Skip to main content

gVisor

gVisor is an open-source user-space kernel that provides an application-focused container sandbox for isolating untrusted workloads on Linux (container security, runtime isolation).

  • Implements a user-space kernel that intercepts and handles application system calls for containers (container runtime, Operating System (OS) virtualization).
  • Provides a container sandbox that reduces the host kernel attack surface for untrusted or multi-tenant workloads (container security, workload isolation).
  • Integrates with common container runtimes and orchestration platforms via runtime shims and compatible interfaces (container orchestration integration).
  • Supports multiple execution backends, including KVM-based and ptrace-based modes, to run containerized applications with different performance and isolation trade-offs (virtualization, sandboxing).
  • Implements core Linux kernel behaviors in user space to provide compatibility for many containerized applications while maintaining isolation boundaries (OS compatibility, application runtime).

More About gVisor

gVisor is an open-source container sandbox that implements a user-space kernel to isolate containerized applications from the host OS (container security, runtime isolation). It focuses on running untrusted or multi-tenant workloads by intercepting and handling system calls in user space instead of delegating them directly to the host kernel. This model constrains the kernel interface exposed to applications and reduces the portion of the host kernel that is reachable from within a containerized workload.

The core of gVisor is its user-space kernel, which implements a large portion of the Linux system call surface and associated kernel abstractions such as processes, file systems, networking, and signals (OS virtualization, application runtime). Rather than relying on the host kernel to service most system calls, gVisor terminates these calls in user space, enforces its own security and resource policies, and selectively interacts with the host only through a narrower interface. This design introduces an additional protection boundary between container workloads and the underlying node.

gVisor supports multiple execution backends that determine how application system calls are intercepted and executed (virtualization, sandbox backends). A KVM-based backend runs the gVisor kernel inside a virtualized environment, while a ptrace-based backend intercepts system calls from processes using ptrace on the host. These backends offer different performance and isolation characteristics, and operators can select the backend that aligns with their risk profile, performance requirements, and infrastructure capabilities.

In enterprise environments, gVisor is used as an alternative container runtime or as a runtime class within orchestration platforms to run specific workloads with additional isolation (container orchestration, runtime integration). It integrates with container runtimes using standard interfaces so that existing workflows, images, and tooling can often be reused with minimal change. Platform and security teams can configure policies that direct untrusted, multi-tenant, or sensitive workloads to run under gVisor, while other workloads may continue to use conventional runtimes.

From an architectural perspective, gVisor fits into categories such as Container Sandboxing (CSB), user-space OS virtualization, and workload isolation (security, infrastructure). It operates alongside other infrastructure components like container runtimes, orchestration control planes, and node operating systems, without replacing them. Its user-space kernel approach allows enterprises to add an isolation layer that is independent of the host kernel implementation, which can be relevant in compliance-oriented or multi-tenant cloud environments.

For directory and taxonomy purposes, gVisor is categorized as a container sandbox and security-focused container runtime (container security, workload isolation). It is also relevant to infrastructure security, cloud-native platforms, and OS-level virtualization. Its primary technical role is to provide an application-focused isolation boundary for Linux containers by implementing kernel functionality in user space and constraining the system call interface exposed to workloads.