Specify Kata Container Runtime in Pod SpecΒΆ

Note

Kata Containers will not be supported in StarlingX r9.0.

You can specify the use of Kata Container runtime in your pod specification by runtime class or by annotation.

Procedure

  • Do one of the following:

    To use the runtime class method:

    1. Create a RuntimeClass with handler set to kata.

    2. Reference this class in the pod spec, as shown in the following example:

      kind: RuntimeClass
apiVersion: node.k8s.io/v1
metadata:
  name: kata-containers
handler: kata
---
apiVersion: v1
kind: Pod
metadata:
  name: busybox-runtime
spec:
  runtimeClassName: kata-containers
  containers:
  - name: busybox
    command:
      - sleep
      - "3600"
    image: busybox

    To use the annotation method:

    Set io.kubernetes.cri.untrusted-workload to true in the annotations section of a pod spec.

    For example:

    apiVersion: v1
kind: Pod
metadata:
  name: busybox-untrusted
  annotations:
    io.kubernetes.cri.untrusted-workload: "true"
spec:
  containers:
  - name: busybox
    command:
      - sleep
      - "3600"
    image: busybox

    Note

    This method is deprecated and may not be supported in future releases.