At KubeCon EU 2025, LoftLabs introduced vNode, a new solution designed to improve tenant isolation in Kubernetes environments. By implementing a virtualization layer at the node level, vNode provides strict workload isolation, allowing platform teams to enforce security policies while maintaining the efficiency of shared infrastructure.
This innovation addresses a long-standing challenge in Kubernetes multi-tenancy: balancing strong security with efficient resource utilization. vNode ensures that workloads remain strictly isolated without requiring organizations to dedicate separate, costly nodes to each tenant.
“vNode solves a frustrating trade-off in Kubernetes multi-tenancy. Organizations can either give tenants shared access to nodes, introducing security risks and limiting restrictions for tenants, or they force them onto separate, expensive nodes. Neither option is great. vNode eliminates this dilemma by enforcing strict isolation within shared nodes, keeping security high and overhead low,” said Lukas Gentele, CEO of LoftLabs.
Also Read: Workato Unveils Workato One, Transforming AI and Enterprise Orchestration
Unlike traditional virtualization methods, vNode creates a lightweight isolation layer within shared physical nodes, avoiding the complexities of virtual machines and the performance drawbacks of syscall translation. This approach enables tenants to run privileged workloads securely without interfering with others, ensuring high performance without added bottlenecks.
vNode is compatible with all major cloud providers and any containerd-based nodes running Linux 6.1 or later, allowing seamless integration without requiring significant architectural changes.
By reducing the need for redundant clusters, vNode enhances resource efficiency, boosts workload performance, and simplifies Kubernetes management. When paired with LoftLabs‘ vCluster solution, it offers a comprehensive multi-tenancy strategy that maintains strong isolation while preserving the benefits of shared infrastructure.