kata-containers/docs/hypervisors.md

Hypervisors

Introduction

Kata Containers supports multiple hypervisors. This document provides a very high level overview of the available hypervisors, giving suggestions as to which hypervisors you may wish to investigate further.

Note:

This document is not prescriptive or authoritative:

• It is up to you to decide which hypervisors may be most appropriate for your use-case.
• Refer to the official documentation for each hypervisor for further details.

Types

Hypervisor	Written in	Architectures	Type
Cloud Hypervisor	rust	aarch64, x86_64	Type 2 (KVM)
Firecracker	rust	aarch64, x86_64	Type 2 (KVM)
QEMU	C	all	Type 2 (KVM)
Dragonball	rust	aarch64, x86_64	Type 2 (KVM)
StratoVirt	rust	aarch64, x86_64	Type 2 (KVM)

Determine currently configured hypervisor

$ kata-runtime kata-env | awk -v RS= '/\[Hypervisor\]/' | grep Path

Choose a Hypervisor

The table below provides a brief summary of some of the differences between the hypervisors:

Hypervisor	Summary	Features	Limitations	Container Creation speed	Memory density	Use cases	Comment
Cloud Hypervisor	Low latency, small memory footprint, small attack surface	Minimal		excellent	excellent	High performance modern cloud workloads
Firecracker	Very slimline	Extremely minimal	Doesn't support all device types	excellent	excellent	Serverless / FaaS
QEMU	Lots of features	Lots		good	good	Good option for most users
Dragonball	Built-in VMM, low CPU and memory overhead	Minimal		excellent	excellent	Optimized for most container workloads	out-of-the-box Kata Containers experience
StratoVirt	Unified architecture supporting three scenarios: VM, container, and serverless	Extremely minimal(MicroVM) to Lots(StandardVM)		excellent	excellent	Common container workloads	StandardVM type of StratoVirt for Kata is under development

For further details, see the Virtualization in Kata Containers document and the official documentation for each hypervisor.

Hypervisor configuration files

Since each hypervisor offers different features and options, Kata Containers provides a separate configuration file for each. The configuration files contain comments explaining which options are available, their default values and how each setting can be used.

Hypervisor	Golang runtime config file	golang runtime short name	golang runtime default	rust runtime config file	rust runtime short name	rust runtime default
Cloud Hypervisor	configuration-clh.toml	clh		configuration-cloud-hypervisor.toml	cloud-hypervisor
Firecracker	configuration-fc.toml	fc
QEMU	configuration-qemu.toml	qemu	yes	configuration-qemu.toml	qemu
Dragonball				configuration-dragonball.toml	dragonball	yes
StratoVirt	configuration-stratovirt.toml	stratovirt

Notes:

• The short names specified are used by the kata-manager tool.
• As shown by the default columns, each runtime type has its own default hypervisor.
• The golang runtime is the current default runtime.
• The rust runtime, also known as runtime-rs, is the newer runtime written in the rust language.
• See the Configuration for further details.
• The configuration file links in the table link to the "source" versions: these are not usable configuration files as they contain variables that need to be expanded:
  • The links are provided for reference only.
  • The final (installed) versions, where all variables have been expanded, are built from these source configuration files.
• The pristine configuration files are usually installed in the /opt/kata/share/defaults/kata-containers/ or /usr/share/defaults/kata-containers/ directories.
• Some hypervisors may have the same name for both golang and rust runtimes, but the file contents may differ.
• If there is no configuration file listed for the golang or rust runtimes, this either means the hypervisor cannot be run with a particular runtime, or that a driver has not yet been made available for that runtime.

Switch configured hypervisor

To switch the configured hypervisor, you only need to run a single command. See the kata-manager documentation for further details.