starlingx/docs
Code Issues Proposed changes
Files
.vscode
api-ref
doc
.vscode
source
.vscode
_includes
_myincludes
_static
_stx-related-links
_themes
_vendor
admintasks
api-ref
application-ref
archive
backup
cli_ref
configuration
contributor
datanet
debian
deploy
deploy_install_guides
developer_resources
dist_cloud
fault-mgmt
guest_integration
introduction
kube-virt
node_management
operations
planning
releasenotes
sample_apps
security
shared
storage
system_configuration
updates
usertasks
.vscode
kubernetes
figures
accessing-the-kubernetes-dashboard.rst
add-an-additional-network-interface-to-a-container-616bc5c5a6dd.rst
bandwidth-plugin-3b8966c3fe47.rst
bridge-plugin-7caa94024df4.rst
configuring-remote-helm-client.rst
delete-image-tags-in-the-docker-registry-8e2e91d42294.rst
host-device-plugin-714d4862a825.rst
index-usertasks-kub-1291759aa985.rst
integrate-the-bond-cni-plugin-2c2f14733b46.rst
inter-host-pod-to-pod-security-overview-502afc38a15e.rst
internal-ca-and-nodeport-example-2afa2a84603a.rst
ipvlan-plugin-150be92d0538.rst
issuers-in-distributed-cloud-fbc035675c0f.rst
kata-containers-overview.rst
known-limitations.rst
kubernetes-user-tutorials-about-persistent-volume-support.rst
kubernetes-user-tutorials-access-overview.rst
kubernetes-user-tutorials-authentication-and-authorization.rst
kubernetes-user-tutorials-cert-manager.rst
kubernetes-user-tutorials-configuring-container-backed-remote-clis-and-clients.rst
kubernetes-user-tutorials-create-readwritemany-persistent-volume-claims.rst
kubernetes-user-tutorials-create-readwriteonce-persistent-volume-claims.rst
kubernetes-user-tutorials-fluxcd-deploy-00d5706c3358.rst
kubernetes-user-tutorials-helm-package-manager.rst
kubernetes-user-tutorials-installing-kubectl-and-helm-clients-directly-on-a-host.rst
kubernetes-user-tutorials-metrics-server.rst
kubernetes-user-tutorials-mount-readwritemany-persistent-volumes-in-containers.rst
kubernetes-user-tutorials-mount-readwriteonce-persistent-volumes-in-containers.rst
kubernetes-user-tutorials-rest-api-access.rst
kubernetes-user-tutorials-vault-overview.rst
letsencrypt-example.rst
macvlan-plugin-e631cca21ffb.rst
nodeport-usage-restrictions.rst
protect-inter-host-pod-to-pod-traffic-of-services-51ef3b65e272.rst
ptp-plugin-bc6ed0498f4c.rst
remote-cli-access.rst
source-based-routing-plugin-51648f2ddff1.rst
specifying-kata-container-runtime-in-pod-spec.rst
sriov-plugin-4229f81b27ce.rst
tuning-plugin-08f8cdbf1763.rst
turn-off-inter-host-pod-to-pod-traffic-protection-in-the-clust-5265939c5344.rst
unprotect-inter-host-pod-to-pod-traffic-at-specific-ports-of-s-a294b80c1d67.rst
unprotect-inter-host-pod-to-pod-traffic-of-specific-services-co-c0eca384959d.rst
use-application-isolated-cores.rst
using-an-image-from-the-local-docker-registry-in-a-container-spec.rst
using-container-based-remote-clis-and-clients.rst
using-kubernetes-cpu-manager-static-policy.rst
vault-aware.rst
vault-unaware.rst
virtual-routing-and-forwarding-plugin-0e53f2c2de21.rst
vlan-plugin-37938fe8578f.rst
vran-tools-2c3ee49f4b0b.rst
openstack
index-usertasks-b18b379ab832.rst
_this.txt
conf.py
index.rst
spelling_wordlist.txt
Makefile
requirements.txt
upper-constraints.txt
resources
templates
.gitignore
.gitreview
.zuul.yaml
README.rst
_p_columns.py
_utils.sh
bindep.txt
dirtyCheck.sh
dup-abbr-check.sh
fetch-ports-files.sh
get-remote-files.sh
hide-empty-rows.py
hide-empty-rows.sh
hide-table-columns.py
htmlChecks.sh
hw-updates.sh
mk-link-subs.sh
new-topic.sh
normalize-includes.sh
parser.py
pickCompare.sh
py_2_xlsx.py
remove-grid-columns.py
remove-list-columns.py
remove_empty-grid_rows.py
remove_empty-list_rows.py
setup.cfg
setup.py
test-requirements.txt
test.txt
tox.ini
xlst_2_csv.py
docs/doc/source/usertasks/kubernetes/known-limitations.rst
Elisamara Aoki Goncalves 1eae56ba7f Kata Container Support with Debian OS 
Update Kata containers docs
Fix conflict

Story: 2010765
Task: 49554

Change-Id: I07e31de31baca504e073efc5358ab664d9355909
Signed-off-by: Elisamara Aoki Goncalves <elisamaraaoki.goncalves@windriver.com>
2024-03-27 18:08:55 +00:00

1.6 KiB
Raw Permalink Blame History

Known Kata Container Limitations

This section describes the known limitations when using Kata containers.

SR-IOV Support

A minimal kernel and rootfs for Kata containers are shipped with , and can be found at /usr/share/kata-containers/. To enable certain kernel features such as IOMMU (I/O memory management unit), and desired network kernel modules, a custom kernel image, and rootfs has to be built. However, many tests carried out using this solution were unsuccessful. More details of this solution can be seen in: https://bugs.launchpad.net/starlingx/+bug/1867927.

CPU Manager Support

Kata containers currently occupy only the platform cores. There is no CPU (Central Processing Unit) manager support.

Hugepages

  • Similar to the limitation, hugepage support must be configured in a custom Kata kernel.
  • The size and number of hugepages must be written using the io.katacontainers.config.hypervisor.kernel_params annotation.
  • Creating a hugetlbfs mount for hugepages in the Kata container is specific to the end user application.

Note

This solution does not work in version v3.1.3 of the Kata Containers. A pod can be started with hugepages specified, but none are actually allocated to the Kata .