Firecracker: Enable jailer by default

Add jailer support to configuration files. Also enable jailer by default in Kata containers. Signed-off-by: Manohar Castelino <manohar.r.castelino@intel.com>
2026-01-08 08:54:29 +01:00 · 2019-06-21 13:12:48 -07:00
parent 78ea50c36c
commit 4fed346d53
4 changed files with 23 additions and 1 deletions
--- a/cli/config/configuration-fc.toml.in
+++ b/cli/config/configuration-fc.toml.in
@@ -12,6 +12,11 @@

 [hypervisor.firecracker]
 path = "@FCPATH@"
+# Path for the jailer specific to firecracker
+# If the jailer path is not set kata will launch firecracker
+# without a jail. If the jailer is set firecracker will be
+# launched in a jailed enviornment created by the jailer
+jailer_path = "@FCJAILERPATH@"
 kernel = "@KERNELPATH_FC@"
 image = "@IMAGEPATH@"