Insights on Cloud‑Native Security Containers: The Evolution of Kata and RunV

China's internet technology has evolved dramatically over the past two decades, moving from a time when Linux and load balancing were rare to an era where virtualization, containers, and serverless dominate, and professionals now seek Kubernetes training.

At KubeCon 2019 in Shanghai, the speaker highlighted the surge of cloud and container technologies, noting continuous innovations despite the event being held only six months after the previous one.

Interviewed as a senior expert in the container field, Wang Xu discusses his view on the current state of containers and cloud‑native, the founding of the runV project in 2015, its 2017 merger with Intel's Clear project to form the Kata container project, and how Kata and Google's gVisor are now the two leading secure container technologies.

Wang explains that the original motivation for runV was to strengthen containers or introduce other security techniques to achieve isolation, leading to the concept of “runtime class” in Kubernetes, which allows users to select secure containers on a global or pod level.

Kata's significance lies in driving community development; early Kata required many auxiliary processes to emulate runC, but with new interfaces it now reduces overhead to a single process, enabling flexible runtime selection.

Secure containers make broader container adoption possible, especially for financial services at Ant Financial, where strict security standards align with Kata's capabilities.

Balancing security with performance, Kata adds an isolation layer that confines capabilities within a sandbox, protecting the host while remaining transparent to applications.

The container ecosystem has progressed from early cgroups and LXC to Docker, and now to Kubernetes as the de‑facto standard, with a trend toward higher‑level abstractions that hide underlying infrastructure complexities.

In finance, cloud‑native adoption requires meeting both application and regulatory security requirements, demanding stronger isolation than typical cloud services.

Wang reflects on open‑source as a vital marketing strategy for startups, noting that while open‑source can accelerate adoption, it also poses risks if competitors outpace the original developers.

He emphasizes that successful open‑source projects need active community building, not just code release, and that startups must focus on delivering valuable solutions rather than merely impressive architectures.

Overall, Wang Xu’s experiences illustrate the technical and business challenges of building secure, cloud‑native container solutions and the importance of open‑source collaboration in driving innovation.