| Age | Commit message (Collapse) | Author |
|---|
|
gvisor-containerd-shim is not compatible with containerd 1.1 or earlier.
Starting from containerd 1.2, shim v2 is the preferred interface.
PiperOrigin-RevId: 351485556
|
|
PiperOrigin-RevId: 350197814
|
|
PiperOrigin-RevId: 329042549
|
|
PiperOrigin-RevId: 324615016
|
|
PiperOrigin-RevId: 318284693
|
|
PiperOrigin-RevId: 314630516
|
|
|
|
'make test TARGETS=""'
TARGET => TARGETS
|
|
PiperOrigin-RevId: 312159017
|
|
Always happens.
PiperOrigin-RevId: 312097591
|
|
* Aggregate architecture Overview in "What is gVisor?" as it makes more sense
in one place.
* Drop "user-space kernel" and use "application kernel". The term "user-space
kernel" is confusing when some platform implementation do not run in
user-space (instead running in guest ring zero).
* Clear up the relationship between the Platform page in the user guide and the
Platform page in the architecture guide, and ensure they are cross-linked.
* Restore the call-to-action quick start link in the main page, and drop the
GitHub link (which also appears in the top-right).
* Improve image formatting by centering all doc and blog images, and move the
image captions to the alt text.
PiperOrigin-RevId: 311845158
|
|
This will require a reasonably modern toolchain. I've put minimum compiler
versions in the README based on versions in
https://en.cppreference.com/w/cpp/compiler_support that have mostly complete
language and library support.
The minimum Bazel version bump is unrelated, but 0.28 is definitely not
supported anymore.
Please report issues on gvisor.dev/issue/1349.
Fixes #1349
PiperOrigin-RevId: 284274250
|
|
Adds minimal security policy info to SECURITY.md. This allows Github to
advertise the security policy doc for the repo.
See: https://github.blog/changelog/2019-05-23-security-policy/
See: https://help.github.com/en/articles/adding-a-security-policy-to-your-repository
PiperOrigin-RevId: 273214306
|
|
PiperOrigin-RevId: 268397389
|
|
This can be merged after:
https://github.com/google/gvisor-website/pull/77
or
https://github.com/google/gvisor-website/pull/78
PiperOrigin-RevId: 253132620
|
|
oh-my-zsh aliases ... to ../.. [1]. Add an explicit reference
to workspace root to work around the alias.
[1] https://github.com/robbyrussell/oh-my-zsh/blob/master/lib/directories.zsh
Fixes #341
PiperOrigin-RevId: 252720590
|
|
Moves the build badge to just below the logo and adds the gitter badge next to
it for consistency.
PiperOrigin-RevId: 251956383
|
|
bazel has a lot of dependencies and users don't want to install them
just to build gvisor.
These changes allows to run bazel in a docker container.
A bazel cache is on the local file system (~/.cache/bazel), so
incremental builds should be fast event after recreating a bazel
container.
Here is an example how to build runsc:
make BAZEL_OPTIONS="build runsc:runsc" bazel
Change-Id: I8c0a6d0c30e835892377fb6dd5f4af7a0052d12a
PiperOrigin-RevId: 246570877
|
|
Bazel 0.23.0 is required due to the use of cc_flags_supplier.bzl in the vdso
package. cc_flags_supplier.bzl was added in 0.23.0.
PiperOrigin-RevId: 245192715
Change-Id: I4258c064e5cc3bac2a587c887e0d8f87b6678ec7
|
|
PiperOrigin-RevId: 244959388
Change-Id: Ifb08678d975cf9f694a21012f9a1e9f45b1f197c
|
|
Change-Id: Ie6b73ac729c8c85b1229e09da5b113be9780fa95
PiperOrigin-RevId: 243131814
|
|
PiperOrigin-RevId: 242690968
Change-Id: I1ac2248b5ab3bcd95beed52ecddbb9f34eeb3775
|
|
This CL merges all RBE-specific configuration from .bazelrc_rbe into .bazelrc
so that it will be picked up by default by users running bazel.
It also checks in a bazelrc from the upstream bazel-toolchains repository, and
imports that into our repo-specific .bazelrc. This makes it easier to maintain
and update the bazelrc going forward.
Documentation was added to the README.
PiperOrigin-RevId: 242208733
Change-Id: Iea32de9be85b024bd74f88909b56b2a8ab34851a
|
|
https://github.com/google/gvisor/pull/132
PiperOrigin-RevId: 239641377
Change-Id: I7ba6b57730800cc98496c83cb643e70ec902ed3d
|
|
PiperOrigin-RevId: 228904169
Change-Id: I948f417d1336cb69c5733b142c53850507432fda
|
|
Updated the README to correct some wording and clarify a bit that containerd
CRI runtime is needed.
