Kata Containers, Container with VM Isolation
Kata Containers offers method of container deployment with more security. Security is one biggest challenge about containers and containers has lower level of security compared to virtual machines. Because virtual machines are isolated from each other, but containers can’t provide isolation same as virtual machines.
What’s Kata Containers?
It is an open source community working to build a secure container runtime with lightweight virtual machines that feel and perform like containers, but provide stronger workload isolation using hardware virtualization technology as a second layer of defense.
Kata Containers are as light and fast as containers and integrate with the container management layers including popular orchestration tools such as Docker and Kubernetes (k8s), while also delivering the security advantages of VMs.
Where Can Be Installed?
It’s available for the below Linux distributions:
- RHEL
- CentOS
- Ubuntu
- OpenSuse
- SLES
- Debian
- Fedora
Find installation documents at the below link:
Kata Containers installation guides
Kata Containers Supported Hypervisors
It’s supporting the below hypervisors:
- Firecracker
- QEMU
- Cloud Hypervisor
And also supporting some architectures but focused on x86_64.
However, supported hardware features depends on hypervisor but supporting: Nvidia GPU, RDMA, SRIO-V and some other hardware features.
Read more about architecture and design at this link:
Conclusion
People are talking about ChatGPT now and no one talking about Cloud-Native anymore! LOL 😀
I want to say that virtualization was a revolution and using container in services allows companies to have faster service deployment and more integration, but security guys always have concern about isolation and no level of isolation is enough for them (kidding).
Kata Containers will be popular in future of Cloud-Native computing, but it still needs to development. I didn’t test it, but it is a valuable idea.
Further Reading
[Review]: What is Container Linux?
VMware Photon OS – Best OS for Kubernetes and Container Host
SmartOS, Live Operating System For Virtualization
What’s MicroVM And Firecracker?
Oracle Database CPU Core Limit For Dummies
Why Alpine Linux is Suitable For Cloud Native Application?
