gVisor installation instructions

Installing gVisor is optional, but provides an extra layer of security.

These instructions are based on the offical gVisor instructions and assumes that you already have followed the docker-run instructions for ubuntu 20.10

apt install apt-transport-https ca-certificates curl gnupg-agent software-properties-common
curl -fsSL https://gvisor.dev/archive.key | sudo apt-key add -
add-apt-repository "deb https://storage.googleapis.com/gvisor/releases release main"
apt update
apt install runsc

Set runsc as the default runtime

Add a default-runtime field to /etc/docker/daemon.json. The file should look something like this:

{
    ...
    "default-runtime": "runsc",
    "runtimes": {
        "runsc": {
            "path": "/usr/bin/runsc"
        }
    }
}

Restart the docker daemon

systemctl restart docker.service

The gVisor runtime is now used when running code

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ubuntu-20.10-gvisor.md

ubuntu-20.10-gvisor.md

gVisor installation instructions

Set runsc as the default runtime

Restart the docker daemon

Files

ubuntu-20.10-gvisor.md

Latest commit

History

ubuntu-20.10-gvisor.md

File metadata and controls

gVisor installation instructions

Set runsc as the default runtime

Restart the docker daemon