Ok ya’ll, we’re parterning with the Containerization Guild. This is a gathering point for all things containers that Red Hat has opened up to the community. This is our kind of vibe so I am posting the information here!
You’ll find talks on custom images, sysexts, and pretty much every piece of tech we depend on here at Universal Blue. Here are all the details, the videos will be made available on YouTube after the event.
Details
- Wednesday July 09 at 10:00-13:00 Eastern Standard Time
- Link to the meeting: meet.google.com/ykq-iaee-ucn
- Join the meeting chat on Discord: Containerization Guild
Gathering Purpose
To share new and evolving ideas pertaining to containerization. This is a safe space to explore what could be and appreciate our shared love of engineering. All ideas are welcome: from shower thoughts to show-and-tells to manifestos to maybe the worst idea ever. We are not here to judge.
Gathering Format
- Each speaker will have ~13 minutes to share their idea.
If time permits, there can be some discussion but if there are follow-up questions, please continue the discussion in our Discord. - There will be no breaks but attendees are encouraged to take care of themselves and step away as needed.
Gathering Etiquette
- Each speaker represents themselves, unless otherwise specified.
- Sharing an idea is not a commitment to implementing the idea.
- As participants in the gathering, our job is to hear the idea and connect them to other ideas/like-minded folks where possible.
- Help speakers feel heard by commenting in Slack, using emojis, and/or being on camera.
- We are all working towards building a shared vision and a shared understanding. This is not the time to work through implementation details or identify risks.
Schedule
Ordering can/will be changed as needed during the gathering as some folks will need to come in and out.
We will be recording.
| What | Who | Estimated time from start (h:mm) |
|---|---|---|
| Welcome / Intro to the Gathering | Samantha Bueno | 0:00 |
| Smarter, but Heavier: How AI Is Pushing the Limits of Containers | Jason Greene | 0:05 |
| Confidential Workloads with Intel TDX and crun-krun | Jake Correnti | |
| Isolated Containers with AWS Nitro Enclaves | Tyler Fanelli | |
| Running Llama Stack with RamaLama | Nathan Weinberg, Charlie Doern | |
| Musings from RamaLama, multi-modal and more | Eric Curtin | |
| Building a Fedora HTTP Server in 10 minutes with image-templates | Clement Verna | |
| DataScienceOS - visions of bootc solving pain points | Steven Pousty | |
| Introducing sysexts-manager | Timothée Ravier |
Talk Details
Smarter, but Heavier: How AI Is Pushing the Limits of Containers
Containers offer a strong foundation for packaging and distributing AI workloads—but Gen AI brings new demands that challenge long-standing assumptions in container infrastructure. This talk explores how real-world AI use cases are pushing the boundaries of what’s possible with containers, drawing on experiences from RHEL AI (a bootc-based distribution) and the KServe project (model serving on Kubernetes). We’ll examine the technical challenges encountered, how they were addressed, and discuss potential improvements to container technology that could better support AI in the future.
About Jason
I’ve worked at Red Hat for over 20 years and am currently the Chief Architect of AI Product Engineering, where I lead the RHEL AI, OpenShift AI, and Red Hat AI Inference Server products. Prior to this, I worked in the middleware space—most notably as the co-founder of Quarkus—and led Red Hat’s Application Runtime offerings, including JBoss EAP. Over the years, I’ve contributed to a wide range of projects, including Podman, where I contributed the Windows/WSL support.
Isolated Containers with AWS Nitro Enclaves
I’ll give an overview of AWS Nitro Enclaves and the security/isolation guarantees that offer. I’ll also discuss additions being made to the podman suite of tools (notably buildah and the crun runtime) to run isolated containers on AWS Nitro Enclaves.
About Tyler
I’ve been at Red Hat for about 4 years. I work on the intersection of virtualization and containers, notably the libkrun project. I’m mainly interested in security and confidential computing, especially as it pertains to running containerized workloads.
Confidential Workloads with Intel TDX and crun-krun
In this talk I will discuss support for Intel Trust Domain Extensions (TDX) in Libkrun. I will demonstrate how, with the use of Podman and the crun-krun runtime, users can run a Confidential Workload on their TDX machines.
About Jake
I’m a Software Engineer on the Virtualization team. I’ve been at the company for 2 years, originally starting as an Intern. My work primarily focuses on maintaining Libkrun and working on Confidential Computing.
Running Llama Stack with RamaLama
A demo of the ramalama-stack external provider for Llama Stack, which allows Llama Stack users to run servers using RamaLama for inference
About Nathan
Nathan Weinberg has been at Red Hat for 7 years - one year as an Intern in Storage working on Gluster and Ceph, five years as a Quality Engineer in Cloud working on OpenStack and OpenShift, and for the last year as a Software Engineer working on various projects such as InstructLab, RHEL AI, Llama Stack, and RamaLama.
About Charlie
Charlie Doern has been at Red Hat for 4 years - two years as an Intern in Container Runtimes working on Podman, one year working as a Software Engineer on OpenShift’s MCO team, and one year working as a Software Engineer on Instructlab, Llama Stack, RHEL AI, and RamaLama.
Musings from RamaLama, multi-modal and more
The latest and greatest features of RamaLama.
About Eric
4 years, worked in automotive and ai
Building a Fedora HTTP Server in 10 minutes with image-templates
I will demo how to use the GitHub - ublue-os/image-template: Build your own custom Universal Blue Image! and Fedora Bootc to build a Fedora Server with Caddy in less than 10 minutes.
About Clement
I am an engineering manager at Red Hat working with the CoreOS team, I have a keen interest on new technologies and cloud native workflows.
DataScienceOS - visions of bootc solving pain points
For data scientists and AI developers, getting a Linux workstation set up and working properly is non-trivial and frustrating. Using bootc can help alleviate a large portion of this pain. There are ongoing movements in uBlue starting to work on this but it will take more coordination. I am going to present the vision for DataScience OS, current motion, and where we need some more horsepower.
About Steve
Steve is a Dad, Partner, Son, and Principal Community Architect focused on AI. Boomerang to RHT - back two months but was here 7 years working on OpenShift from pre-k8s to k8s just before operators Too many exciting topics but relevant here is bring containerized OSes to Data Scientists
Introducing sysexts-manager
With systemd system extensions (sysexts), it is possible to extend an image based system on demand. Sysexts come with a lot of advantages: they can be created out of arbitrary content (not only packages), are quickly enabled or disabled and can be built and shared independently of the main distribution channels.
Managing and updating sysexts on a system is currently a very manual an impractical process thus I’ve been working on a manager for those sysexts to integrate them better with how Bootable Container systems work.
About Timothée
Timothée Ravier is a CoreOS engineer at Red Hat. He maintains the Fedora Atomic Desktops. He is a KDE developer and helps maintain KDE Applications as Flatpaks on Flathub.