Sohan Kunkerkar
Senior Software Engineer at Red Hat
Actions
Sohan Kunkerkar is a Senior Software Engineer at Red Hat, bringing expertise in distributed systems, backend engineering, and containers. His active contributions extend to CRI-O, a container runtime engine, and various sub-projects within the Kubernetes Sig-Node community. Sohan has a robust background, having worked on impactful projects such as Kubefed and Fedora CoreOS.
Awards
Simplify Kubelet Configuration Management at Scale: The Drop-in Directory Groove
As Kubernetes clusters grow larger, managing Kubelet configurations across numerous nodes becomes challenging. Inconsistencies and configuration drift can arise, leading to operational issues. This problem is aggravated when different node groups require specific Kubelet settings. OKD (OpenShift's Community Kubernetes Distribution) faced similar challenges with tailored Kubelet configs for use cases like edge and telco. The Kubelet Drop-in Directory feature, now in beta in Kubernetes 1.30, provides a solution to this problem. It allows administrators to maintain a base Kubelet configuration while enabling customizations for different node groups or use cases.
This talk covers simplifying Kubelet configuration management and optimizing Kubernetes clusters. We'll discuss how OKD plans to leverage this feature in the Machine Config Operator to lay down Kubelet configs using Custom Resource Definitions (CRDs), ensuring consistency and reducing configuration drift.
Pushing the Boundaries: crun’s Role in the Next Wave of Containerization
crun, a mature OCI runtime, has been evolving to meet the demands of modern applications. In this presentation, we will explore crun’s latest advancements that open up new possibilities in containerization. Attendees will learn about crun's low memory footprint, its compatibility with major WebAssembly runtimes, and its implementation of krun for confidential containers. We will also showcase crun’s effectiveness in running AI models with CRI-O and outline plans for integrating CUDA and WebGPU workloads. This talk is ideally suited for developers, DevOps engineers, and architects interested in the cutting-edge of container technologies and their applications
Navigating the Cgroup Transition: Bridging the Gap Between Kubernetes and User Expectations
As Kubernetes and container technologies evolve, shifting from cgroup v1 to cgroup v2 has become a pivotal development. With cgroup v2 available in Kubernetes since v1.25, we're at a crossroads where many users and organizations must decide when and how to transition fully to this new system. Despite the benefits of cgroup v2, including better resource management and enhanced capabilities, users frequently encounter unexpected challenges signaling a gap in readiness and understanding.
This talk will address the practical implications of moving to cgroup v2, discuss the coordinated efforts to deprecate cgroup v1, and propose actionable strategies to bridge the gap between the Kubernetes community, system administrators, and developers. By focusing on real-world experiences and providing clear guidance, this session aims to equip you with the knowledge and tools to navigate this significant change confidently.
Jamming with crun and CRI-O: Facilitating the Convergence of AI, WASM, and Kubernetes
Discover how the integration of WebAssembly (WASM) in Kubernetes, facilitated by CRI-O and crun, enables the effortless deployment of Generative AI models. Learn about the diverse WASM runtimes seeking integration with crun and the ongoing advancements in CRI-O + WASM integration. Explore optimization strategies such as treating WASM workloads as OCI artifacts for reduced container image footprints. Additionally, we'll explore future advancements, including support for NRI WASM plugins, NVIDIA runtime integration in crun, and tapping into the WebGPU space.
CRI-O's WASM Adventure: Challenges, Strategies, and What Lies Ahead
Many years our two heroes, CRI-O (a lightweight container runtime for Kubernetes), and WebAssembly, spent apart, honing their strengths for the adventure to come. Join us in this talk as we spin a tale describing the reasons why WASM support is essential for CRI-O, the challenges faced during its integration, such as runc's lack of support for WASM and the complexity of assigning the correct runtime to a pod, and the strategies employed to overcome these challenges. Additionally, we will outline our vision for the future of this integration, including handling WASM workload as container images and loading WASM plugins directly into CRI-O instead of NRI and how it will revolutionize the capabilities of CRI-O and Kubernetes. This talk is designed for developers, operators, weary travelers, and anyone interested in the intersection of Kubernetes, CRI-O, and WebAssembly.
CRI-O Odyssey: Exploring New Frontiers in Container Runtimes
No journey is ever really done, it only continues differently. CRI-O's journey in continuing its effort to be the best container runtime made specifically for Kubernetes is no different, even after graduating within the CNCF. In this talk, join the CRI-O developers as they walk you through the new frontiers of container runtimes: such as integration with WebAssembly (WASM), secured and simplified Podman-in-Kubernetes, and the present and future of Confidential Computing. This session will also cover initiatives CRI-O is following within SIG-Node, such as CRI stats and separate image file systems.This session caters to both newcomers and seasoned users, offering insights into CRI-O's new features and journey beyond.
Container-ception: podman in pods with CRI-O
Have you ever dreamt of treating a pod like a host in which you run containers? While it has been possible for a long time, the Kubernetes default of a masked proc and lack of user namespaces has severely limited capabilities. However, with user namespaces reaching beta in Kubernetes, and research by the CRI-O team, we are now closer than ever! Join Peter Hunt and Sohan Kunkerkar as they walk through the history of nested containers, what is currently possible with all of the security knobs Kubernetes provides (as well as the support matrix of privileged/rootful/networking), and future work that will enable features in Kubernetes pods that seem almost VM like. This talk is designed for developers, operators and anyone interested in the intersection of container engines and Kubernetes. No need to pinch yourself, you're not dreaming!
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top