|
|
|
|
|
|
by bem
1836 days ago
|
|
|
This post from fly.io [1] has a pretty comprehensive survey of the tech available for running users' code safely. It's a good read. I've been investigating something similar for a feature I want to launch. I'm currently leaning towards running users' code in Kubernetes using Firecracker or gVisor. My main takeaway has been that while there are good solutions for isolating users' code, there's going to be a lot of worked involved in orchestrating it at scale. I.e. building and storing images, spinning up containers, managing storage, tracking/billing minutes and bandwidth, killing timed-out containers, etc. I have not found a good library for that. It seems like a good use-case for a Kubernetes operator, so I think that's what I'll wind up building. [1] https://fly.io/blog/sandboxing-and-workload-isolation/ |
|
|
I used a K8S cluster to run untrusted code. User code was executed inside of a container running as a job, rather than a naked pod or deployment. To monitor/track/handle abuse, I used a sidecar container running alongside the user's container.
The real challenge around running user's code isn't running code, per se. Instead, it is storage! I was never able to come up with a good solution for allowing users to create a very large number of files, such as the number of files created by creating a React app.