Introduction
This repository contains the implementation of Kata remote hypervisor.
Kata remote hypervisor enables creation of Kata VMs on any environment without requiring baremetal servers or nested
virtualization support.
Goals
- Accept requests from Kata shim to create/delete Kata VM instances without requiring nested virtualization support.
- Manage VM instances in the cloud to run pods using cloud (virtualization) provider APIs
- Forward communication between kata shim on a worker node VM and kata agent on a pod VM
- Provide a mechanism to establish a network tunnel between a worker and pod VMs to Kubernetes pod network
Components
Installation
Please refer to the instructions mentioned in the following doc.
Supported Providers
- aws
- azure
- ibmcloud
- libvirt
- vsphere
Adding a new provider
Please refer to the instructions mentioned in the following doc.
Cloud Provider VM Image
A custom VM image, which contains the required components, must be available in your cloud provider's image catalogue. You can find detailed instructions for
each provider in their respective directories. You can also find further information in the podvm README.md about how to build your own
image using Docker to build the required components and create the image.
At time of writing the project is moving towards using mkosi as our build approach, more information on this can be found
in the podvm-mkosi README.md.
VM Image Build Quick Start
To create a QCOW2 image which can be imported into your provider of choice, you can use the following command.
# default ubuntu based, x86 architecture image
make podvm-builder podvm-binaries podvm-image
# or to produce an s390x architecture image
ARCH=s390x make podvm-builder podvm-binaries podvm-image
# or to produce a rhel distribution image
PODVM_DISTRO=rhel make podvm-builder podvm-binaries podvm-image
N.B. This will populate the image using the component versions found in versions.yaml.
You can find provider specific instructions on how to import the QCOW2 image for each cloud provider in their respective directories.