why the Gvisor pod need internet access since its running in an isolated manner

18 views
Skip to first unread message

santhosh p

unread,
Apr 6, 2021, 6:39:42 AMApr 6
to gVisor Users [Public]
Hi Team,

 Recently I tried to install and configure gVisor pod, but during its configuration with Minikube,  but the pod is  trying to download following library over internet.

but as a isolated pod, why does it need internet access or outbound communication access ?

thanks in advance,

Santhosh P

Fabricio Voznika

unread,
Apr 6, 2021, 4:44:47 PMApr 6
to santhosh p, gVisor Users [Public]
gVisor binaries are not present in the image, so the addon used to enable gvisor (minikube addons enable gvisor) must download gVisor binaries from the link you mentioned and install in the node image. You can find the code for the add on here:

Once gVisor is installed in the node via the addon, then you can setup pods to run with gVisor using runtimeClassName: gvisor. These pods will run inside gVisor sandboxes, that are isolated from the host, with the network as configured for the pod.

I hope it helps,
Fabricio.

--
You received this message because you are subscribed to the Google Groups "gVisor Users [Public]" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gvisor-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/gvisor-users/926d6f39-9bff-4976-affb-43034660dbf0n%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages