summaryrefslogtreecommitdiffhomepage
path: root/website/index.md
diff options
context:
space:
mode:
authorAdin Scannell <ascannell@google.com>2020-04-27 22:24:58 -0700
committerAdin Scannell <ascannell@google.com>2020-05-06 14:15:18 -0700
commit508e25b6d6e9a81edb6ddf8738450b79898b446a (patch)
treea7f6105ac25c8a879ed880e477d89ec6b6eb1a24 /website/index.md
parent8cb33ce5ded7d417710e7e749524b895deb20397 (diff)
Adapt website to use g3doc sources and bazel.
This adapts the merged website repository to use the image and bazel build framework. It explicitly avoids the container_image rules provided by bazel, opting instead to build with direct docker commands when necessary. The relevant build commands are incorporated into the top-level Makefile.
Diffstat (limited to 'website/index.md')
-rw-r--r--website/index.md70
1 files changed, 70 insertions, 0 deletions
diff --git a/website/index.md b/website/index.md
new file mode 100644
index 000000000..f09a7e89e
--- /dev/null
+++ b/website/index.md
@@ -0,0 +1,70 @@
+---
+title: gVisor
+layout: base
+---
+
+<div class="jumbotron jumbotron-fluid">
+ <div class="container text-center">
+ <p>Efficient defense-in-depth for container infrastructure anywhere.</p>
+ <p style="margin-top: 20px;">
+ <a class="btn" href="/docs/">Get Started&nbsp;<i class="fas fa-arrow-alt-circle-right ml-2"></i></a>
+ <a class="btn btn-inverse" href="https://github.com/google/gvisor">GitHub&nbsp;<i class="fab fa-github ml-2"></i></a>
+ </p>
+ </div>
+</div>
+
+<div class="container"> <!-- Full page container. -->
+
+<!--
+<div class="row">
+ <div class="col-md-3"></div>
+ <div class="col-md-6">
+ <h3>gVisor is an open-source application kernel and container runtime for
+ adding defense-in-depth or sandboxing workloads safely and easily. gVisor is
+ a container-native technology, designed to improve container isolation
+ without sacrificing the benefits of container efficiency and
+ portability.</h3>
+ </div>
+ <div class="col-md-3"></div>
+</div>
+-->
+
+<div class="row">
+
+ <div class="col-md-4">
+ <h4 id="seamless-security">Container-native Security</h4>
+ <p>By providing each container with its own application kernel instance,
+ gVisor limits the attack surface of the host while still integrating
+ seamlessly with popular container orchestration systems, such as Docker and
+ Kubernetes. This includes support for advanced features, such as a volumes,
+ terminals and sidecars, and still providing visibility into the application
+ behavior through cgroups and other monitoring mechanisms.
+ </p>
+ <a class="button" href="/docs/architecture_guide/security/">Read More &raquo;</a>
+ </div>
+
+ <div class="col-md-4">
+ <h4 id="resource-efficiency">Resource Efficiency</h4>
+ <p>Containers are efficient because workloads of different shapes and sizes
+ can be packed together by sharing host resources. By using host native
+ abstractions such as threads and memory mappings, gVisor closely co-operates
+ with the host to enable the same resource model as native containers.
+ Sandboxed containers can safely and securely share host resources with each
+ other and native containers on the same system.
+ </p>
+ <a class="button" href="/docs/architecture_guide/resources/">Read More &raquo;</a>
+ </div>
+
+ <div class="col-md-4">
+ <h4 id="platform-portability">Platform Portability</h4>
+ <p>Modern infrastructure spans multiple clouds and data centers, often using
+ a mix of virtualized instances and traditional servers. The pluggable
+ platform architecture of gVisor allows it to run anywhere, enabling security
+ policies to be enforced consistently across multiple environments.
+ Sandboxing requirements need not dictate where workloads can run.
+ </p>
+ <a class="button" href="/docs/architecture_guide/platforms/">Read More &raquo;</a>
+ </div>
+</div>
+
+</div> <!-- container -->