Description
Container images can be run inside Firecracker microVMs to combine VM isolation with OCI-style workflows.
It is useful for developers and operators experimenting with stronger isolation around container workloads. Virtualization runtimes require kernel support, network setup, and trusted images because they can run privileged workloads.