gvisor.dev/gvisor@v0.0.0-20240520182842-f9d4d51c7e0f/website/users/index.html (about) 1 --- 2 title: Who's Using gVisor 3 layout: base 4 --- 5 6 <div class="container"> 7 <div class="users-content"> 8 <h1>{{ page.title }}</h1> 9 <div class="panel panel-default"> 10 <div class="panel-body"> 11 <strong>Note:</strong> 12 <span> Using gVisor? You can add yourself to this page, 13 contact <a href="mailto:gvisor-dev@googlegroups.com"> 14 gvisor-dev@googlegroups.com</a> 15 </span> 16 </div> 17 </div> <!-- end panel --> 18 <p>This page lists companies that are known to use gVisor. This does not 19 constitute an endorsement. 20 </p> 21 <h1>Companies using gVisor</h1> 22 <hr> 23 <!-- Ant Group --> 24 <div class="row display-flex no-space"> 25 <div class="col-md-12"> 26 <h2> 27 <a href="https://www.antgroup.com/en" class="feature-link"> 28 Ant Group 29 </a> 30 </h2> 31 <p class="info-users-text">Ant Group, develops online payment platforms. 32 The company offers a wide range of financial services to consumers and 33 businesses worldwide. 34 </p> 35 <div class="panel panel-default"> 36 <div class="panel-body"> 37 <p class="info-users-text"> At Ant Group, we are committed to 38 keeping online transactions safe and efficient. Continuously 39 improving security for potential system-level attacks is one 40 of many measures. As a container runtime, gVisor provides 41 container-native security without sacrificing resource 42 efficiency. Therefore, it has been on our radar since it was 43 released. 44 </p> 45 </div> 46 </div> <!-- end panel --> 47 <p class="info-users-text">Read Ant Group's blog post on running gVisor 48 in production at scale 49 (<a href="/blog/2021/12/02/running-gvisor-in-production-at-scale-in-ant/">source</a>). 50 </p> 51 </div> 52 </div> 53 <hr> 54 <!-- Blink --> 55 <div class="row display-flex no-space"> 56 <div class="col-md-12"> 57 <h2> 58 <a href="https://www.blinkops.com/" class="feature-link"> 59 Blink 60 </a> 61 </h2> 62 <p class="info-text"> Blink is a company that specializes in security 63 automation and orchestration powered by generative AI. 64 </p> 65 <p class="info-users-text">Blink uses gVisor to run pods with full 66 isolation including system calls 67 (<a href="https://www.blinkops.com/blog/run-containers-securely-with-gvisor-on-eks">source</a>). 68 </p> 69 </div> 70 </div> 71 <hr> 72 <!-- Cloudflare --> 73 <div class="row display-flex no-space"> 74 <div class="col-md-12"> 75 <h2> 76 <a href="https://www.cloudflare.com" class="feature-link"> 77 Cloudflare 78 </a> 79 </h2> 80 <p class="info-users-text"> Cloudflare is a content delivery network 81 (CDN) and cloud computing security company. It provides a range of 82 services to businesses of all sizes. 83 </p> 84 <div class="panel panel-default"> 85 <div class="panel-body"> 86 <p class="info-users-text"> 87 It takes just a few seconds for a new gVisor container to 88 start up and begin executing meaningful work in a secure 89 sandbox with near native performance. 90 (<a href="https://blog.cloudflare.com/cloudflare-pages-build-improvements/">A 91 new era for Cloudflare Pages builds</a>) 92 </p> 93 </div> 94 </div> <!-- end panel --> 95 </div> 96 </div> 97 <hr> 98 <!-- DigitalOcean --> 99 <div class="row display-flex no-space"> 100 <div class="col-md-12"> 101 <h2> 102 <a href="https://www.digitalocean.com/" class="feature-link"> 103 DigitalOcean 104 </a> 105 </h2> 106 <p class="info-text"> DigitalOcean is a cloud computing provider that 107 offers cloud infrastructure services to developers and businesses. 108 </p> 109 <p class="info-users-text">DigitalOcean uses gVisor in 110 <a href="https://docs.digitalocean.com/products/app-platform/">App Platform</a> 111 as a container runtime sandbox 112 (<a href="https://docs.digitalocean.com/products/app-platform/details/limits/">source</a>). 113 </p> 114 </div> 115 </div> 116 <hr> 117 <!