOK and its core concepts. We plan on collaboratively configure and deploy a production-ready Kubernetes cluster using TAROOK, while providing additional information on procedures. We will spread and grant access to the cluster and divide into subgroups to tackle different tasks based on participants' preferences and skillsets:

  1. Manual & Automated Kubernetes Upgrade: A recurring day2-operation in a Kubernetes cluster is to update to the next minor release. Participants will gain hands-on experience with Kubernetes cluster updates and learn about potential challenges that may arise during the process.
  2. Deploying a Resilient Webserver: The cluster created is a production-ready Kubernetes cluster, but has no actual workload deployed in it. This subgroup will set up a basic TLS-capable web server accessible from the internet via a LoadBalancer service, using FluxCD for GitOps automation, Ingress NGINX controller, and cert-manager for certificate management. Participants will learn about LoadBalancer services, Ingress controllers, cert-manager, and how to deploy Kubernetes resources through a GitOps approach with FluxCD.

  3. Handling Critical CVE Updates: Imagine being responsible for a critical service running inside Kubernetes when a serious security vulnerability (CVE) is disclosed. This subgroup will explore best practices for configuring and updating Kubernetes components and services securely and efficiently in response to such vulnerabilities in a TAROOK managed cluster.

For this workshop you will need your laptop including a Linux workstation as well as a basic understanding of Kubernetes, git and nix.

Open-Source at its best -This workshop guides the audience through a GNS3
(https://github.com/GNS3) Network Simulation of SONiC powered components. We will configure a realistic network architecture and demonstrate some well-
known network features implemented over several nodes. Attendees will receive guidance and additional material that will enable them to jump-start their own network simulations.

Please bring a laptop with a working internet connection as well as working knowledge of networking protocols on a network engineering level. 

Volker Scheel
STORDIS

In this workshop we will install an OpenStack using the Yaook operators as demo setup. For that we will use the quick-start guide of Yaook. Let's find out together, what can be improved in this guide.

Please bring a laptop that can run kubectl and helm (so best Linux or Mac) and a little basic knowledge about kubernetes.

A second group will be working on learning how to become a developer for Yaook operator. We will take a look at the basic concepts behind Yaook, how to develop a new operator and if there are any parts that could possibly even be ignored when starting to develop.

Let's have a look, how you can develop at Yaook and how we can document this knowledge.

Please bring a laptop as well as basic knowledge in Python, Kubernetes and OpenStack.

Stefan Hoffmann 
Cloud&Heat Technologies

Join the Krake workshop (Hackathon-style) and shape the future of multi-cloud orchestration! In two exciting tracks, we will work together on practical extensions for Krake. You will learn new skills and develop real features!

Track 1 is all about Krake in a graphical interface: Together with Pacifico Digital Explorations GmbH, we use their open source tool raclette to bring new features to the Krake interface. You will learn how to integrate functions such as app deployments or the management of metrics providers & metrics into the web interface via the Krake API.

For this track you will need your laptop, basic knowledge of Vue.js or similar web frameworks and an interest in user interfaces and how to make software usable.

Track 2 brings sustainability into play: with the support of the Open Source Business Alliance (OSBA), we connect Krake with EcoDigit. The aim is to collect energy consumption data from systems (especially Kubernetes clusters/pods) and let Krake use this to move workloads to where the best conditions prevail. If there is still time or general interest, new workload distribution algorithms can also be considered.

Please bring your laptop, curiosity about monitoring and metrics (we'll show you Prometheus) and the desire to make software more sustainable. Python basics and Linux CLI knowledge are helpful.

Patrick Thiem 
Cloud&Heat Technologies 

MPLS is a cornerstone for building scalable, high-performance modern networks. While SONiC supports SRv6 and static MPLS, dynamic control-plane protocols are still missing. Join PLVision's session to hear proof-of-concept results and steps to close this critical gap.
Explore a virtualised SONiC PoC for seamless MPLS-to-Segment Routing migration at PLVision's booth demo! See MPLS & SR control-plane protocols in action, path setups, deployment challenges, and how SONiC is evolving toward carrier-grade transport.
Learn how a virtualised SONiC environment can support MPLS and Segment Routing (SR-MPLS and SRv6) control-plane protocols as well as the process of MPLS label distribution and SR path setup within a simulated network topology. Experience the key architectural challenges, limitations, and considerations for transitioning from virtual to hardware-based deployments and gain practical insights into SONiC's current capabilities and the steps needed to enable seamless migration from legacy MPLS to modern Segment Routing environments.

Taras Chornyi
PLVision 

Leonid Khedyk
PLVision 

Lunch

14:15-14:30

 

14:30-14:45

 

Coffee Break

Further discussion on ZenDis and DiaS format 

ALL

de_DE_formal