科技回声

I used gVisor to sandbox containers for a short-lived "free-tier isolated-kubernetes-namespaces-as-a-service" startup. It was really neat, and it worked pretty damn well. Alas, we were attacked constantly by crypto miners and failed to make enough money to keep the free-tier online.<p>I still think there are some really fun projects yet-to-be-built harnessing very solid sandboxing. I had dreamed of a full-stack geocities revival. Oh well. +1 for gVisor, hopefully filesystem IO is faster now than it was several years ago.

I find the README of the repo much better to quickly understand what this software is and isn't.<p><a href="https://github.com/google/gvisor">https://github.com/google/gvisor</a>

Does anyone know if gVisor is used outside of Google? I know Firecracker is.

I'd rather use firecracker before I trust another one of those half-baked Google projects.

One of those Go isn't for systems programming kind of projects. /s

I find the README of the repo much better to quickly understand what this software is and isn't.<p><a href="https://github.com/google/gvisor">https://github.com/google/gvisor</a>

Does anyone know if gVisor is used outside of Google? I know Firecracker is.

I'd rather use firecracker before I trust another one of those half-baked Google projects.

One of those Go isn't for systems programming kind of projects. /s

GVisor: Linux-Compatible Sandbox

5 条评论

GVisor: Linux-Compatible Sandbox

5 条评论