All Products
Search
Document Center

Container Service for Kubernetes:Create a node pool that runs sandboxed containers

Last Updated:Nov 19, 2024

The Sandboxed-Container runtime uses a lightweight virtual machine to host an application and its environment. It provides kernel simulation for the pods of the application and isolates the pods from the external environment. This protects the host or other containers against attacks or vulnerabilities inside the sandboxed containers. Container Service for Kubernetes (ACK) allows you to create node pools to manage nodes. This topic describes how to create a node pool that runs sandboxed containers.

Limits

You can create a node pool that runs sandboxed containers only in ACK managed clusters and ACK dedicated clusters whose Kubernetes versions are 1.31 or earlier.

Procedure

When you create a node pool, select Sandboxed-Container as the container runtime. For more information, see Create a node pool.

image