Hacker News new | ask | show | jobs
by justicezyx 2383 days ago
I led the portion of this project on Borg itself.

Security team did most of the security infrastructure, and coordination among almost every large infrastructure system team inside TI.

I'll be waiting for them to answer any questions. :)
2 comments
ASinclair 2383 days ago
A comment, not a question: Though I think it was worth the cost, I'd say this was one of the most painful mandates/rollouts I've had to endure. The cost to developer productivity was pretty significant. I would have liked to have seen that impact discussed.
link
agv123 2383 days ago
I've seen references to gVisor being used 'in production' for google app engine && cloud run and so forth.

Scanning through recent commits && the github repo this is clearly not the case - there are way too many outstanding issues and outright missing support for various things. Is this another project where it was written in a different language or something and then ported out?

Can you clarify?

link
prattmic 2383 days ago
I work on gVisor, I can answer this!

gVisor is not a rewritten version of an internal tool. The code you see really does run in production for App Engine and Cloud Run. While there are some internal modifications to better integrate with internal infrastructure, the vast majority of the code is identical to open source, critically including all of the system call handling, filesystem, and memory management code.

While browsing through our issues will show that we still have plenty to work on, the vast majority of applications work well inside gVisor.

link
justicezyx 2383 days ago
I cannot say anything about internal use of gVisor. Sorry.

As a bystander from outside, I generally don't like VM type of mechanism as security mechanism. Unless it's actually a VM hypervisor. That way hardware can be utilized to define a relatively simper and more robust security model. (Of cuz, not saying hardware is always superior please don't chase me on this direction).

On the contrary, true software sandbox like ebpf and webassembly with limited capabilities in its building blocks and clearly defined application scenarios, are better ways to do security in software.

link