go
/
gvisor
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
gvisor/content/docs/user_guide/FAQ.md

78 lines
2.6 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

+++
title = "FAQ"
weight = 1000
+++
### What operating systems are supported?
gVisor requires Linux {{< required_linux >}} ([older Linux][old-linux]).
### What CPU architectures are supported?
gVisor currently supports [x86_64/AMD64](https://en.wikipedia.org/wiki/X86-64)
compatible processors.
### Do I need to modify my Linux application to use gVisor?
No. gVisor is capable of running unmodified Linux binaries.
### What binary formats does gVisor support?
gVisor supports Linux
[ELF](https://en.wikipedia.org/wiki/Executable_and_Linkable_Format) binaries.
Binaries run in gVisor should be built for the
[AMD64](https://en.wikipedia.org/wiki/X86-64) CPU architecture.
### Can I run Docker images using gVisor.
Yes. Please see the [Docker Quick Start](/docs/user_guide/docker/).
## Troubleshooting
### My container runs fine with `runc` but fails with `runsc`
If youre having problems running a container with `runsc` its most likely due
to a compatibility issue or a missing feature in gVisor. See
[Debugging](../debugging/).
### When I run my container, docker fails with: `open /run/containerd/.../<containerid>/log.json: no such file or directory`
You are using an older version of Linux which doesn't support `memfd_create`.
gVisor requires Linux {{< required_linux >}} ([older Linux][old-linux]).
[comment]: # (TODO[gvisor.dev/issue/268] remove when better error messages are implemented.)
### When I run my container, docker fails with: `flag provided but not defined: -console`
You're using an old version of Docker. See [Docker Quick Start](../docker/).
### I cant see a file copied with: `docker cp`
For performance reasons, gVisor caches directory contents, and therefore it may
not realize a new file was copied to a given directory. To invalidate the cache
and force a refresh, create a file under the directory in question and list the
contents again.
As a workaround, shared root filesystem can be enabled. See [Filesystem](../filesystem/).
This bug is tracked in [bug #4](https://github.com/google/gvisor/issues/4).
Note that `kubectl cp` works because it does the copy by exec'ing inside the
sandbox, and thus gVisor's internal cache is made aware of the new files and
directories.
### I'm getting an error like: `panic: unable to attach: operation not permitted`
Make sure that permissions and the owner is correct on the `runsc` binary.
```bash
sudo chown root:root /usr/local/bin/runsc
sudo chmod 0755 /usr/local/bin/runsc
```
### What's the security model?
See the [Security Model](../../architecture_guide/security/).
[old-linux]: /docs/user_guide/networking/#gso
Reference in New Issue View Git Blame Copy Permalink