mirror of
https://github.com/kata-containers/kata-containers.git
synced 2025-10-22 12:29:49 +00:00
8c4bad68a8
As the kata-deploy helm chart has been the only way we've been testing kata-containers deployment as part of our CI, it's time to finally get rid of the kustomize yamls and avoid us having to maintain two different methods (with one of those not being tested). Here I removed: * kata-deploy yamls and kustomize yamls * kata-cleanup yamls and kustomize yamls * kata-rbac yals and kustomize yamls * README.md for the kustomize yamls was removed Signed-off-by: Fabiano Fidêncio <ffidencio@nvidia.com>
861 B
861 B
Kata Containers with virtio-fs
Introduction
Container deployments utilize explicit or implicit file sharing between host filesystem and containers. From a trust perspective, avoiding a shared file-system between the trusted host and untrusted container is recommended. This is not always feasible. In Kata Containers, block-based volumes are preferred as they allow usage of either device pass through or virtio-blk for access within the virtual machine.
As of the 2.0 release of Kata Containers, virtio-fs is the default filesystem sharing mechanism.
virtio-fs support works out of the box for cloud-hypervisor and qemu, when Kata Containers is deployed using kata-deploy. Learn more about kata-deploy and how to use kata-deploy in Kubernetes here.