Authors: Pengfei Ni (@feiskyer), Harry Zhang (@resouer)
This proposal aims to support HyperContainer container runtime in Kubelet.
HyperContainer is a Hypervisor-agnostic Container Engine that allows you to run Docker images using hypervisors (KVM, Xen, etc.). By running containers within separate VM instances, it offers a hardware-enforced isolation, which is required in multi-tenant environments.
- Complete pod/container/image lifecycle management with HyperContainer.
- Setup network by network plugins.
- 100% Pass node e2e tests.
- Easy to deploy for both local dev/test and production clusters.
The HyperContainer runtime will make use of the kubelet Container Runtime Interface. Fakti implements the CRI interface and exposes a local endpoint to Kubelet. Fakti communicates with hyperd with its gRPC API to manage the lifecycle of sandboxes, containers and images.
Since pods are running directly inside hypervisor, host network is not supported in HyperContainer runtime.
The HyperContainer runtime is maintained by https://github.com/kubernetes/frakti.