Day 1 - Talks
Welcome speech by Marius Feldmann, ALASCA's Chairman of the Board
Marius Feldmann
ALASCA e.V.
Keynote by ALASCA Summit's gold sponsor Yorizon GmbH & Co. KG
Keynote by ALASCA Summit's gold sponsor UhuruTec AG
Keynote by ALASCA Summit's gold sponsor secunet Security Networks GmbH
09:50-10:00
Gerhard Bader
Yorizon GmbH & Co. KG
10:00-10:10
Matthias Haag
UhuruTec AG
10:10-10:20
Kai Martius
secunet Security Networks AG
Digital sovereignty goes far beyond data sovereignty. In discussions with the industry, the Sovereign Cloud Stack project has worked out three more areas that need addressing for infrastructure platforms:
- Technical standards that ensure the provider switching capability
- A complete, modular openly developed open source implementation of these standards in production grade software
- Knowledge building and transparency especially on operations of such infrastructure.
The presentation will start with a short overview and then deep dive into the technology decisions taken for the reference implementation and answer the following questions:
- Why have we chosen Kubernetes?
- Why did we put Kubernetes on a virtualisation layer?
- How do we judge what software components are eligilble to become part of the reference implementation?
- How do we avoid fragmentation and keep providers alilgned?
- What tools and processes help us with being predictable?
- How do we achieve a high level of security? How do Reviews, Pipelines and the CI process work?
We'll also give an honest view on what worked out better than anticipated and what technical challenges remain to be solved.
Kurt Garloff
s7n Cloud Services GmbH
The time has come to officially introduce ALASCA's new project, which was recently submitted and welcomed to the association.
For the past 5 years dNation has been developing its own monitoring stack, which features the following technical traits:
1) Intuitive semaphore principle - the signalling through green, orange and red colours will let users know whether their action is required.
2) Hierarchical approach - the tool uses a drill-down approach, instead of showing all of the information at once.
3) Relevant information only - the tool provides only those metrics that are relevant for this particular area of interest and drill-down level, side-by-side with logs.
Within this talk we will describe the monitoring from the user's point of view and take a closer look at explaining the technical details about the underlying software stack. Finally, we'll present a live demo of the newest addition to the ALASCA software stack.
Martin Pilka
dNation Cloud
Following up on our ALASCA Round Table in March, we are reopening the discussion on European Initiatives towards a digitally sovereign cloud solution and want to keep the conversation going on the future prospects and challenges that still need to be overcome on the path to digital sovereignty in order to ensure future progress.
11:30-11:40
Thomas Kralinski
State Secretary
Moderator:
tbd.
Thomas Kralinski
State Secretary
Stephan Ilaender
STACKIT GmbH & Co. KG
Kai Martius
secunet Security Networks AG
Kurt Garloff
s7n Cloud Services GmbH
This talk will provide insight into the project ALASCA FOCIS, funded by the SMWA, in order to drive forward the further development, demonstration and dissemination of open source software and standards for cloud services in the Saxon ecosystem. A central concern of this project is the active involvement of regional and supraregional organisations, universities and small and medium-sized enterprises in the development process.
This talk covers the overall project goals, the current status after about half of its runtime as well as our plans for the upcoming months.
As it is one of our most important project goals, we are excited to present the first of two demonstrators of the ALASCA stack - an SCS-standard conform Cluster for our ALASCA community.
12:30-12:40
Matthias Büchse
ALASCA FOCIS
OpenStack is powerful - but often frustratingly incomplete. During the ALASCA Hackathon in Stuttgart, we set out to fill one of its more obvious gaps: a billing dashboard that shows how much each customer's virtual machines actually cost. The feature you need when your customers only knew AWS before.
Instead of reinventing the interface, we built a standalone, extensible UI using our open-source framework raclette. It adds missing features today and lays the foundation for even more features tomorrow: simplified views, reimagined workflows, or entirely new capabilities.
12:40-12:50
Michelle Fuchs
Pacifico Digital Explorations GmbH
Providing a cloud service is a complex undertaking with many aspects. One important question is how to ultimately earn money with the solution. Many open source software components make it possible to build a cloud from scratch. However, billing customers for resource and service usage is a blind spot, especially if you want to use OSS here as well. The presentation presents the technical challenges against their professional background. We will show you how we designed and implemented our accounting architecture as a distributed system with a high focus on reliability and integration with the respective cloud components.
Participants should have a general, more technical understanding of typical cloud services and an idea of the business models behind them (what are customers billed for?). Experience in the architecture, development or operation of distributed systems is welcome, as is knowledge of service quality (service level indicators and objectives).
You will gain a deep insight into the specific challenges associated with the billable provision of cloud services. Some of these are at the business level, but we will mainly look at the technical requirements and the options for implementing them. We will explain how we aggregate the usage data of cloud resources as the basis of proper billing for a full stack, starting from the hardware level in a data centre to the final customer-facing infrastructure, platforms and services.
