Groups
Groups
Sign in
Groups
Groups
gVisor Users [Public]
Conversations
About
Send feedback
Help
gVisor Users [Public]
Contact owners and managers
1–30 of 250
Mark all as read
Report group
0 selected
黄良
, …
Ayush Ranjan
4
Jun 13
Checkpoint/Restore features with containerd or docker
> One thing I'm still unclear about: Docker supports checkpointing with `runsc` as a runtime,
unread,
Checkpoint/Restore features with containerd or docker
> One thing I'm still unclear about: Docker supports checkpointing with `runsc` as a runtime,
Jun 13
joyce
,
Etienne Perot
2
Jun 12
Network interface 'eth0' does not exist inside the container
The image you are using (dockurr/windows) runs Windows inside a virtual machine inside a container (
unread,
Network interface 'eth0' does not exist inside the container
The image you are using (dockurr/windows) runs Windows inside a virtual machine inside a container (
Jun 12
Ryan Nguyen
, …
Etienne Perot
5
Jun 10
Giving a sandbox CAP_SYS_ADMIN
> if the sandboxee (untrusted application) calls the mount syscall, given by CAP_SYS_ADMIN, the
unread,
Giving a sandbox CAP_SYS_ADMIN
> if the sandboxee (untrusted application) calls the mount syscall, given by CAP_SYS_ADMIN, the
Jun 10
Alexander
,
Ayush Ranjan
2
Apr 20
Graphics API support
Hi, gVisor does not support AMD GPUs as of right now. On Sun, Apr 20, 2025 at 11:11 AM Alexander <
unread,
Graphics API support
Hi, gVisor does not support AMD GPUs as of right now. On Sun, Apr 20, 2025 at 11:11 AM Alexander <
Apr 20
Sazonov Alexey
,
Nayana Bidari
3
Apr 18
TCP Window Size
Ok, that's cool, thanks for the answer, but could you provide some examples or just give me link
unread,
TCP Window Size
Ok, that's cool, thanks for the answer, but could you provide some examples or just give me link
Apr 18
Alexander
,
Ayush Ranjan
2
Apr 15
--uid-map problem
I believe the format is --uid-map="1000 1000 1". See https://github.com/google/gvisor/blob/
unread,
--uid-map problem
I believe the format is --uid-map="1000 1000 1". See https://github.com/google/gvisor/blob/
Apr 15
Guillaume Seguin
,
Kevin Krakauer
3
Apr 1
Are CNI IPs supposed to be single use ?
Makes sense, thanks! +For the user group archaeologist of the future, this was on Ubuntu 22.04 itself
unread,
Are CNI IPs supposed to be single use ?
Makes sense, thanks! +For the user group archaeologist of the future, this was on Ubuntu 22.04 itself
Apr 1
Konstantinos Mitsionis
,
Etienne Perot
3
Jan 25
Gvisor and network=host
Check conversation here for more info: https://github.com/google/gvisor/issues/11388 Thanks a lot
unread,
Gvisor and network=host
Check conversation here for more info: https://github.com/google/gvisor/issues/11388 Thanks a lot
Jan 25
Konstantinos Mitsionis
,
Etienne Perot
2
Jan 24
Gvisor and host network
This appears to be a duplicate of this thread, let's keep discussion there. I am linking it so
unread,
Gvisor and host network
This appears to be a duplicate of this thread, let's keep discussion there. I am linking it so
Jan 24
Konstantinos Mitsionis
,
Etienne Perot
2
Jan 16
Error running runsc for the first time
Given that this was also reported as an issue on GitHub here, let's keep the discussion on the
unread,
Error running runsc for the first time
Given that this was also reported as an issue on GitHub here, let's keep the discussion on the
Jan 16
Max Gautier
,
Zach Koopmans
5
Jan 7
Questions about releases/versioning
Thanks, I can work with that ; we'll use the latest tag, that should do. Our gvisor setup in CI
unread,
Questions about releases/versioning
Thanks, I can work with that ; we'll use the latest tag, that should do. Our gvisor setup in CI
Jan 7
Kōshin
,
Lucas Manning
6
Jan 3
programmatically handling ICMP packets
I would try to follow roughly the same pattern as `stack.SetTransportProtocolHandler(...)`. So
unread,
programmatically handling ICMP packets
I would try to follow roughly the same pattern as `stack.SetTransportProtocolHandler(...)`. So
Jan 3
Fabricio Voznika
12/19/24
Breaking change to "runsc wait --checkpoint"
If you don't use runsc wait --checkpoint <num> you can stop reading now. Commit fb730ff
unread,
Breaking change to "runsc wait --checkpoint"
If you don't use runsc wait --checkpoint <num> you can stop reading now. Commit fb730ff
12/19/24
David Hwang
,
Ayush Ranjan
2
12/10/24
Cross-Host Checkpoint Incompatibility Taxonomy
Hi David, Yes, checkpoint/restore is currently not possible with runsc across hosts with different
unread,
Cross-Host Checkpoint Incompatibility Taxonomy
Hi David, Yes, checkpoint/restore is currently not possible with runsc across hosts with different
12/10/24
Kōshin
,
Kevin Krakauer
4
11/19/24
UDP forwarder
> Won't this cause the number of endpoints in the stack to grow unbounded over time? Largely
unread,
UDP forwarder
> Won't this cause the number of endpoints in the stack to grow unbounded over time? Largely
11/19/24
Colin Weld
,
Jamie Liu
5
11/8/24
Support for KVM when using nvproxy
Forgot to mention that you'd also need to add MAP_SHARED|MAP_FIXED_NOREPLACE to syscall filters:
unread,
Support for KVM when using nvproxy
Forgot to mention that you'd also need to add MAP_SHARED|MAP_FIXED_NOREPLACE to syscall filters:
11/8/24
Kōshin
,
Kevin Krakauer
8
11/5/24
routing packets from a tcpip.Stack to host network
So you want: [ sandboxed app ] <--> [ httptap proxy ] <--> [ some other endpoint ] All
unread,
routing packets from a tcpip.Stack to host network
So you want: [ sandboxed app ] <--> [ httptap proxy ] <--> [ some other endpoint ] All
11/5/24
Gaurav Jain
,
Etienne Perot
4
11/1/24
"Qualified" packages/distributions
Thank you. Is the list you sent platforms that gVisor runs on top of? My main concern was the
unread,
"Qualified" packages/distributions
Thank you. Is the list you sent platforms that gVisor runs on top of? My main concern was the
11/1/24
Justin Cappos
,
Steve Silva
2
10/31/24
Next community meeting?
