
Ask HN: Could Kubernetes be written to use alternatives? - jmspring
Kubernetes as it stands is amazingling popular right now.  I&#x27;ve done my fair share of contributions and deployments.  Most deployments are Docker based (there is support for Kata Containers in some cases).  But can it evolve&#x2F;morph to support more secure non-Linux based mechanisms like FreeBSD Jails or Solaris Zones (yes, Solaris is a dead horse, but a good example)?  People debate the security of a distro a docker image is based on -- Alpine is considered secure, but less so if one needs glibc.<p>I&#x27;m just curious if this is a concern and something people are considering?  Linux does not have the same level of primitives to compare to Jails&#x2F;Zones at this point.  Is it needed, I don&#x27;t know, but am curious about the options.
======
dankohn1
If you need more isolation than is available in regular Docker containers,
take a look at some of the alternative container runtimes:

[https://landscape.cncf.io/grouping=landscape&landscape=conta...](https://landscape.cncf.io/grouping=landscape&landscape=container-
runtime)

I also found both of these articles illuminating:

[https://cloudplatform.googleblog.com/2018/05/Open-
sourcing-g...](https://cloudplatform.googleblog.com/2018/05/Open-sourcing-
gVisor-a-sandboxed-container-runtime.html)
[https://cloudplatform.googleblog.com/2018/05/Exploring-
conta...](https://cloudplatform.googleblog.com/2018/05/Exploring-container-
security-Isolation-at-different-layers-of-the-Kubernetes-stack.html)

------
lobster_johnson
Kubernetes' has a pluggable container interface, called CRI. You can implement
non-Docker containers. For example, there's a runtime called Virtlet [1] that
runs VMs instead of Docker.

I don't know of anyone working on CRI implementations for FreeBSD jails or
Solaris Zones. At the moment, I believe Kubernetes has specific dependencies
on Linux in other areas that the container runtime.

[1] [https://www.mirantis.com/blog/virtlet-run-vms-as-
kubernetes-...](https://www.mirantis.com/blog/virtlet-run-vms-as-kubernetes-
pods/)

