- About Kata Containers
- Community
- Governance
- Vendoring code
- Vulnerability Handling
- Week in Review template
Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs.
The Kata Containers project is designed to be architecture agnostic, run on multiple hypervisors and be compatible with the OCI specification and Kubernetes.
Kata Containers combines technology from Intel® Clear Containers and Hyper runV. The code is hosted on GitHub under the Apache 2 license and the project is managed by the Open Infrastructure Foundation. To learn more about the project and organizations backing the launch, visit https://www.katacontainers.io.
Kata Containers is working to build a global, diverse and collaborative community. Anyone who is interested in supporting the technology is welcome to participate. Learn how to contribute on the Community pages. We are seeking different expertise and skills, ranging from development, operations, documentation, marketing, community organization and product management.
You can join our community on any of the following places:
-
Join our mailing list.
-
Use the
irc.oftc.net
IRC server to join the discussions:- General discussions channel:
#kata-general
. - Development discussions channel:
#kata-dev
.
- General discussions channel:
-
Get an invite to our Slack channel. and then join us on Slack.
See Kata Containers installation user guides for details on how to install Kata Containers for your preferred distribution.
See the contributing guide for details on how to contribute to the project.
See the rota documentation.
Details of which Kata Containers project resources are owned, managed or controlled by whom are detailed on the Areas of Interest wiki page, under the Resource Owners section.
The Kata Containers project is governed according to the "four opens", which are open source, open design, open development, and open community. Technical decisions are made by technical contributors and a representative Architecture Committee. The community is committed to diversity, openness, and encouraging new contributors and leaders to rise up.
For code contributors, there are currently two roles relevant to project governance:
A Contributor to the Kata Containers project is someone who has had code merged within the last 12 months. Contributors are eligible to vote in the Architecture Committee elections. Contributors have read only access to the Kata Containers repos on GitHub.
A Maintainer has the ability to merge code into the Kata Containers project. Maintainers are active Contributors and participants in the projects. In order to become a Maintainer, you must be nominated and approved by the established Maintainers. Maintainers have write access to the Kata Containers repos on GitHub.
The Architecture Committee is responsible for architectural decisions, including standardization, and making final decisions if Maintainers disagree. It is comprised of 5 members, who are elected by contributors.
The current Architecture Committee members are:
Eric Ernst
(egernst
), Apple.Samuel Ortiz
(sameo
),Rivos Inc
.Gerry Liu
(jiangliu
),Alibaba Cloud
.Peng Tao
(bergwolf
), Ant Group.Fabiano Fidêncio
(fidencio
), Intel.
Architecture Committee elections take place in September (3 seats available) and February (2 seats available). Anyone who has made contributions to the project will be eligible to run, and anyone who has had code merged into the Kata Containers project in the 12 months (a Contributor) before the election will be eligible to vote. There are no term limits, but in order to encourage diversity, no more than 2 of the 5 seats can be filled by any one organization.
The exact size and model for the Architecture Committee may evolve over time based on the needs and growth of the project, but the governing body will always be committed to openness, diversity and the principle that technical decisions are made by technical contributors.
See the elections documentation for further details.
The Architecture Committee meets every Tuesdays at 7:00am PST. Agenda & call info can be found here.
In order to efficiently organize the Architecture Committee (AC) meetings, maximize the benefits for the community, and be as inclusive as possible, the AC recommends following a set of guidelines for raising topics during the weekly meetings.
See the vendoring documentation.
Vulnerabilities in Kata are handled by the Vulnerability Management Team (VMT). There are generally two phases:
- The reporting of a vulnerability to the VMT
- Handling and disclosure of the vulnerability by the VMT
Vulnerabilities in Kata should be reported using the responsible disclosure model.
There are two methods available to report vulnerabilities to the Kata community:
- Report via a private issue on the Kata Containers launchpad
- Email any member of the Kata Containers architecture committee directly
When reporting a vulnerability via the launchpad:
- You will need to create a launchpad login account.
- Preferably, but at your discretion, create the report as "Private Security", so the VMT can assess and respond in a responsible manner. Only the VMT members will be able to view a "Private Security" tagged issue initially, until it is deemed OK to make it publicly visible.
Vulnerabilities in the Kata Container project are managed by the Kata Containers Vulnerability Management Team (VMT). Vulnerabilities are managed using a responsible disclosure model.
Details of how to report a vulnerability, the process and procedures used for vulnerability management, and responsibilities of the VMT members can be found in the VMT documentation.
Previous Kata Containers Security Advisories are listed on their own page.
See the week in review report template.