diff options
author | Adin Scannell <ascannell@google.com> | 2019-11-18 13:40:27 -0800 |
---|---|---|
committer | Adin Scannell <ascannell@google.com> | 2020-04-21 12:00:59 -0700 |
commit | 957e26a6f30d40e2bff042d76a327d0a2cfbabae (patch) | |
tree | 3e95d46355585ae4661de5cef30cdca72a7c94bb /website/content/index.md | |
parent | dc2f198866c5fd8162a79978eb3633975d3ba11f (diff) |
Move website to a simpler jekyll-based template
This will allow us to merge the site into the main repository.
This merge allows the documentation to be kept up-to-date and
synchronized with the main project. Builds will be triggered on any
update, removing the need for the cron-based reploy.
Diffstat (limited to 'website/content/index.md')
-rwxr-xr-x | website/content/index.md | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/website/content/index.md b/website/content/index.md new file mode 100755 index 000000000..9dab9cbad --- /dev/null +++ b/website/content/index.md @@ -0,0 +1,68 @@ +--- +title: gVisor +layout: base +--- + +<div class="jumbotron jumbotron-fluid"> + <div class="container text-center"> + <p>Efficient defense-in-depth for container infrastructure anywhere.</p> + <p style="margin-top: 20px;"> + <a class="btn" href="/docs/">Get Started <i class="fas fa-arrow-alt-circle-right ml-2"></i></a> + <a class="btn btn-inverse" href="https://github.com/google/gvisor">GitHub <i class="fab fa-github ml-2"></i></a> + </p> + </div> +</div> + +<div class="container"> <!-- Full page container. --> + +<div class="row"> + <div class="col-md-3"></div> + <div class="col-md-6"> + <h3>gVisor is an open-source application kernel and container runtime for + adding defense-in-depth or sandboxing workloads safely and easily. gVisor is + a container-native technology, designed to improve container isolation + without sacrificing the benefits of container efficiency and + portability.</h3> + </div> + <div class="col-md-3"></div> +</div> + +<div class="row"> + + <div class="col-md-4"> + <h4 id="seamless-security">Container-native Security</h4> + <p>By providing each container with its own application kernel instance, + gVisor limits the attack surface of the host while still integrating + seamlessly with popular container orchestration systems, such as Docker and + Kubernetes. This includes support for advanced features, such as a volumes, + terminals and sidecars, and still providing visibility into the application + behavior through cgroups and other monitoring mechanisms. + </p> + <a class="button" href="/docs/architecture_guide/security/">Read More »</a> + </div> + + <div class="col-md-4"> + <h4 id="resource-efficiency">Resource Efficiency</h4> + <p>Containers are efficient because workloads of different shapes and sizes + can be packed together by sharing host resources. By using host native + abstractions such as threads and memory mappings, gVisor closely co-operates + with the host to enable the same resource model as native containers. + Sandboxed containers can safely and securely share host resources with each + other and native containers on the same system. + </p> + <a class="button" href="/docs/architecture_guide/resources/">Read More »</a> + </div> + + <div class="col-md-4"> + <h4 id="platform-portability">Platform Portability</h4> + <p>Modern infrastructure spans multiple clouds and data centers, often using + a mix of virtualized instances and traditional servers. The pluggable + platform architecture of gVisor allows it to run anywhere, enabling security + policies to be enforced consistently across multiple environments. + Sandboxing requirements need not dictate where workloads can run. + </p> + <a class="button" href="/docs/architecture_guide/platforms/">Read More »</a> + </div> +</div> + +</div> <!-- container --> |