2022-02-09 17:32:35 UTC - Martin Goldman: Hello folks. I was wondering if anyone has ever tried running the function containers using an alternative runtime for improved workload isolation, i.e. with kata-containers or similar. I assume it's possible, somehow, but I'm not sure if it would require code changes to the invoker / container factory. I know that Docker lets you configure the default-runtime to be something other than runc, but I'm not really sure if that would be respected or not -- I'm new enough both to this project and to containers in general that my knowledge of how the pieces connect is shaky. I might just jump in and do some experimenting, but figured I'd ask first if there was any prior art here. https://openwhisk-team.slack.com/archives/C3TPCAQG1/p1644427955643759?thread_ts=1644427955.643759&cid=C3TPCAQG1 ----
