diff options
Diffstat (limited to 'content')
| -rw-r--r-- | content/docs/user_guide/FAQ.md | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/content/docs/user_guide/FAQ.md b/content/docs/user_guide/FAQ.md index b3380485b..bd27fb773 100644 --- a/content/docs/user_guide/FAQ.md +++ b/content/docs/user_guide/FAQ.md @@ -3,58 +3,58 @@ title = "FAQ" weight = 1000 +++ -### What operating systems are supported? +### What operating systems are supported? {#supported-os} gVisor requires Linux {{< required_linux >}} ([older Linux][old-linux]). -### What CPU architectures are supported? +### What CPU architectures are supported? {#supported-cpu} gVisor currently supports [x86_64/AMD64](https://en.wikipedia.org/wiki/X86-64) compatible processors. -### Do I need to modify my Linux application to use gVisor? +### Do I need to modify my Linux application to use gVisor? {#modify-app} No. gVisor is capable of running unmodified Linux binaries. -### What binary formats does gVisor support? +### What binary formats does gVisor support? {#supported-binary} gVisor supports Linux [ELF](https://en.wikipedia.org/wiki/Executable_and_Linkable_Format) binaries. Binaries run in gVisor should be built for the [AMD64](https://en.wikipedia.org/wiki/X86-64) CPU architecture. -### Can I run Docker images using gVisor? +### Can I run Docker images using gVisor? {#docker-images} Yes. Please see the [Docker Quick Start][docker]. -### Can I run Kubernetes pods using gVisor? +### Can I run Kubernetes pods using gVisor? {#k8s-pods} Yes. Please see the [Kubernetes Quick Start][k8s]. -### What's the security model? +### What's the security model? {#security-model} See the [Security Model][security-model]. ## Troubleshooting -### My container runs fine with `runc` but fails with `runsc` +### My container runs fine with `runc` but fails with `runsc` {#app-compatibility} If you’re having problems running a container with `runsc` it’s most likely due to a compatibility issue or a missing feature in gVisor. See [Debugging][debugging]. -### When I run my container, docker fails with: `open /run/containerd/.../<containerid>/log.json: no such file or directory` +### When I run my container, docker fails with: `open /run/containerd/.../<containerid>/log.json: no such file or directory` {#memfd-create} You are using an older version of Linux which doesn't support `memfd_create`. gVisor requires Linux {{< required_linux >}} ([older Linux][old-linux]). This is tracked in [bug #268](https://gvisor.dev/issue/268). -### When I run my container, docker fails with: `flag provided but not defined: -console` +### When I run my container, docker fails with: `flag provided but not defined: -console` {#docker-old} You're using an old version of Docker. See [Docker Quick Start][docker]. -### I can’t see a file copied with: `docker cp` +### I can’t see a file copied with: `docker cp` {#fs-cache} For performance reasons, gVisor caches directory contents, and therefore it may not realize a new file was copied to a given directory. To invalidate the cache @@ -69,7 +69,7 @@ Note that `kubectl cp` works because it does the copy by exec'ing inside the sandbox, and thus gVisor's internal cache is made aware of the new files and directories. -### I'm getting an error like: `panic: unable to attach: operation not permitted` or `fork/exec /proc/self/exe: invalid argument: unknown` +### I'm getting an error like: `panic: unable to attach: operation not permitted` or `fork/exec /proc/self/exe: invalid argument: unknown` {#runsc-perms} Make sure that permissions and the owner is correct on the `runsc` binary. @@ -78,7 +78,7 @@ sudo chown root:root /usr/local/bin/runsc sudo chmod 0755 /usr/local/bin/runsc ``` -### I'm getting an error like `mount submount "/etc/hostname": creating mount with source ".../hostname": input/output error: unknown.` +### I'm getting an error like `mount submount "/etc/hostname": creating mount with source ".../hostname": input/output error: unknown.` {#memlock} There is a bug in Linux kernel versions 5.1 to 5.3.15, 5.4.2, and 5.5. Upgrade to a newer kernel or add the following to `/lib/systemd/system/containerd.service` as a workaround. @@ -90,7 +90,7 @@ And run `systemctl daemon-reload && systemctl restart containerd` to restart con See [issue #1765](https://gvisor.dev/issue/1765) for more details. -### My container cannot resolve another container's name when using Docker user defined bridge +### My container cannot resolve another container's name when using Docker user defined bridge {#docker-bridge} This is normally indicated by errors like `bad address 'container-name'` when trying to communicate to another container in the same network. |