Article
Full picture: This is a Kubernetes pod running on Kata Containers (a hardware-level microVM) ┌─────────────────────────────────────────────────┐ │ K8s Node (host) │ ← you can't reach this │ ┌───────────────────────────────────────────┐ │ │ │ Kata Containers VM (separate kernel) │ │ ← hardware isolation │ │ ┌─────────────────────────────────────┐ │ │ │ │ │ Your container (overlayfs root) │ │ ← you are here │ │ │ uid=1001(z), CapEff=0 (no caps) │ │ │ │ │ No sudo, no privileges whatsoever │ │ │ │ │ └─────────────────────────────────────┘ │ │ │ └───────────────────────────────────────────┘ │ └─────────────────────────────────────────────────┘ Kata Containers = each pod gets its own lightweight VM with a separate Linux kernel - not just namespace isolation like Docker Zero capabilities (CapEff: 0000000000000000) - can't nsenter, chroot, or unshare No sudo - password required, no NOPASSWD No K8s API access - no service account token mounted PID 1 = tini → /start.sh - no host processes visible External storage mounts (FUSE, the only "outside" you can see): Mount Type Access /home/official_skills/ ossfs (Alibaba OSS bucket) read-only /home/z/my-project/upload/ ossfs read-write /home/user_skills/ PolarFS read-write /home/sync/ ossfs read-write /tmp/my-project/ PolarFS read-write These are remote filesystems (Alibaba Cloud OSS + PolarDB), not the host disk. There's no path to the K8s node filesystem. / ├── .dockerenv ├── start.sh ← container entrypoint │ ├── bin/ ← symlinks to /usr/bin ├── sbin/ ← symlinks to /usr/sbin ├── lib/ ← system libs ├── lib64/ ├── boot/ ├── dev/ ├── proc/ ├── sys/ ├── run/ ├── media/ ├── mnt/ │ ├── usr/ ← (massive - excluded for clarity) │ └── bin/, lib/, share/, local/, ... │ ├── var/ ← (logs, caches - excluded) │ ├── etc/ ← system config │ ├── .z-ai-config │ ├── ImageMagick-7/ │ ├── X11/ │ ├── alternatives/ │ ├── apt/ │ ├── fonts/ │ ├── ghostscript/ │ ├── java-21-openjdk/ │ ├── mysql/ │ ├── pam.d/ │ ├── profile.d/ │ ├── python3.13/ │ ├── ssh/ │ ├── ssl/ │ ├── systemd/ │ ├── vim/ │ └── (100+ config files) │ ├── root/ ← (empty, root home) │ ├── home/ │ ├── bun/ ← (empty, bun user home) │ ├── official_skills/ ← 68 zipped skill packages (.zip) │ │ ├── ASR.zip │ │ ├── LLM.zip │ │ ├── TTS.zip │ │ ├── VLM.zip │ │ ├── charts.zip │ │ ├── design.zip │ │ ├── docx.zip │ │ ├── pdf.zip │ │ ├── pptx.zip │ │ ├── xlsx.zip │ │ ├── fullstack-dev.zip │ │ └── ... (58 more) │ ├── user_skills/ ← (empty - custom user skills) │ ├── sync/ ← (empty) │ ├── extract-official-skills.sh ← skill extraction script │ └── z/ ← YOUR home │ ├── .gitconfig, .npmrc │ ├── pyproject.toml, uv.lock │ ├── TODO │ ├── node_modules/ │ └── my-project/ │ ├── .env, .git/ │ ├── download/ ← deliverables │ │ ├── nothing-here.zip │ │ ├── move-to-next.zip │ │ └── still-here?.zip/ │ ├── upload/ │ └── skills/ ← 68 extracted skill modules │ ├── tmp/ │ ├── my-project/ ← mirror/snapshot of your project │ │ ├── .initial_snapshot.json │ │ ├── download/ │ │ │ ├── nothing-here-dude.zip │ │ │ ├── I said-move-to-next.zip │ │ │ └── Again?.zip/ │ │ └── tool-results/ ← command output cache │ ├── LICENSE, README.md │ ├── boot-timeline.log │ ├── node-compile-cache/ │ └── tectonic/ ← LaTeX cache │ ├── opt/ ← (empty) ├── srv/ ← (empty) └── lost+found/
We have gone long since...
Comments