PiperOrigin-RevId: 224944753
Change-Id: I7b9c527500f99571aca7ef73058472ae9b3d5371
|
|
Add pointers to Minikube and gvisor-containerd-shim.
PiperOrigin-RevId: 224654334
Change-Id: Icefefbe531e901fe4807ba81904de8b01baf8a15
|
|
PiperOrigin-RevId: 221706184
Change-Id: Ia186c51e5981e984f25c340e98b94225f860e473
|
|
Bazel 0.18 moved the workspace bazelrc location from //tools/bazel.rc to
//.bazelrc. The old location will be dropped by a future version of
bazel.
This bumps the minimum required version of bazel to 0.18.
More context:
https://groups.google.com/forum/#!msg/bazel-discuss/ycDacctX2vw/EGFxGLibAgAJ
PiperOrigin-RevId: 220338084
Change-Id: Ib6fa83a4a0f89e8e898d67152c7bd429e0b9b21e
|
|
This is a breaking change if you're using --debug-log-dir.
The fix is to replace it with --debug-log and add a '/' at
the end:
--debug-log-dir=/tmp/runsc ==> --debug-log=/tmp/runsc/
PiperOrigin-RevId: 216761212
Change-Id: I244270a0a522298c48115719fa08dad55e34ade1
|
|
When starting a sandbox without direct file or network access, we create an
empty user namespace and run the sandbox in there. However, the root user in
that namespace is still mapped to the root user in the parent namespace.
This CL maps the "nobody" user from the parent namespace into the child
namespace, and runs the sandbox process as user "nobody" inside the new
namespace.
PiperOrigin-RevId: 211572223
Change-Id: I1b1f9b1a86c0b4e7e5ca7bc93be7d4887678bab6
|
|
PiperOrigin-RevId: 209788842
Change-Id: I70ecb58009777ce8f642f246bc161af1a0bf2628
|
|
See https://github.com/google/gvisor/issues/88
PiperOrigin-RevId: 209780532
Change-Id: Iff8004474020511503a0a5cd2cdba2b512c327ef
|
|
PiperOrigin-RevId: 208674853
Change-Id: I6db4c59fdca1e5603a4d9dc021f3c3d7eaad7c6f
|
|
PiperOrigin-RevId: 208282383
Change-Id: Ifa4aaf5d925b17d9a0672ea951a4570d35855300
|
|
In the main readme, checkpoint and restore is listed as an
advanced feature, and a link to its readme is provided.
PiperOrigin-RevId: 208279833
Change-Id: Ib3db28a8df8ec93cf8d98d5dfd2ee2f75a61e664
|
|
PiperOrigin-RevId: 204323728
Change-Id: I1ff9aa062ffa12583b2e38ec94c87db7a3711971
|
|
Closes #2
PiperOrigin-RevId: 202997196
Change-Id: I0c9f6f5a8a1abe1ae427bca5f590bdf9f82a6675
|
|
Updates #1
PiperOrigin-RevId: 201760129
Change-Id: Ifd8ce9e0f93c6771083dc9bf8d35a2800c13481a
|
|
PiperOrigin-RevId: 201068427
Change-Id: If03c8c22907e6ef623f39c8ae5316fdd76cf80cb
|
|
PiperOrigin-RevId: 199008198
Change-Id: I6d1a0107ae1b11f160b42a2cabaf1fb8ce419edf
|
|
PiperOrigin-RevId: 197104043
Change-Id: I377c0727ebf0c44361ed221e1b197787825bfb7b
|
|
The "install from source" section is moved under "advanced" header, right
before the testing section.
PiperOrigin-RevId: 196271666
Change-Id: I653ac0a2fa4661c96a0cb3daf3528c2109fed8d7
|
|
Change-Id: Ibbb94cfd901d72d879657aca38bf3db1580f0d62
PiperOrigin-RevId: 196043734
|
|
PiperOrigin-RevId: 195522238
Change-Id: I0107f856bea72ea6af8b196c1c13bafbc293ce95
|
|
Also updated gofer image with more accurate boundaries.
PiperOrigin-RevId: 195373809
Change-Id: Id91f31fedf33db43a20bd678c1ca7d19287e85ff
|
|
Also document that linux is required.
Updates #8
PiperOrigin-RevId: 195317016
Change-Id: I4c0305a26339f03772001b56e7a0ac4b39a4352a
|
|
PiperOrigin-RevId: 195310218
Change-Id: I1d5a6d2bc3bb72c505ad25427d285afbc26f59a0
|
|
Updates #26.
PiperOrigin-RevId: 195303940
Change-Id: I833cee55b5df6196ed90c1f8987c3c9c07204678
|
|
Updates #8
PiperOrigin-RevId: 195122103
Change-Id: Iff190283961b8ab99ad4f3e47ffeb9ab491d0eb3
|
