ADLS Workshop Mai 2022


Das Austrian DataLAB and Services Projekt organisierte ein Workshop mit Training im Kontext einer österreichweiten wissenschaftlichen cloud (Austrian wide science cloud). Es wurden Trainings für Kubernetes (Anfänger sowie Fortgeschrittene), Docker (Bauen von Images und arbeiten mit Docker) sowie Vorträge zur „Security in the cloud and compliance“, „virtual HPC“ und „Openstack vs. public cloud providers“ angeboten. Das Treffen fand am 24. Mai 2022 in Wien statt. Unterhalb finden Sie das Programm auf englisch. Am Vortag fand das Symposium Cluster Forschungsdaten 2022 statt und die ADLS Folien sind hier verlinkt – News post zum Event mit den Folien der anderen Projekte.

Prerequisites for Training:



9:00 – 12:00 Training Kubernetes for Beginners – Constanze Roedig

  • Learn about the architecture and the core components of Kubernetes
  • What are container-runtimes?
  • How to work with the command line interface (kubectl) and using a client-UI (lens)
  • How to expose a service
  • How Kubernetes manages packages:  explore a simple helm chart and modify it
  • Introduction to Role Based Access Control
  • Comparison of Kubernetes Distros: RKE2/Rancher, OKD/Openshift, AKS
  • Hands-on working with our Kubernetes cluster from your laptop and in Rancher-UI: deploy your first app and work with it (this will be most of the workshop): we will deploy a pacman game and add to it more and more components

14:00 – 17:00 Training Kubernetes for Intermediate – Thomas Weber

  • Write your first helm chart
  • Work with a Kubernetes operator
  • Working with secrets
  • Deep dive into cert manager
  • Deep dive into ingress
  • Container Storage Interface CSI, Container Networking Interface CNI : what is that and in how far is it relevant for a user?


9:00 – 10:30 Training Building and Working with Docker Images – Thomas Weber

  • What are different Image Types?
  • How are containers different from a VM?
  • Choice of baseimages
  • Best practices for building an image
  • Multi-stage builds
  • Avoiding secrets
  • build-test-scan-push pipelines
  • Container registries

10:45 – 12:00 virtual HPC, Demonstration – Peter Kandolf

  • What is the purpose of a vHPC (a virtual High Performance Cluster)
  • Insight in the basic setup and the employed technologies
  • See how automation, gitOps and CI/CD can be employed
  • Slurm Rest API and Authentication


14:00 – 16:00 Security in the Cloud and Compliance – Constanze Roedig

  • 14:00 – 15:00 Talk:
    • The new perimeter: Cloud
    • Zero Trust architecture and how DevOps changes many paradigms
    • Threat Modeling for ADLS
    • New frameworks for old concepts: Confidentiality, Integrity and Availability -> Security by Design
    • Compliance: How ADLS (will) leverage Cloud capabilities and gitOps for most critical aspects
  • 15:00 – 16:00 Technical Demos:
    • Container Security 101 -> Demo of a container escape
    • Supply Chain Security with gitOps -> How ADLS protects its assets
    • IAM: the importance of integrated identity and access management -> Demo of a federated machine identity
    • Demo of smuggling a nasty package into Kubernetes and what you can do with that

16:15 – 17:15 What is Openstack and how is it different from a public cloud provider like AWS? – Elias Wimmer

ADLS Workshop 2022