Thank you, although I'm in a different use-case, sorry for not being able to explain myself: Kata does support privileged containers (https://github.com/kata-containers/kata-containers/blob/main/docs/how-to/pri...), but I don't want to use them. AFAIK Zun can use a stock Docker install with Kata Containers as an optional step (https://docs.openstack.org/zun/2023.2/install/compute-install.html#enable-ka...), but there is no mention of using Zun together with Docker rootless (https://docs.docker.com/engine/security/rootless/) or Zun + Docker Rootless + Kata Containers. Maybe I should start with an ordinary Docker install with Kata and then test if it is possible to switch to rootless? Best regards Francesco Di Nucci Il 13/03/2024 13:49, Hongbin Lu ha scritto:
Hi,
Zun allows running privileged containers but I am not sure if Kata supports privileged flag. You might want to consult the Kata community about that.
Best regards, Hongbin
On Wed, Mar 13, 2024 at 4:41 PM Francesco Di Nucci <francesco.dinucci@na.infn.it> wrote:
Hello,
I am working on a 2023.2 instance to install Zun. While we're still in the design phase, I was wondering if it is possible to run Docker as a non-root user together with Kata Containers for enhanced security. Has anyone tried this solution?
Regards
Francesco Di Nucci