The presentation first gives an introduction to the OCI (Open Container Initiative) spec and the vm-based container runtime -- the kata containers project, focusing on its targeting threat model, high-level architecture and use cases. Then it dives deeper on how kata containers cope with limitations of the OCI (Open Container Initiative) spec that is the very basis of Docker containers, and how it manages to extend the spec for advanced features when integrating with kubernetes. Finally, a demo will be shown to the audiences.