[intelVISA]

Outside of the peanut gallery we just roll our own VMM, VMX and friends is well established at this point why settle for a hacky impl.?

[amscanne]

This sort of feels like seeing someone riding a bike and saying: why don’t they just get a car? The simple fact is that containers and VMs are quite different.

I’m responding to what I believe is the intent of the comment, but I will also point out that on a literal level it doesn’t make sense. Whether something uses VMX and friends or not is a red herring, as gVisor also “rolls it own” VMM [1] and certainly makes use of VMX and friends.

[1] https://github.com/google/gvisor/tree/master/pkg/sentry/plat...

[intelVISA]

Apologies my reply was toward Firecracker, I appreciate gVisor is a sandbox solution/KVM shim rather than a true VMM.

[amscanne]

Ah, now it makes more sense to me. Thank you for the clarification.