In the microVM sandbox scenario, the VM process provides complete virtual machines and Linux kernels based on open-source VMMs such as Cloud Hypervisor, StratoVirt, Firecracker and QEMU. Hence, the vmm-sandboxer
of MicroVM sandboxer is responsible for launching VMs and calling APIs, and the vmm-task
, as the init process in VMs, plays the role of running container processes. The container IO can be exported via vsock or uds.
The microVM sandboxer avoids the necessity of running shim process on the host, bringing about a cleaner and more manageable architecture with only one process per pod.
Please note that only Cloud Hypervisor, StratoVirt and QEMU are supported currently.