Sandboxed-Container runtime executes applications in lightweight virtual machines isolated from the rest of the system. This architecture establishes kernel-level isolation for application pods while maintaining strict environmental segregation from the host infrastructure. This mechanism effectively protects the host or other containers against attacks or vulnerabilities within the sandboxed container. In Container Service for Kubernetes (ACK), nodes are managed through node pools. This topic describes how to create and scale a node pool that runs in a sandboxed container.
Limits
You can create a node pool that runs Sandboxed-Container runtime only in ACK managed clusters and ACK dedicated clusters whose Kubernetes versions are 1.32 or earlier.
Create a node pool in a sandboxed container
When you create a node pool, select Sandboxed-Container as the container runtime. For more information, see Create and manage a node pool.
Scale the node pool
Log on to the ACK console. In the left-side navigation pane, click Clusters.
On the Clusters page, find the cluster to manage and click its name. In the left-side navigation pane, choose .
Click Scale in the Actions column of the node pool that you want to manage. Specify Expected Nodes and click Confirm Order. In the message that appears, click OK.
After you scale out the node pool, click Node Pools in the left-side navigation pane. On the Node Pools page, you can view that the node pool is scaled out to the expected number of nodes.
Reference
To create an application that runs in sandboxed containers, see Create a stateless application by using a Deployment.