AUSTIN, Texas--(BUSINESS WIRE)--The OpenStack Foundation today announces a new open source project, Kata Containers™, which aims to unite the security advantages of virtual machines (VMs) with the speed and manageability of container technologies. The project is designed to be hardware agnostic and compatible with the Open Container Initiative (OCI) specification, as well as the container runtime interface (CRI) for Kubernetes. Kata Containers offers the ability to run container management tools directly on bare metal without sacrificing workload isolation. When compared to running containers on virtualized infrastructure (which is the standard practice today), benefits include increased performance, faster boot time and cost efficiencies.
Intel is contributing Intel Clear Containers technology, and Hyper is contributing runV technology to initiate the project. In addition to contributions from Intel and Hyper, the following companies are supporting the project at launch: 99cloud, AWcloud, Canonical, China Mobile, City Network, CoreOS, Dell/EMC, EasyStack, Fiberhome, Google, Huawei, JD.com, Mirantis, NetApp, Red Hat, SUSE, Tencent, Ucloud, UnitedStack and ZTE.
JD.com, China’s largest eCommerce platform by revenue, currently offers a container service powered by runV, the technology from Hyper.sh that will form the basis for Kata Containers. The service exposes an easy-to-use, Docker-like workflow, so developers who know Docker are able to jump in and deploy apps immediately.
“With virtualized containers, the basis for Kata Containers technology, we are able to provide a container service for our customers to deploy applications in a simple, fast, secure and cost-effective manner,” said Lijing Guo, general manager of JD Cloud Product Management at JD.com. “Development speed is 3x to traditional IaaS, but with 50 percent cost reduction. We look forward to seeing a community form around this technology to drive it forward.”
The Kata Containers project will initially comprise six components, including the Agent, Runtime, Proxy, Shim, Kernel and packaging of QEMU 2.9. It is designed to be architecture agnostic, run on multiple hypervisors and be compatible with the OCI specification for Docker containers and CRI for Kubernetes.
By combining two of the most well-integrated virtualized container open source code bases and moving the project to open governance, the Kata Containers community will focus on attracting contributors, supporting diverse hardware architectures and driving technology adoption. Contributors can expect to work upstream across multiple infrastructure and container orchestration communities, including Kubernetes, Docker, OCI, CRI, CNI, QEMU, KVM, HyperV and OpenStack.
Called Kata Containers, the new project suggests the Greek word, Καταπίστευμα (“ka-ta-PI-stev-ma”) that translates as “trust something to someone.” The word Kata in Japanese also means a detailed choreographed pattern of movements performed by individuals.
Kata Containers at the OpenStack Foundation
Kata Containers is a container infrastructure project managed by OpenStack Foundation, the home of open infrastructure. While OpenStack users may benefit from the new technology, Kata Containers is an independent project with its own technical governance and contributor base. The Kata Containers community expects to collaborate and target all popular infrastructure providers and container orchestration frameworks in addition to OpenStack-powered clouds.
The OpenStack Foundation provides access to a diverse, global community of 82,000+ members across 187 countries, with the ability to leverage shared administrative and scalable resources, including community management, event management, and dev/test infrastructure.
About Kata Containers
Kata Containers is a new open source project that delivers the speed and performance of Linux containers with the workload isolation of virtual machines. It is designed to be architecture agnostic and compatible with OCI images, as well as the container runtime interface (CRI) for Kubernetes.
Kata Containers is hosted on Github under the Apache 2 license and managed by the OpenStack Foundation. Get involved at www.katacontainers.io.
Supporting Quotes
“Containerization is an inevitable trend and we are very excited to see
the OpenStack Foundation is making great efforts to launch the Kata
Containers project. 99Cloud has been working in Kolla and OpenStack
containerization for a long time, along with that we deployed the first
Kolla production case and cloud OS based on Ocata & Pike release
accordingly. In the future, we will leverage our experience and
resources to contribute into this new project.”
—Kai Li, co-founder
and vice president, 99Cloud Inc.
“Kata Containers technology has the potential to help enterprise
customers build a more secure container infrastructure while bringing
new energy and inspiration into the infrastructure software development
community. As an open source software startup, AWcloud will support the
Kata Containers project to help our enterprise customers build more
secure container infrastructure.”
—Hua Li, CTO, AWcloud
“The Kata Containers Project is an exciting addition to the OpenStack
Foundation family of projects. Lighter, faster, more secure VMs
technology fits perfectly into the OpenStack Foundation family and
aligns well with Canonical’s data center efficiency initiatives. Like
Clear Containers and Hyper.sh previously, Kata Container users will find
their hypervisor and guests well supported on Ubuntu.”
—Dustin
Kirkland, vice president, Product, Canonical
“It's China Mobile’s honor to join the Kata Containers project and
project launch. It’s very well aligned with China Mobile’s Cloud
Computing product. Kata Containers is a good complement for OpenStack.
China Mobile has built IaaS product software stack based on OpenStack,
and has a strong R&D team now, and we want to make a bigger investment
in containers in the future. We think Kata Containers is a good choice
for us.”
—Junwei Liu, assistant general manager of Cloud Computing
Department, Suzhou R&D Center, China Mobile
“Cloud infrastructure is rapidly evolving, and City Network is committed
to offering the most innovative services to our financial services
customers while also meeting industry regulations and business
constraints. Technologies like virtualized containers that can offer
workload isolation are compelling, and we support the Kata Containers
community as we push the envelope with new innovative services for
regulatory sensitive industries.”
