krunvm
Run OCI images as microVMs
TLDR
Create MicroVM based on Fedora
Start a specific image
List images
Change a specific image
Delete a specific image
SYNOPSIS
krunvm create [OPTIONS] NAME IMAGE
krunvm start NAME
krunvm stop NAME
krunvm delete NAME
krunvm list [OPTIONS]
PARAMETERS
create
Creates a new microVM instance.
start
Starts a previously created microVM instance.
stop
Stops a running microVM instance.
delete
Deletes a microVM instance.
list
Lists existing microVM instances.
NAME
The name of the microVM instance.
IMAGE
The OCI image to use for the microVM.
[OPTIONS]
Various options for configuring the microVM (e.g., memory, CPU).
DESCRIPTION
krunvm is a command-line tool designed to simplify the process of creating and running micro Virtual Machines (microVMs) from OCI (Open Container Initiative) images. It leverages the Krun hypervisor, a lightweight, security-focused virtualization solution, to provide a secure and isolated environment for running container workloads. krunvm aims to offer an alternative to traditional container runtimes by providing strong isolation between containers and the host operating system, reducing the attack surface and enhancing security.
It works by creating a minimal VM environment based on a specified OCI image. This VM is then booted with the necessary configurations to run the containerized application within the isolated context. krunvm handles the complexities of setting up the VM, including memory allocation, CPU configuration, and network setup, allowing users to focus on deploying and managing their applications. The primary goal is to provide a secure, efficient, and user-friendly way to run container workloads with improved isolation and security compared to traditional container runtimes.
CAVEATS
krunvm relies on the Krun hypervisor. Krun needs to be properly installed and configured on the system. The OCI image should be compatible with the microVM environment.
IMAGE REQUIREMENTS
The OCI image must be compatible with the krun environment and should include necessary dependencies for the application to run correctly.
NETWORK CONFIGURATION
Careful consideration should be given to networking configurations when using krunvm, ensuring proper connectivity between the microVM and the host system or external networks.
HISTORY
krunvm is a relatively new tool that has emerged as part of the broader effort to enhance container security and isolation. It builds upon the Krun hypervisor to provide a more secure runtime environment for containerized applications. Development and usage have been driven by the need for stronger isolation and reduced attack surface compared to traditional container runtimes.