Kata Containers supports multiple hypervisors. This document provides a very high level overview of the available hypervisors, giving suggestions as to which hypervisors you may wish to investigate further.
Note:
This document is not prescriptive or authoritative:
- It is up to you to decide which hypervisors may be most appropriate for your use-case.
- Refer to the official documentation for each hypervisor for further details.
Hypervisor | Written in | Architectures | Type |
---|---|---|---|
ACRN | C | x86_64 |
Type 1 (bare metal) |
Cloud Hypervisor | rust | aarch64 , x86_64 |
Type 2 (KVM) |
Firecracker | rust | aarch64 , x86_64 |
Type 2 (KVM) |
QEMU | C | all | Type 2 (KVM) |
Dragonball |
rust | aarch64 , x86_64 |
Type 2 (KVM) |
StratoVirt | rust | aarch64 , x86_64 |
Type 2 (KVM) |
$ kata-runtime kata-env | awk -v RS= '/\[Hypervisor\]/' | grep Path
The table below provides a brief summary of some of the differences between the hypervisors:
Hypervisor | Summary | Features | Limitations | Container Creation speed | Memory density | Use cases | Comment |
---|---|---|---|---|---|---|---|
ACRN | Safety critical and real-time workloads | excellent | excellent | Embedded and IOT systems | For advanced users | ||
Cloud Hypervisor | Low latency, small memory footprint, small attack surface | Minimal | excellent | excellent | High performance modern cloud workloads | ||
Firecracker | Very slimline | Extremely minimal | Doesn't support all device types | excellent | excellent | Serverless / FaaS | |
QEMU | Lots of features | Lots | good | good | Good option for most users | ||
Dragonball |
Built-in VMM, low CPU and memory overhead | Minimal | excellent | excellent | Optimized for most container workloads | out-of-the-box Kata Containers experience |
|
StratoVirt | Unified architecture supporting three scenarios: VM, container, and serverless | Extremely minimal(MicroVM ) to Lots(StandardVM ) |
excellent | excellent | Common container workloads | StandardVM type of StratoVirt for Kata is under development |
For further details, see the Virtualization in Kata Containers document and the official documentation for each hypervisor.
Since each hypervisor offers different features and options, Kata Containers provides a separate configuration file for each. The configuration files contain comments explaining which options are available, their default values and how each setting can be used.
Hypervisor | Golang runtime config file | golang runtime short name | golang runtime default | rust runtime config file | rust runtime short name | rust runtime default |
---|---|---|---|---|---|---|
ACRN | configuration-acrn.toml |
acrn |
||||
Cloud Hypervisor | configuration-clh.toml |
clh |
configuration-cloud-hypervisor.toml |
cloud-hypervisor |
||
Firecracker | configuration-fc.toml |
fc |
||||
QEMU | configuration-qemu.toml |
qemu |
yes | configuration-qemu.toml |
qemu |
|
Dragonball |
configuration-dragonball.toml |
dragonball |
yes | |||
StratoVirt | configuration-stratovirt.toml |
stratovirt |
Notes:
- The short names specified are used by the
kata-manager
tool.- As shown by the default columns, each runtime type has its own default hypervisor.
- The golang runtime is the current default runtime.
- The rust runtime, also known as
runtime-rs
, is the newer runtime written in the rust language.- See the Configuration for further details.
- The configuration file links in the table link to the "source" versions: these are not usable configuration files as they contain variables that need to be expanded:
- The links are provided for reference only.
- The final (installed) versions, where all variables have been expanded, are built from these source configuration files.
- The pristine configuration files are usually installed in the
/opt/kata/share/defaults/kata-containers/
or/usr/share/defaults/kata-containers/
directories.- Some hypervisors may have the same name for both golang and rust runtimes, but the file contents may differ.
- If there is no configuration file listed for the golang or rust runtimes, this either means the hypervisor cannot be run with a particular runtime, or that a driver has not yet been made available for that runtime.
To switch the configured hypervisor, you only need to run a single command.
See the kata-manager
documentation for further details.