Skip to navigationSkip to main contentSkip to footerScaleway DocsAsk our AI
Ask our AI
Log inSign up

Containers sandbox

In the context of Scaleway Serverless Containers, a Sandbox environment is a critical security mechanism that isolates each container from others, ensuring that they operate in a secure and controlled space. Containers run in dedicated execution environments that prevent unauthorized access and potential interference between different resources.

Scaleway Serverless Containers offers two sandbox environment options:

  • Sandbox v1 (legacy)
  • Sandbox v2 (recommended)

Sandbox v1

Sandbox v1 is Serverless Containers' legacy sandboxing environment with slower cold starts, but fully supports Linux system call interface.

Important

Sandbox v1 is known to experience clock drift over time. A difference of approximately two seconds can be observed after 24 hours of uninterrupted execution. This issue especially affects long-running containers, whereas short-lived containers are much less impacted. Update to sandbox v2 to solve the issue.

Sandbox v2

Sandbox v2 is a modern isolation environment that relies on gVisor. This option offers faster cold starts, but only implements a selection of Linux syscalls. Refer to the official gVisor documentation for a comprehensive list of supported syscalls.

Still need help?

Create a support ticket
No Results