Peter Morjan

Hi, runq is a runtime for the standard Docker engine. Therefore vulnerabilities of Docker (and runc) also apply but at a different layer. Qemu and the guest kernel build an...

Thanks @yoheiueda for this PR. Can you please add a simple test case with with 2 runq containers talking to each other via IPv6 similar to the existing test case...

I did some experiments with multicast in the past. There is a netlink function: https://godoc.org/github.com/vishvananda/netlink#LinkSetAllmulticastOn

There are no plans for this. But I found this an interesting idea and did some experiments that can be found in the new branch: https://github.com/gotoz/runq/tree/binfmt_misc This (experimental) branch allows...

For this you would also need an target architecture specific guest kernel and initrd.

Thanks for the report. I can recreate the issue. On my MacOS system (quite outdated: El Capitan, Fusion 7.1.3, Fedora 28) "pmu=off" solves the issue. Is "disable-modern=on" on virtio devices...

The branch [nestedvm](https://github.com/gotoz/runq/tree/nestedvm) contains a new runtime configuration option `--nestedvm` for testing. It adds the extra qemu command line parameters.

The "--nestedvm" option (now in master) also works for Vmware ESXi guests. Setup instructions can be found here: https://communities.vmware.com/docs/DOC-8970

Yes that works.

The runq binary must be built inside the RunC source code tree where the function validateProcessSpec is defined. It's all done automatically by the Makefile.