LoftLabs Launches vNode for Boosted Kubernetes Workload Isolation

Highlights:

• vNode adds a node-level virtualization layer, ensuring workload isolation and enabling stricter security boundaries while optimizing shared infrastructure.
• vNode supports container-based nodes running Linux 6.1 and is compatible with major cloud providers, making it both Kubernetes-native and cloud-agnostic.

Recently, a Kubernetes virtualization startup, LoftLabs Inc., launched vNode, a new service offering lightweight node-level virtualization to ensure secure, high-performance workload isolation within shared Kubernetes infrastructure.

vNode is designed to transform secure tenant isolation in Kubernetes by introducing a new layer of node-level virtualization. This ensures complete workload isolation, enabling platform teams to enforce stricter security boundaries while optimizing shared infrastructure.

The new offering enhances LoftLabs’ vCluster, which virtualizes Kubernetes control planes, by enabling vNode to virtualize Kubernetes nodes as well. This allows platform teams to implement stricter multi-tenancy at the node level. vNode also tackles the challenge of maintaining robust security while optimizing resource usage, providing strong node isolation without compromising the efficiency of shared infrastructure.

“VNode solves a frustrating trade-off in Kubernetes multi-tenancy. Organizations can either give tenants shared access to nodes, introducing security risks and limiting restrictions for tenants, or they force them onto separate, expensive nodes. Neither option is great. VNode eliminates this dilemma by enforcing strict isolation within shared nodes, keeping security high and overhead low, ” said Lukas Gentele, Chief Executive.

The new services function by adding a lightweight virtualization layer that isolates workloads within shared physical nodes, bypassing the complexity of traditional virtual machine architectures and the overhead of syscall translation. This design maintains strong security boundaries while ensuring high performance and resource efficiency.

The runtime operates between the Kubernetes control plane and worker nodes, providing strict workload isolation without requiring separate machines. This enables platform teams to allocate secure, dedicated resources to different tenants, teams, or applications within the same infrastructure.

Additionally, vNode supports container-based nodes running Linux 6.1 and is compatible with major cloud providers, making it both Kubernetes-native and cloud-agnostic. This service enables tenants to run privileged workloads without interference, reduces the need for redundant clusters, and streamlines Kubernetes operations.

In conjunction with the vNode launch, LoftLabs also introduced new features for its vCluster offering. These include Snapshot and Restore, which allows users to capture the state of a virtual cluster and restore it at any time, enhancing backup, migration, and disaster recovery workflows in Kubernetes environments.

Additionally, vCluster offers open-source integration with Rancher, enabling users to create, manage, and update virtual clusters directly within Rancher, without the need for the vCluster Platform.

LoftLabs is a venture capital-backed startup that has secured USD 28.6 million across two funding rounds, according to sources. The company’s investors include Khosla Ventures, Fusion Fund, Emergent Ventures, Surface Ventures, and the University of California.