—Johan Christenson, CEO, City
Network
“CoreOS has long seen the power of combining containers and
virtualization for a fast and secure deployment option for anything from
highly secured workloads to untrusted workloads. With the rapid adoption
of Kubernetes to assist with orchestration, the new Kata Containers
Project is well-timed to showcase the combination of virtualization and
containers to more users, and eventually as the technology matures, the
enterprise.”
—Reza Shafii, vice president of product, CoreOS
“OpenStack and Kubernetes are core cloud technologies. However, there
are gaps to be filled, including security, isolation and support for
optimized, lightweight images in runtime. Ease of integration between
OpenStack and Kubernetes for multi-tenant support and access to the same
set of network and storage resources is another gap. Kata Containers was
born to fill these gaps. With memberships in the OpenStack Foundation,
CNCF and OCI, EasyStack pledges to provide technical expertise and
resources to support the Kata Containers project and provide these
technologies in our customer environment.”
—Guohui Liu, co-founder
and CTO of EasyStack
“Secure pods are an important direction for Kubernetes that allow
multiple security boundaries within one node. With this approach already
running on GCP, Kata Containers are an exciting addition as they enable
secure pods, which provide lightweight security isolation and safe
multi-tenancy.”
—Eric Brewer, vice president, infrastructure,
Google Cloud
“The Kata Containers brings a new level of value and functionality to
running containers in production environments, and we’re pleased to
contribute. Secure container management technology that’s light, fast
and agile can answer many of the challenges faced by both large telecom
operators and enterprise users.”
—Xiaoli Jiang, general manager,
Cloud Open Source Development Team, Huawei
“Hyper is proud and excited to contribute runV, our virtualized
container runtime technology, as the foundation of the new Kata
Containers project. Hyper’s vision from the start has always been to
combine the best of virtualization and containerization, in delivering
the security of VMs with the speed of containers. We see Kata
Containers, as a potential basis for new on-demand container-native
services spanning public/private cloud, serverless, and edge computing
use cases and look forward to working with the community.”
—James
Kulina, COO, Hyper
“Intel is proud to be a part of a project that expands on the vision of
security and efficiency established with Clear Containers. Kata
Containers combines the security and isolation advantages of existing
virtual machines (VMs) with the deployment speed of containers. The
project’s runtime and tools look to standardize this approach and help
make it easier to realize these benefits across stacks and platforms.”
—Imad
Sousou, vice president and general manager, Open Source Technology
Center, Intel
“The OpenStack Foundation knows how to build and grow communities for
open infrastructure, and I'm excited to see the organization growing to
support the new Kata project, enabling secure container infrastructure.”
—Boris
Renski, co-founder and CMO, Mirantis
“NetApp is among the earliest and most active contributors to OpenStack
and a variety of container projects, including Kubernetes and Docker. As
customers rely increasingly on their data as a vital asset, these
initiatives address the need for persistent storage and reliable
security. We’re committed to advancing common standards that make
container solutions more secure and even easier to deploy and use. The
Kata Containers approach is particularly impressive in how it takes on
the formidable challenge of secure tenant isolation along container
boundaries in multi-tenant CaaS environments.”
—Mark Bregman,
senior vice president and CTO, NetApp
“It is great to see open source communities combine efforts and work
together as with Kata Containers, and aligning with standards like OCI
and key container projects like Kubernetes are important starting points
for Kata. Container technologies are having a significant impact on the
industry and adding hardware isolation as an option when using
containers has the potential to bring a new class of workloads to
container platforms including Red Hat OpenShift, furthering that
industry impact.”
—Chris Wright, vice president and CTO, Red Hat
“SUSE is committed to delivering the benefits of secure enterprise-grade
technology to its customers. Kata will be an important piece of the
puzzle, unlocking the full potential of enterprise cloud models through
greater security and innovative multi-tenant possibilities.”
—Thomas
Di Giacomo, CTO, SUSE
“Containers technology offers huge potential benefits to operators of
cloud infrastructure at scale, but practical considerations of security
and performance result in compromises. As scale operators of
infrastructure powered by OpenStack and other technologies, we’re
excited to support the Kata Containers project, as it offers a novel
approach to solving the challenges of containers at scale.”
—Carlos
Luo, cloud general manager of government affairs, Tencent
“Kata Containers naturally inherits the technical advantages of both VMs
and containers, solving several pain points which bother us a lot. Kata
Container is an exciting technology and UCloud developers contributed
code and ideas to the upstream community of what has become the Kata
Containers project. UCloud has also deployed the technology in
production environments, for example, on CaaS, Cloud DB (UDB) and SDN
products. UCloud will continue developing and deploying the technology
to provide better products to cloud users.”
—Mojiong Qiu, director,
UCloud
Connect With the Kata Containers Community
- Freenode IRC: #kata-dev
- Slack: KataContainers
- Website: katacontainers.io
- Twitter: @KataContainers
- Facebook: KataContainers
Meet the Kata Containers Team at KubeCon This Week
- Dec 6-8: Kata Containers booth #S57 in the Sponsor Showcase
- Dec 6: Kata Containers featured in Intel’s keynote presentation, 9:50-9:55am, Exhibit Hall 3
- Dec 6: Kata Containers breakout session, 2:00-2:35pm in Ballroom B
- Dec 8: Community on-boarding Meetup over lunch, 12:30-2:30pm, at Native Bar & Kitchen (5-minute walk from the Austin Convention Center)
For those not at KubeCon, the community will host Kata Containers Community On-boarding Webinars. The first is on December 18 at 5:00pm PST. Register at: https://zoom.us/j/546473686. The second is on December 19 at 8:30am PST. Register at https://zoom.us/j/169673807.
