A container runtime using lightweight virtual machines

OpenShift sandboxed containers, based on the Kata Containers open source project, provides an Open Container Initiative (OCI)-compliant container runtime using lightweight virtual machines running your workloads in their own isolated kernel—therefore contributing an additional layer of isolation back to OpenShift’s defense-in-depth strategy.

OpenShift sandboxed containers is available as a technology preview from Red Hat OpenShift Container Platform 4.9.

Features & benefits

  • Isolated developer environments and privileges scoping

  • Legacy containerized workload isolation

  • Multi-tenancy and resource sharing (CI/CD jobs, CNFs, etc.)

  • Additional isolation with native Kubernetes user experience

On-demand video

The Dawn of OpenShift Sandboxed Containers

In this OpenShift Commons Briefing, Adel Zaalouk, Product Manager of OpenShift & Hybrid Platforms, introduces OpenShift sandboxed containers and gives an overview of the product and technology along with its features.

The main goal for OpenShift sandboxed containers is additional isolation, not much about running general-purpose VMs or migrating VMs to OpenShift...

Adel Zaalouk

Product Manager

Latest posts