Comments (2)
smira
commented on June 28, 2024
you can of course build your own version of the system extension. if there are valuable config options, let's have them discussed here and how to make that configuration available.
from extensions.
ruifung
commented on June 28, 2024
From my perusal of the gvisor documentation, (and my own experiments with it), A few options come to mind that would be good to be potentially exposed as either part of the default runsc handler configuration, or perhaps even as additional handler configurations.
- Root Filesystem Overlay - https://gvisor.dev/docs/user_guide/filesystem/
- Platform selection, gvisor docs recommend the KVM platform when run on bare-metal - https://gvisor.dev/docs/user_guide/production/#configure-platform
- Networking options, such as disabling isolation, or completely isolating networking - https://gvisor.dev/docs/user_guide/networking/
All of the above would involve either modifying the runsc.toml file, or potentially additional container runtime entries too if say you wanted to have a separate runtimeClass that completely disables networking for whatever reason. Or conversely, passthrough the host network stack.
from extensions.
Related Issues (20)
- How to install extension documentation missing actual instruction on how to install HOT 4
- Unable to build with CGO enabled on ARM64 HOT 3
- Publish the wasmedge extension with a tagged version HOT 1
- ZeroTier Extension HOT 1
- Update nvidia runtime HOT 1
- xe-guest-utlities not reporting IP HOT 2
- Feature request: iSCSI automount and iSCSI initiator name
- Tailscale extension may change the IPv4 address that the node advertises HOT 1
- qemu-guest-agent not running shortly after startup. HOT 2
- DRBD >= 9.2.7 HOT 8
- [iscsi-tools] Using with Openstack Cinder not working
- [iscsi-tools] Broken on talos 1.6.6? HOT 1
- What extensions are included by default in https://factory.talos.dev/? HOT 1
- ZFS pool import does not work with machine.disks HOT 1
- how to use zfs tools HOT 7
- Extensions docs need some help HOT 5
- QEMU guest agent shutdown command leads to restart instead of shutdown (in maintenance mode) HOT 2
- Kata-containers - failed to create containerd task: failed to create shim task HOT 3
- Extension for the `binder_linux` module
- extensions: lint the manfiest, verify name, etc.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from extensions.