Hi Justin, There is not an upcoming scheduled community meeting. We tend to schedule those as needed
unread,
Next community meeting?
Hi Justin, There is not an upcoming scheduled community meeting. We tend to schedule those as needed
10/31/24
Frank Micro
, …
Etienne Perot
7
10/14/24
Error response from daemon: unknown or invalid runtime name: runsc.
I believe this was figured out on GitHub. On Mon, Oct 14, 2024 at 12:10 PM 'Kevin Krakauer'
unread,
Error response from daemon: unknown or invalid runtime name: runsc.
I believe this was figured out on GitHub. On Mon, Oct 14, 2024 at 12:10 PM 'Kevin Krakauer'
10/14/24
Jonathon Belotti
,
Etienne Perot
2
9/23/24
Status of 'Debug Tracing' in gVisor (issue #4805)
Can you be more specific as to which type of tracing you are referring to? It's a highly
unread,
Status of 'Debug Tracing' in gVisor (issue #4805)
Can you be more specific as to which type of tracing you are referring to? It's a highly
9/23/24
Etienne Perot
9/23/24
Safe Ride into the Dangerzone: Reducing attack surface with gVisor
In collaboration with the Freedom of the Press Foundation, gVisor is now integrated in Dangerzone,
unread,
Safe Ride into the Dangerzone: Reducing attack surface with gVisor
In collaboration with the Freedom of the Press Foundation, gVisor is now integrated in Dangerzone,
9/23/24
Jonathon Belotti
,
Ayush Ranjan
3
9/17/24
Question about checkpoint compatibility across runsc versions
Thanks for all this information. > The idea was to provide a runsc command which can output a
unread,
Question about checkpoint compatibility across runsc versions
Thanks for all this information. > The idea was to provide a runsc command which can output a
9/17/24
pronebird
,
Kevin Krakauer
3
9/3/24
Obtain socket fd from netstack
Hi Kevin, Thanks for a quick reply. I am probably looking in the wrong place. I am using netstack
unread,
Obtain socket fd from netstack
Hi Kevin, Thanks for a quick reply. I am probably looking in the wrong place. I am using netstack
9/3/24
柳半仙(fish4terrisa-MSDSM)
, …
Etienne Perot
15
7/17/24
[Feature] Asking for support for termux on android(with termux-glibc)
You may have full read permission, but do you also have execute (+x) permission on `/bin/echo`? If
unread,
[Feature] Asking for support for termux on android(with termux-glibc)
You may have full read permission, but do you also have execute (+x) permission on `/bin/echo`? If
7/17/24
Sidh Kulkarni
,
Etienne Perot
4
7/11/24
gVisor Memory Accounting
Not really; `runsc usage` is the API that `runsc` offers to read this data from the host, similar to
unread,
gVisor Memory Accounting
Not really; `runsc usage` is the API that `runsc` offers to read this data from the host, similar to
7/11/24
Zach Koopmans
5/21/24
GPUs Supported on GKE Sandbox
Hi gVisor users, As of GKE version 1.29.2-gke.11080000 and later, GPUs are supported in GKE Sandbox (
unread,
GPUs Supported on GKE Sandbox
Hi gVisor users, As of GKE version 1.29.2-gke.11080000 and later, GPUs are supported in GKE Sandbox (
5/21/24
Josh Seba
,
Jing Chen
2
5/20/24
Clarification about commit 586c38d
Hi, I am the author of the change. Some details are not visible since it is an internal issue, I will
unread,
Clarification about commit 586c38d
Hi, I am the author of the change. Some details are not visible since it is an internal issue, I will
5/20/24
Jonathon Belotti
, …
Jamie Liu
3
5/7/24
Seeking understanding of different file operation behavior between runc and runsc
Hi Jonathon, The invoker of the FUSE_OPEN operation is here: https://github.com/google/gvisor/blob/
unread,
Seeking understanding of different file operation behavior between runc and runsc
Hi Jonathon, The invoker of the FUSE_OPEN operation is here: https://github.com/google/gvisor/blob/
5/7/24
Qiyuan Liang
,
Ayush Ranjan
2
4/23/24
Proper way to specify `SupportedMountOptions`
I will respond on https://github.com/google/gvisor/issues/10316. It is an issue in gVisor. The first
unread,
Proper way to specify `SupportedMountOptions`
I will respond on https://github.com/google/gvisor/issues/10316. It is an issue in gVisor. The first
4/23/24