Kata Containers 3.2 Includes Virtualization-based Insulation

24 Oct 2023 10:54 am GMT+0000 Date Time

News Report
Kata Containers 3.2 has been published, introducing a stack for organizing containers using insulation based on full virtualization mechanisms. The project, created by Intel and Hyper, combines technologies from Claar Containers and runv. The project code is written in GO and Rust, and is distributed under the Apache 2.0 license. The development of the project is supervised by a working group under the auspices of the OpenStack Foundation, which includes companies like Canonical, China Mobile, Dell/EMC, Easystack, Google, Huawei, NetApp, Red Hat, Suse, and ZTE. The main component of KATA is the runtime, which enables the creation of compact virtual machines using a full-fledged hypervisor instead of traditional containers based on the Linux kernel. By using virtual machines, KATA achieves a higher level of security that protects against attacks exploiting vulnerabilities in the Linux kernel. KATA Containers focuses on integration with existing container insulation infrastructures and provides mechanisms to ensure compatibility with various container orchestration platforms and specifications such as OCI (Open Container Initiative), CRI (Container Runtime Interface), and CNI (Container Networking Interface). It also offers integration with Docker, Kubernetes, Qemu, and OpenStack. Integration with container management systems is achieved through a container control layer, which communicates with the control agent in a virtual machine via the GRPC interface and a special proxy. Inside the virtual environment launched by the hypervisor, a specially optimized Linux kernel with only the necessary capabilities is used. The use of

News Report

Kata Containers 3.2 has been published, introducing a stack for organizing containers using insulation based on full virtualization mechanisms. The project, created by Intel and Hyper, combines technologies from Claar Containers and runv. The project code is written in GO and Rust, and is distributed under the Apache 2.0 license. The development of the project is supervised by a working group under the auspices of the OpenStack Foundation, which includes companies like Canonical, China Mobile, Dell/EMC, Easystack, Google, Huawei, NetApp, Red Hat, Suse, and ZTE.

The main component of KATA is the runtime, which enables the creation of compact virtual machines using a full-fledged hypervisor instead of traditional containers based on the Linux kernel. By using virtual machines, KATA achieves a higher level of security that protects against attacks exploiting vulnerabilities in the Linux kernel.

KATA Containers focuses on integration with existing container insulation infrastructures and provides mechanisms to ensure compatibility with various container orchestration platforms and specifications such as OCI (Open Container Initiative), CRI (Container Runtime Interface), and CNI (Container Networking Interface). It also offers integration with Docker, Kubernetes, Qemu, and OpenStack.

Integration with container management systems is achieved through a container control layer, which communicates with the control agent in a virtual machine via the GRPC interface and a special proxy. Inside the virtual environment launched by the hypervisor, a specially optimized Linux kernel with only the necessary capabilities is used.

The use of

/Reports, release notes, official announcements.