Interconnecting with the iSula Secure Container



To provide a better isolation environment for containers and improve system security, it is necessary to connect Kata to StratoVirt in the iSula secure container scenario.

Interconnection with an iSula Secure Container


iSulad and Kata containers have been installed.


The default path of the Kata configuration file is /usr/share/defaults/kata-containers/configuration.toml.

  1. Compile kata-kernel.

    • Download kata-containers/packaging
    • Paste the corresponding config file under /kernel/configs/ to the kernel folder and rename .config:
    cp x86_64_kata_kvm_4.14.x /home/kernel/.config
    • Enter the kernel/ and execute the command:
    make -j vmlinux
    objcopy -O binary vmlinux vmlinux.bin
  2. Compile Kata containers-initrd.img.

    • Download kata_integration
    • Enter kata_Integration directory and download kata-agent
    • In kata_integration/ create the folder build under the integration directory
    • Rename the kata-agent directory to agent
    • Enter the agent/ folder
    • Apply patch:
    • Enter kata_integration/ directory and compile:
    make initrd
    • Enter the build folder and view the compilation results:kata-agent kata-containers-initrd.img
  3. Modify the configuration file to set the hypervisor type of the secure sandbox to stratovirt.

    path = "/home/"
    kernel = "/home/kernel/vmlinux.bin"
    initrd = "/var/lib/kata/kata-containers-initrd.img"
    block_device_driver = "virtio-mmio"
    use_vsock = true
    enable_netmon = false
    sandbox_cgroup_with_emulator = false
    disable_new_netns = false
  4. Set the execution file path of the secure sandbox to the absolute path of The content of the script is as follows:

    export STRATOVIRT_LOG_LEVEL=info  # set log level which includes trace, debug, info, warn and error.
    /usr/bin/stratovirt $@
  5. Run iSulad to connect Kata to StratoVirt.

    $ isula run -tid --runtime=kata-runtime --name test busybox:latest sh

Bug Catching

Buggy Content

Bug Description

Submit As Issue

It's a little complicated....

I'd like to ask someone.


Just a small problem.

I can fix it online!

Bug Type
Specifications and Common Mistakes

● Misspellings or punctuation mistakes;

● Incorrect links, empty cells, or wrong formats;

● Chinese characters in English context;

● Minor inconsistencies between the UI and descriptions;

● Low writing fluency that does not affect understanding;

● Incorrect version numbers, including software package names and version numbers on the UI.


● Incorrect or missing key steps;

● Missing prerequisites or precautions;

● Ambiguous figures, tables, or texts;

● Unclear logic, such as missing classifications, items, and steps.


● Technical principles, function descriptions, or specifications inconsistent with those of the software;

● Incorrect schematic or architecture diagrams;

● Incorrect commands or command parameters;

● Incorrect code;

● Commands inconsistent with the functions;

● Wrong screenshots.

Risk Warnings

● Lack of risk warnings for operations that may damage the system or important data.

Content Compliance

● Contents that may violate applicable laws and regulations or geo-cultural context-sensitive words and expressions;

● Copyright infringement.

How satisfied are you with this document

Not satisfied at all
Very satisfied
Click to create an issue. An issue template will be automatically generated based on your feedback.