runsc

Runsc is a container runtime component of the gVisor project, an open-source effort from Google that provides a user-space kernel. Runsc runs containers inside a sandbox that intercepts and handles Linux system calls in user space, rather than letting them execute directly on the host kernel. The aim is to provide stronger isolation between container workloads and the host system while preserving compatibility with standard container tooling.

Runsc launches a gVisor user-space kernel within a host process and executes the container's processes inside

Runsc implements the OCI runtime interface, so it can be used with container runtimes such as Docker,

Runsc is part of the gVisor project, originally developed by Google. It is open source and maintained