summaryrefslogtreecommitdiffhomepage
path: root/g3doc/user_guide/quick_start/docker.md
diff options
context:
space:
mode:
authorFabricio Voznika <fvoznika@google.com>2020-09-18 11:19:04 -0700
committergVisor bot <gvisor-bot@google.com>2020-09-18 11:21:06 -0700
commitddf37cb19f373ae47836db97349013081cc857b4 (patch)
tree4d9c498e239b8c6597e14661c9f1b1b246effd96 /g3doc/user_guide/quick_start/docker.md
parentbd69afdcd1c9303602aadce9e59aecff3eb7b9c8 (diff)
Reduce the number of steps to get started with gVisor
Streamline instruction for the common case. PiperOrigin-RevId: 332488910
Diffstat (limited to 'g3doc/user_guide/quick_start/docker.md')
-rw-r--r--g3doc/user_guide/quick_start/docker.md27
1 files changed, 15 insertions, 12 deletions
diff --git a/g3doc/user_guide/quick_start/docker.md b/g3doc/user_guide/quick_start/docker.md
index 6ad594ecc..ee842e453 100644
--- a/g3doc/user_guide/quick_start/docker.md
+++ b/g3doc/user_guide/quick_start/docker.md
@@ -22,18 +22,6 @@ named "runsc" by default.
sudo runsc install
```
-You may also wish to install a runtime entry for debugging. The `runsc install`
-command can accept options that will be passed to the runtime when it is invoked
-by Docker.
-
-```bash
-sudo runsc install --runtime runsc-debug -- \
- --debug \
- --debug-log=/tmp/runsc-debug.log \
- --strace \
- --log-packets
-```
-
You must restart the Docker daemon after installing the runtime. Typically this
is done via `systemd`:
@@ -85,6 +73,21 @@ $ docker run --runtime=runsc -it ubuntu dmesg
Note that this is easily replicated by an attacker so applications should never
use `dmesg` to verify the runtime in a security sensitive context.
+## Options
+
+You may also wish to install a runtime entry with different options. The `runsc
+install` command can accept flags that will be passed to the runtime when it is
+invoked by Docker. For example, to install a runtime with debugging enabled, run
+the following:
+
+```bash
+sudo runsc install --runtime runsc-debug -- \
+ --debug \
+ --debug-log=/tmp/runsc-debug.log \
+ --strace \
+ --log-packets
+```
+
Next, look at the different options available for gVisor: [platform][platforms],
[network][networking], [filesystem][filesystem].