Since Google is testing it internally I made the move and switched all my gVisor sandboxes to VFS2. They will likely making it the default very soon anyway.
I can notice much better performance and thanks to the new implementation, some syscalls (like fcntl()) are now supported.
Just a single-user instance, nothing fancy here. I won't bite, I promise.