Open source software is a key enabler to gain digital sovereignty. But there are also risks in using Open Source Software which is not maintained by a stable community. In this talk, we want to highlight how to discover stable communities in an automated way. With our tool, users can identify projects with stable communities and the Open Source community gets aware of projects seeking for more support.
This talk will cover a quick dive into the rapid rise of SONiC as the state-of-the-art network
operating system for data centre use and focus on the advantages of disaggregated systems compared with closed, proprietary ones.
The future is already here: Ethernet is surpassing Infiniband, becoming the defacto industrial standard for AI data centres. We will also take a quick look at virtualising network environments using GNS3.
14:30-14:40
Martin Hayes
STORDIS GmbH
The talk provides a brief overview of incidents in the recent past in which people, companies or governments have been or will be restricted in their actions due to a lack of digital sovereignty. The talk will focus on the social consequences and how to avert damage rather than on technical details.
14:40-14:50
Daniel Gerber
ALASCA FOCIS
SONiC is a network operating system that can run on various switches from different manufacturers. However, developing the upstream SONiC project or an extended or customised variant of it is very labour-intensive.
In this talk, we will provide a brief overview of SONiC and outline the challenges of building SONiC for a specific device.
Additionally, we will provide insights into a pipeline designed to build SONiC for various switches and delivering the results to a test-bed with heterogeneous switch hardware.
The talk will conclude with an outlook on a potential SONiC community project that could be maintained by the ALASCA community.
Digital transformation requires flexible and resilient IT infrastructures that simultaneously meet the highest security standards and satisfy the growing requirements of AI workloads. This presentation presents the multi-provider cloud strategy of a managed service provider and its practical implementation to avoid vendor lock-in and optimize service availability.
At the centre of the architecture is Gardener as a universal multi-cloud middleware layer that enables the unified orchestration and management of Kubernetes clusters across different cloud providers. Gardener acts as an abstraction layer that ensures consistent deployment and management of container workloads - including GPU-intensive AI applications - regardless of the underlying Infrastructure-as-a-Service provider.
For particularly sensitive data and compliance-critical applications, the managed service provider relies on cloud pods based on OpenStack. This on-premises solution offers complete data sovereignty and meets strict regulatory requirements, while being seamlessly integrated into the multi-cloud landscape. Especially for Large Language Models (LLMs) and AI applications with mission-critical data, this architecture enables the secure operation of Foundation Models without exposing sensitive information to external providers.
Christian Berendt
23Technologies GmbH
While Germany is still debating what digital sovereignty means, other countries, with the support of large organisations such as the ITU and GIZ, have already begun to implement their digital transformation in a digitally sovereign manner, in their own data centres, exclusively with open-source technologies and parallel knowledge building. The most important building block for this is GovStack's Cloud Infrastructure Building Block, which was developed with the SCS team last year. Based on OpenStack and the Cluster API (combined in SCS), government clouds are being set up in various countries such as Eswatini, Kenya, Guinea and Ukraine, which are then operated locally. In this presentation, VanillaCore and S7n would like to show what is being implemented technically in the countries and how the countries are adopting this approach.
Karsten Samaschke
VanillaCore GmbH
As cloud costs rise and concerns about sovereignty, compliance, and vendor lock-in grow, many organisations are rethinking their cloud strategies. This presentation explores how a cloud-native, open approach based on Kubernetes, metal-stack.io, and SONiC offers a scalable, secure, and high-performance alternative to traditional hyperscalers.
Learn how to deploy your own open cloud using open hardware and open source software - with full control, optimised performance, and built-in compliance. Real-world examples demonstrate how cloud repatriation and sovereign cloud strategies can deliver both economic and technical advantages.
Stefan Majer
x-cellent technologies GmbH
DARKSOL explores the design of a distributed cloud platform for space-based compute infrastructure, targeting satellites, deep-space probes, and other off-Earth systems. Motivated by the inefficiency of current single-purpose missions, DARKSOL aims to enable secure multi-tenancy, shared hardware usage, and dynamic application deployment in space, similar to terrestrial data centres. This talk presents the current state of the project, focusing on three core areas:
- Application Lifecycle Management: We demonstrate how containerised applications can be orchestrated using Kubernetes over delay-/disruption-tolerant (DTN) links.
- Platform Architecture: We outline a model for a space-resilient, as well as technology- and distribution-independent cloud platform capable of tolerating long communication latencies, partial connectivity, and episodic contact windows.
- Virtualisation & Hardware Abstraction: We discuss the design of a lightweight hypervisor layer and control plane adapted to constrained onboard compute platforms and the requirements for secure application isolation.
