Hacker News new | past | comments | ask | show | jobs | submit login

gVisor does more than filtering, they basically reimplemented the syscalls in an application kernel. At least with seccomp the performance overhead is minimal.



How does gVisor fair against KVM and other hardware-accelerated VM solutions (firecracker)?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: