Your opinion helps us make a better documentation.
In the context of Scaleway Serverless Containers, a Sandbox environment is a critical security mechanism that isolates each container from others, ensuring that they operate in a secure and controlled space. Containers run in dedicated execution environments that prevent unauthorized access and potential interference between different resources.
Scaleway Serverless Containers offers two sandbox environment options:
Sandbox v1 is Serverless Containers’ legacy sandboxing environment with slower cold starts, but fully supports Linux system call interface.
Sandbox v1 is known to experience clock drift over time. A difference of approximately two seconds can be observed after 24 hours of uninterrupted execution. This issue especially affects long-running containers, whereas short-lived containers are much less impacted. Update to sandbox v2 to solve the issue.
Sandbox v2 is a modern isolation environment that relies on gVisor. This option offers faster cold starts, but only implements a selection of Linux syscalls. Refer to the official gVisor documentation for a comprehensive list of supported syscalls.
Your opinion helps us make a better documentation.