Homepage: https://katacontainers.io/
From MicroK8s version: 1.22+
Supported arch: amd64
Kata Containers, is used to build a secure container runtime with lightweight virtual machines that feel and perform like containers, but provide stronger workload isolation using hardware virtualization technology as a second layer of defense. You can enable kata support with:
microk8s enable kata
The addon adds the kata runtimeClassName that allows you to specify what workloads should be started in Kata containers. For instance, the following manifest starts nginx in a Kata container:
apiVersion: v1
kind: Pod
metadata:
labels:
app: kata
name: nginx-kata
spec:
runtimeClassName: kata
containers:
- name: nginx
image: nginx
By default the addon will install the Kata runtime via the kata-containers snap. Alternatively, you can set the path of the where kata runtime is installed using the --runtime-path argument. The path you provide should include the kata-runtime binary:
microk8s enable kata --runtime-path=/path/to/runtime
On multi-node clusters the microk8s enable kata has to be called on each node so that the kata runtime gets enabled ont the desired nodes.