Hacker News new | past | comments | ask | show | jobs | submit login

TCP overhead is part of the story. Theres 20-40x overhead in syscalls, 20% running a tensorflow project end to end, 50% fewer RPS in redis, etc.



We are still talking about people using runsc/runc. That's not what `coder` is doing. All they did was poach a (popular) networking library from the gVisor codebase. None of this benchmarking has anything to do with their product.


I've already accepted this whole thread is a digression, but I keep getting pulled in. Calling out my dislike for Gvisor on a thread lauding a 5x tcp performance they found in it felt on topic to me at the time.


Ok. I'm only triggered by two things:

1. An argument that a tool using netstack is in any way tainted with gVisor's runtime costs.

2. An argument that shared-kernel multitenant is tenable and thus gVisor addresses no meaningful security concerns.


Not gonna lie am also getting 200% triggered whenever he states gVisor Syscall costs lol




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: