gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/g3doc/user_guide/install.md

gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/g3doc/user_guide/install.md (about)

     1  # Installation
     2  
     3  [TOC]
     4  
     5  > Note: gVisor supports x86\_64 and ARM64, and requires Linux 4.14.77+
     6  > ([older Linux](./networking.md#gso)).
     7  
     8  ## Install latest release {#install-latest}
     9  
    10  To download and install the latest release manually follow these steps:
    11  
    12  ```bash
    13  (
    14    set -e
    15    ARCH=$(uname -m)
    16    URL=https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}
    17    wget ${URL}/runsc ${URL}/runsc.sha512 \
    18      ${URL}/containerd-shim-runsc-v1 ${URL}/containerd-shim-runsc-v1.sha512
    19    sha512sum -c runsc.sha512 \
    20      -c containerd-shim-runsc-v1.sha512
    21    rm -f *.sha512
    22    chmod a+rx runsc containerd-shim-runsc-v1
    23    sudo mv runsc containerd-shim-runsc-v1 /usr/local/bin
    24  )
    25  ```
    26  
    27  To install gVisor as a Docker runtime, run the following commands:
    28  
    29  ```shell
    30  $ /usr/local/bin/runsc install
    31  $ sudo systemctl reload docker
    32  $ docker run --rm --runtime=runsc hello-world
    33  ```
    34  
    35  For more details about using gVisor with Docker, see
    36  [Docker Quick Start](./quick_start/docker.md). Please read the
    37  [Production guide](/docs/user_guide/production/) before running such a setup for
    38  production purposes.
    39  
    40  > **Note**: It is important to copy `runsc` to a location that is readable and
    41  > executable to all users, since `runsc` executes itself as user `nobody` to
    42  > avoid unnecessary privileges. The `/usr/local/bin` directory is a good place
    43  > to put the `runsc` binary.
    44  
    45  ## Install from an `apt` repository
    46  
    47  First, appropriate dependencies must be installed to allow `apt` to install
    48  packages via https:
    49  
    50  ```bash
    51  sudo apt-get update && \
    52  sudo apt-get install -y \
    53      apt-transport-https \
    54      ca-certificates \
    55      curl \
    56      gnupg
    57  ```
    58  
    59  Next, configure the key used to sign archives and the repository.
    60  
    61  NOTE: The key was updated on 2021-07-13 to replace the expired key. If you get
    62  errors about the key being expired, run the `curl` command below again.
    63  
    64  ```bash
    65  curl -fsSL https://gvisor.dev/archive.key | sudo gpg --dearmor -o /usr/share/keyrings/gvisor-archive-keyring.gpg
    66  echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/gvisor-archive-keyring.gpg] https://storage.googleapis.com/gvisor/releases release main" | sudo tee /etc/apt/sources.list.d/gvisor.list > /dev/null
    67  ```
    68  
    69  Now the runsc package can be installed:
    70  
    71  ```bash
    72  sudo apt-get update && sudo apt-get install -y runsc
    73  ```
    74  
    75  If you have Docker installed, it will be automatically configured.
    76  
    77  ## Versions
    78  
    79  The `runsc` binaries and repositories are available in multiple versions and
    80  release channels. You should pick the version you'd like to install. For
    81  experimentation, the nightly release is recommended. For production use, the
    82  latest release is recommended.
    83  
    84  After selecting an appropriate release channel from the options below, proceed
    85  to the preferred installation mechanism: manual or from an `apt` repository.
    86  
    87  > Note: Older releases are still available but may not have an `${ARCH}`
    88  > component in the URL. These release were available for `x86_64` only.
    89  
    90  ### HEAD
    91  
    92  Binaries are available for every commit on the `master` branch, and are
    93  available at the following URL:
    94  
    95  `https://storage.googleapis.com/gvisor/releases/master/latest/${ARCH}`
    96  
    97  You can use this link with the steps described in
    98  [Install latest release](#install-latest).
    99  
   100  For `apt` installation, use the `master` to configure the repository:
   101  
   102  ```bash
   103  sudo add-apt-repository "deb [arch=amd64,arm64] https://storage.googleapis.com/gvisor/releases master main"
   104  ```
   105  
   106  ### Nightly
   107  
   108  Nightly releases are built most nights from the master branch, and are available
   109  at the following URL:
   110  
   111  `https://storage.googleapis.com/gvisor/releases/nightly/latest/${ARCH}`
   112  
   113  You can use this link with the steps described in
   114  [Install latest release](#install-latest).
   115  
   116  Specific nightly releases can be found at:
   117  
   118  `https://storage.googleapis.com/gvisor/releases/nightly/${yyyy-mm-dd}/${ARCH}`
   119  
   120  Note that a release may not be available for every day.
   121  
   122  For `apt` installation, use the `nightly` to configure the repository:
   123  
   124  ```bash
   125  sudo add-apt-repository "deb [arch=amd64,arm64] https://storage.googleapis.com/gvisor/releases nightly main"
   126  ```
   127  
   128  ### Latest release
   129  
   130  The latest official release is available at the following URL:
   131  
   132  `https://storage.googleapis.com/gvisor/releases/release/latest/${ARCH}`
   133  
   134  You can use this link with the steps described in
   135  [Install latest release](#install-latest).
   136  
   137  For `apt` installation, use the `release` to configure the repository:
   138  
   139  ```bash
   140  sudo add-apt-repository "deb [arch=amd64,arm64] https://storage.googleapis.com/gvisor/releases release main"
   141  ```
   142  
   143  ### Specific release
   144  
   145  Specific releases are the latest [point release](#point-release) for a given
   146  date. Specific releases should be available for any date that has a point
   147  release. A given release is available at the following URL:
   148  
   149  `https://storage.googleapis.com/gvisor/releases/release/${yyyymmdd}/${ARCH}`
   150  
   151  You can use this link with the steps described in
   152  [Install latest release](#install-latest).
   153  
   154  See the [releases](https://github.com/google/gvisor/releases) page for
   155  information about specific releases.
   156  
   157  For `apt` installation of a specific release, which may include point updates,
   158  use the date of the release for repository, e.g. `${yyyymmdd}`.
   159  
   160  ```bash
   161  sudo add-apt-repository "deb [arch=amd64,arm64] https://storage.googleapis.com/gvisor/releases yyyymmdd main"
   162  ```
   163  
   164  > Note: only newer releases may be available as `apt` repositories.
   165  
   166  ### Point release
   167  
   168  Point releases correspond to
   169  [releases](https://github.com/google/gvisor/releases) tagged in the Github
   170  repository. A given point release is available at the following URL:
   171  
   172  `https://storage.googleapis.com/gvisor/releases/release/${yyyymmdd}.${rc}/${ARCH}`
   173  
   174  You can use this link with the steps described in
   175  [Install latest release](#install-latest).
   176  
   177  Note that `apt` installation of a specific point release is not supported.
   178  
   179  After installation, try out `runsc` by following the
   180  [Docker Quick Start](./quick_start/docker.md),
   181  [Containerd QuickStart](./containerd/quick_start.md), or
   182  [OCI Quick Start](./quick_start/oci.md).