Using MicroVms inside Kubernetes

General Discussions
1

Hello everyone,

I’m currently working on my graduation project and would deeply appreciate insights or guidance from the community. My project’s topic is using microVMs inside Kubernetes. The professor supervising my work outlined 3 main stages:

1-Run microVMs inside Kubernetes

2-Implement a hybrid cluster: some workloads run in regular containers, others in microVMs depending on their security/criticality needs

3-PCI passthrough: allow microVMs to access hardware directly for better performance or security isolation

For the first stage, my professor advised to start by investigating whether it’s possible to run a microVM directly inside Kubernetes (not a container within a microVM but a pure microVM, if possible). The next step would be running a container inside a microVM.

He suggested looking into current methods like Firecracker and Kata Containers, and even considering lower-level approaches such as CRI …. not just sticking to what exists .

i’m feeling a bit lost , i tried to look how kubernetes creates a pod and search about kata and firecracker , i didn’t actually find tutorial on how to use them with kubernetes ( i tried using some tutorials found about kata but they were old and depricated and didn’t work ! )

Does anyone worked with this subject before or have ideas on what should i do ? , useful ressources or advices , i would be extremely grateful .
Thank you so much !

2

Hey, that sounds like an awesome project! Running microVMs inside Kubernetes is definitely an interesting challenge, especially with Firecracker and Kata Containers. You’re on the right track looking into those. Firecracker is great for lightweight isolation, and Kata can integrate more naturally with Kubernetes as it provides a container runtime interface (CRI).

If you haven’t already, try checking the Kata Containers official docs, they have a section on setting it up with Kubernetes and CRI-O or containerd. There’s also a Firecracker-Kata integration guide floating around GitHub that shows how to configure Kata to use Firecracker as the hypervisor. It’s a bit outdated, but still helpful for understanding the flow.

And don’t stress too much about the learning curve, once you get a minimal setup working, the rest becomes much clearer. If you get stuck, the Kubernetes Slack community (especially #kata-containers) is super helpful.

You’ve got this!