Katakate/k7 provides a self-hosted, scalable solution for creating and managing lightweight virtual machine (VM) sandboxes designed for executing untrusted code. It targets developers and organizations needing secure, isolated compute environments for AI agents, custom serverless functions, hardened CI/CD pipelines, or blockchain applications, offering a robust alternative to cloud-managed services.

How It Works

Katakate orchestrates sandboxes using Kubernetes (specifically K3s) and leverages battle-tested VM isolation technologies. It employs Kata Containers with Firecracker as the Virtual Machine Manager, chosen for its rapid boot times, minimal resource footprint, and reduced attack surface. Efficient disk space management is achieved through Devmapper Snapshotter with thin-pool provisioning, allowing dozens of VMs per node.

Quick Start & Requirements

• Primary Install: On Ubuntu (amd64) nodes, install the CLI via sudo apt install k7, then run k7 install to provision Kubernetes, Kata, Firecracker, and other components.
• Prerequisites:
  • Host OS: Ubuntu (amd64).
  • Hardware: KVM hardware virtualization enabled and accessible (/dev/kvm must exist).
  • Disk: One raw, unformatted disk for thin-pool provisioning.
  • Dependencies: Ansible, Docker, Docker Compose (for API).
  • Client: Recent Python version.
• Links: Setup guide available as tutorials/k7_hetzner_node_setup.pdf.

Highlighted Details

• Security Hardening: Features multiple layers including VM isolation (Kata/Firecracker), Jailer, Seccomp, dropped Linux capabilities, disabled privilege escalation, non-root execution options, and network policies for ingress/egress control.
• Multi-Interface Access: Supports direct node interaction via CLI, remote management through a REST API, and programmatic control via sync/async Python SDKs.
• Resource Efficiency: Utilizes Firecracker for fast VM boots and low overhead, combined with Devmapper snapshotting for optimized disk usage.

Maintenance & Community

Direct technical support is available via email at hi@katakate.org. Active development is indicated by a "Coming Soon" section detailing planned features.

Licensing & Compatibility

Katakate is licensed under the permissive Apache-2.0 license, allowing for commercial use and integration into closed-source projects.

Limitations & Caveats

The project is currently in beta and undergoing a security review, advising caution for highly sensitive workloads. A known issue exists where Jailer appears to be ignored by Kata, which is under investigation. Deployment requires specific hardware virtualization support, often necessitating bare-metal or specialized cloud instances, and a dedicated raw disk for sandbox provisioning.