-- Docker --> 118 <div class="row display-flex no-space"> 119 <div class="col-md-12"> 120 <h2> 121 <a href="https://www.docker.com/" class="feature-link"> 122 Docker 123 </a> 124 </h2> 125 <p class="info-text"> 126 Docker is a popular container management engine. 127 </p> 128 <p class="info-users-text"> 129 Docker for Mac 130 <a href="https://docs.docker.com/desktop/release-notes/#4190">uses the gVisor network 131 stack library</a> for better performance than <code>vpnkit</code>. 132 Note that on Docker for Linux, you can 133 <a href="/docs/user_guide/quick_start/docker/">use gVisor as a container runtime</a>. 134 </p> 135 </div> 136 </div> 137 <hr> 138 <!-- Google --> 139 <div class="row display-flex no-space"> 140 <div class="col-md-8"> 141 <h2> 142 <a href="https://www.google.com" class="feature-link"> 143 Google 144 </a> 145 </h2> 146 <p class="info-text">gVisor was designed and developed to efficiently 147 isolate production workloads at scale for Google services. There are 148 millions of gVisor sandbox instances running daily. gVisor powers Google Cloud 149 offerings <a href="https://cloud.google.com/kubernetes-engine/docs/concepts/sandbox-pods"> 150 GKE Sandbox</a>, <a href="https://cloud.google.com/run">Cloud Run</a>, 151 <a href="https://cloud.google.com/appengine">App Engine</a>, and more. 152 </p> 153 </div> 154 <div class="col-md-4"> 155 <div> 156 <img 157 src="/assets/logos/logo_goog.png" 158 alt="Google logo" 159 title="Google logo" 160 class="img-responsive img-vert-center" /> 161 </div> 162 </div> 163 </div> 164 <hr> 165 <!-- Grist --> 166 <div class="row display-flex no-space"> 167 <div class="col-md-12"> 168 <h2> 169 <a href="https://www.getgrist.com/" class="feature-link"> 170 Grist 171 </a> 172 </h2> 173 <p class="info-text"> Grist combines the flexibility and familiarity of 174 spreadsheets with the power of databases. 175 </p> 176 <p class="info-users-text">Grist uses gVisor to isolate documents from each other and the network 177 (<a href="https://support.getgrist.com/self-managed/#how-do-i-sandbox-documents">source</a>). 178 </p> 179 </div> 180 </div> 181 <hr> 182 <!-- Modal --> 183 <div class="row display-flex no-space"> 184 <div class="col-md-8"> 185 <h2> 186 <a href="https://www.modal.com" class="feature-link"> 187 Modal 188 </a> 189 </h2> 190 <p class="info-users-text"> Modal is a cloud platform that simplifies 191 the execution and management of various computing workloads for data 192 teams and application developers (particularly those working in the 193 field of generative AI). 194 </p> 195 <div class="panel panel-default"> 196 <div class="panel-body"> 197 <p class="info-users-text"> 198 Compute jobs at Modal are containerized and virtualized using gVisor. 199 (<a href="https://modal.com/docs/guide/security">Security at Modal</a>). 200 </p> 201 </div> 202 </div> <!-- end panel --> 203 <p class="info-users-text">Modal labs tweeted about fully running on gVisor 204 (<a href="https://twitter.com/bernhardsson/status/1708929516955930699">source</a>). 205 </p> 206 </div> 207 <div class="col-md-4"> 208 <div> 209 <img 210 src="/assets/logos/logo_modal.png" 211 alt="Modal logo" 212 title="Modal logo" 213 class="img-responsive img-vert-center" /> 214 </div> 215 </div> 216 </div> 217 <!-- Tailscale --> 218 <div class="row display-flex no-space"> 219 <div class="col-md-12"> 220 <h2> 221 <a href="https://tailscale.com" class="feature-link"> 222 Tailscale 223 </a> 224 </h2> 225 <p class="info-users-text">Tailscale provides a mesh-based VPN service 226 designed to simplify secure networking between devices and servers. 227 </p> 228 <div class="panel panel-default"> 229 <div class="panel-body"> 230 <p class="info-users-text"> In userspace mode, Tailscale uses the 231 gVisor netstack library, implementing networking in userspace. 232 (<a href="https://tailscale.com/kb/1177/kernel-vs-userspace-routers">Kernel vs. netstack subnet routing & exit nodes</a>). 233 </p> 234 </div> 235 </div> <!-- end panel --> 236 </div> 237 </div> 238 </div> <!-- end div with padding --> 239 </div> <!-- end container -->