Hybrid　deployment　of　containers　with　different　kernel　types　offers　a　novel　solution　for　cloud　service　providers.　While　extensive　research　has　been　conducted　on　shared　kernel　containers,　the　security　risks　associated　with　diverse　kernel　types　in　hybrid　deployment　scenarios　present　more　complex　challenges.　Establishing　trusted　relationships　from　hardware　to　containers　for　hybrid　deployment　has　become　a　primary　concern.　Additional　challenges　include　the　lack　of　measurement　and　communication　methods　for　independent　kernel　containers　and　insufficient　dynamic　measurement　capabilities　for　containers.　To　address　these　issues,　we　propose　a　novel　approach　of　achieving　secure　hybrid　deployment　of　containers　through　the　provision　of　trusted　assurance　in　three　layers:　container　infrastructure,　container　application　environment,　and　container　runtime.　We　propose　the　corresponding　measurement　schemes　for　each　trust　layer.　Through　functional　verification　and　performance　evaluation,　we　demonstrate　that　our　architecture　exhibits　improved　feasibility　and　effectiveness.　©　2024　Elsevier　Ltd