|
|
|
|
|
|
by ctalledo
2146 days ago
|
|
|
Thanks! Performance wise, we've not noticed any reduction in performance compared to a regular container, mainly because Sysbox sits on some control-path operations (e.g., accesses to /proc/sys, mount syscall, etc) but is really not intercepting anything on the datapath. For example, deploying K8s inside a system container takes < 40 seconds on my laptop, same as it takes with K8s.io KinD which uses the OCI runc (with privileged containers). Having said this, we've not done a thorough perf analysis yet. As far as using this in production, the software is well tested but has not been used in production to the best of our knowledge. It has room to mature still, both in term of functionality and security, but it's in pretty good shape already. We hope open-sourcing it allows it to mature it faster. And as far as limitations, there are a few, here is a list: https://github.com/nestybox/sysbox/blob/master/docs/user-gui... . We hope to remove some of these as the product matures too. |
|
|