Difference between revisions of "GVisor"
Jump to navigation
Jump to search
(Created page with "gVisor : a new kind of sandbox that helps provide secure isolation for containers https://github.com/google/gvisor https://cloudplatform.googleblog.com/2018/05/Open-sour...") |
|||
| Line 7: | Line 7: | ||
=Installation= |
=Installation= |
||
| − | Install Bazel |
+ | Install [[Bazel]] |
<pre> |
<pre> |
||
| + | git clone https://gvisor.googlesource.com/gvisor gvisor |
||
| − | TBD |
||
| + | sudo apt-get install openjdk-8-jdk |
||
| + | echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel.list |
||
| + | curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add - |
||
| + | sudo apt-get update && sudo apt-get install bazel |
||
| + | bazel help |
||
| + | bazel version |
||
| + | sudo apt-get update && sudo apt-get upgrade bazel |
||
| + | bazel version |
||
</pre> |
</pre> |
||
Install gVisor |
Install gVisor |
||
<pre> |
<pre> |
||
| + | git clone https://gvisor.googlesource.com/gvisor gvisor |
||
| − | TBD |
||
| + | cd gvisor |
||
| + | bazel build runsc |
||
</pre> |
</pre> |
||
| Line 21: | Line 31: | ||
docker run --runtime=runsc hello-world |
docker run --runtime=runsc hello-world |
||
</pre> |
</pre> |
||
| − | |||
=See also= |
=See also= |
||
Revision as of 14:57, 11 May 2018
gVisor : a new kind of sandbox that helps provide secure isolation for containers
https://github.com/google/gvisor
https://cloudplatform.googleblog.com/2018/05/Open-sourcing-gVisor-a-sandboxed-container-runtime.html
Installation
Install Bazel
git clone https://gvisor.googlesource.com/gvisor gvisor sudo apt-get install openjdk-8-jdk echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel.list curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add - sudo apt-get update && sudo apt-get install bazel bazel help bazel version sudo apt-get update && sudo apt-get upgrade bazel bazel version
Install gVisor
git clone https://gvisor.googlesource.com/gvisor gvisor cd gvisor bazel build runsc
Test
docker run --runtime=runsc hello-world