We will also highlight integration points with existing cloud-native tooling, trade-offs in the system design, and ongoing work towards a deployable prototype for orbital or interplanetary demonstration.
Cluster API is great for spinning up Kubernetes clusters, but it leaves organisations hanging when it comes to production operations. Teams still need to figure out node images, configure CNI/CSI drivers, handle upgrades safely, and manage all the moving pieces that make clusters actually work.
SCS ClusterStacks builds on top of CAPI to solve these real problems. It packages everything together-Kubernetes config, node images, and core components-into tested, versioned stacks that just work. No more stitching together random components and hoping they play nicely.
This talk will demo both approaches live, show where vanilla CAPI falls short, and explain why ClusterStacks is exactly the kind of operational tooling ALASCA should be pushing. It's open source, production-ready, and gives organisations full control without vendor lock-in-perfect for digital sovereignty.
The problem? Nobody knows about ClusterStacks. While CAPI gets all the CNCF spotlight, this genuinely better solution sits in the shadows. ALASCA could change that.
Key topics:
- Why CAPI alone isn't enough for production
- How ClusterStacks fixes the operational gaps
- Why this matters for ALASCA's mission
- What we should do about it
Day 2 - Workshops
A workshop that goes through the SCS standardisation and certification process from A to O. From the idea, to implementing the standards, to testing.
Participants should have a basic understanding about OpenStack and Kubernetes.
Felix Kronlage-Dammers
OSB Alliance
- A recurring day2-operation in a Kubernetes cluster is to update to the next minor release. Participants will gain hands-on experience with Kubernetes cluster updates and learn about potential challenges that may arise during the process.
For this workshop you will need your laptop including a Linux workstation as well as a basic understanding of Kubernetes, git and nix.
Steve Starke
Cloud&Heat Technologies
Open-Source at its best -This workshop guides the audience through a GNS3
(https://github.com/GNS3) Network Simulation of SONiC powered components. We will configure a realistic network architecture and demonstrate some well-
known network features implemented over several nodes. Attendees will receive guidance and additional material that will enable them to jump-start their own network simulations.
Please bring a laptop with a working internet connection as well as working knowledge of networking protocols on a network engineering level.
Volker Scheel
STORDIS
In this workshop we will install an OpenStack using the Yaook operators as demo setup. For that we will use the quick-start guide of Yaook. Let's find out together, what can be improved in this guide.
Please bring a laptop that can run kubectl and helm (so best Linux or Mac) and a little basic knowledge about kubernetes.
A second group will be working on learning how to become a developer for Yaook operator. We will take a look at the basic concepts behind Yaook, how to develop a new operator and if there are any parts that could possibly even be ignored when starting to develop.
Let's have a look, how you can develop at Yaook and how we can document this knowledge.
Please bring a laptop as well as basic knowledge in Python, Kubernetes and OpenStack.
Stefan Hoffmann
Cloud&Heat Technologies
Join the Krake workshop (Hackathon-style) and shape the future of multi-cloud orchestration! In two exciting tracks, we will work together on practical extensions for Krake. You will learn new skills and develop real features!
Track 1 is all about Krake in a graphical interface: Together with Pacifico Digital Explorations GmbH, we use their open source tool raclette to bring new features to the Krake interface. You will learn how to integrate functions such as app deployments or the management of metrics providers & metrics into the web interface via the Krake API.
For this track you will need your laptop, basic knowledge of Vue.js or similar web frameworks and an interest in user interfaces and how to make software usable.
Track 2 brings sustainability into play: with the support of the Open Source Business Alliance (OSBA), we connect Krake with EcoDigit. The aim is to collect energy consumption data from systems (especially Kubernetes clusters/pods) and let Krake use this to move workloads to where the best conditions prevail. If there is still time or general interest, new workload distribution algorithms can also be considered.
Please bring your laptop, curiosity about monitoring and metrics (we'll show you Prometheus) and the desire to make software more sustainable. Python basics and Linux CLI knowledge are helpful.
Patrick Thiem
Cloud&Heat Technologies
Taras Chornyi
PLVision
Leonid Khedyk
PLVision
openDesk is an innovative, Kubernetes-based office and collaboration suite that is made available as an open-source solution for public administration. Developed by the Center for Digital Sovereignty in Public Administration (ZenDiS), openDesk combines existing open-source applications and offers a flexible, scalable platform that promotes digital collaboration while meeting the highest standards of security and sovereignty.
The architecture of openDesk uses Kubernetes as the basis for scalability and reliability. Powerful tools such as Helm and Helmfile are also used to automate the management of Kubernetes release definitions and configurations. openDesk is developed and provided on openCode, ZenDiS's sovereign software platform for public administration. René Fischer, Tech Lead at ZenDiS, presents possible applications and shows how openDesk is already being used productively in public authorities today.
14:00-14:15
René Fischer
ZenDis
