Untrusted Workloads

I am wondering how people are handling their untrusted workloads in their Rancher environments.

I’ve been looking into using alternate container runtimes such as Kata, or other methods such as gVisor, node affinity, or isolated clusters as possible solutions to the issue.

I haven’t gone to far down the rabbit hole yet, but it would be great to hear how you all are approaching the issue with Rancher.