Google launches the gVisor container runtime
Google launches the gVisor container runtime
[Distributions] Posted May 2, 2018 15:18 UTC (Wed) by corbet
Google has announced
the open-sourcing of gVisor, a sandboxed container runtime.
"gVisor is more lightweight than a VM while maintaining a similar
level of isolation. The core of gVisor is a kernel that runs as a normal,
unprivileged process that supports most Linux system calls. This kernel is
written in Go, which was chosen for its memory- and type-safety. Just like
within a VM, an application running in a gVisor sandbox gets its own kernel
and set of virtualized devices, distinct from the host and other
sandboxes.
"