summaryrefslogtreecommitdiffhomepage
path: root/content
diff options
context:
space:
mode:
Diffstat (limited to 'content')
-rw-r--r--content/_index.html2
-rw-r--r--content/docs/_index.md2
-rw-r--r--content/docs/architecture_guide/performance.md2
-rw-r--r--content/docs/tutorials/docker.md4
-rw-r--r--content/docs/user_guide/FAQ.md22
-rw-r--r--content/docs/user_guide/debugging.md2
-rw-r--r--content/docs/user_guide/quick_start/docker.md9
7 files changed, 25 insertions, 18 deletions
diff --git a/content/_index.html b/content/_index.html
index 9e82ea98d..e2a78364d 100644
--- a/content/_index.html
+++ b/content/_index.html
@@ -7,7 +7,7 @@ description = "A container sandbox runtime focused on security, efficiency, and
{{< blocks/cover image_anchor="top" height="auto" color="primary" title="gVisor" >}}
<div class="mx-auto">
<p class="lead">A container sandbox runtime focused on <strong>security</strong>, <strong>efficiency</strong>, and <strong>ease of use</strong>.</p>
- <a class="btn btn-lg btn-primary mr-3 mb-4" href="./docs/user_guide/docker/">Quick Start<i class="fas fa-arrow-alt-circle-right ml-2"></i></a>
+ <a class="btn btn-lg btn-primary mr-3 mb-4" href="./docs/user_guide/quick_start/docker/">Quick Start<i class="fas fa-arrow-alt-circle-right ml-2"></i></a>
<a class="btn btn-lg btn-secondary mr-3 mb-4" href="https://github.com/google/gvisor" rel="noopener">GitHub <i class="fab fa-github ml-2"></i></a>
</div>
{{< /blocks/cover >}}
diff --git a/content/docs/_index.md b/content/docs/_index.md
index 238ece1e1..b929c0870 100644
--- a/content/docs/_index.md
+++ b/content/docs/_index.md
@@ -14,7 +14,7 @@ gVisor takes a distinct approach to container sandboxing and makes a different
set of technical trade-offs compared to existing sandbox technologies, thus
providing new tools and ideas for the container security landscape.
-Check out the [gVisor Quick Start](./user_guide/docker/) to get started
+Check out the [gVisor Quick Start](./user_guide/quick_start/docker/) to get started
using gVisor.
## How this documentation is organized
diff --git a/content/docs/architecture_guide/performance.md b/content/docs/architecture_guide/performance.md
index 65cbcb700..43ee5ada4 100644
--- a/content/docs/architecture_guide/performance.md
+++ b/content/docs/architecture_guide/performance.md
@@ -175,7 +175,7 @@ similarly loads a number of modules and binds an HTTP server.
> Note: most of the time overhead above is associated Docker itself. This is
> evident with the empty `runc` benchmark. To avoid these costs with `runsc`,
> you may also consider using `runsc do` mode or invoking the [OCI
-> runtime](../../user_guide/oci/) directly.
+> runtime](../../user_guide/quick_start/oci/) directly.
## Network
diff --git a/content/docs/tutorials/docker.md b/content/docs/tutorials/docker.md
index eb6da6ec6..8391515c3 100644
--- a/content/docs/tutorials/docker.md
+++ b/content/docs/tutorials/docker.md
@@ -68,6 +68,6 @@ Congratulations! You have just deployed a WordPress site using Docker.
[Learn how to deploy WordPress with Kubernetes][wordpress-k8s].
[docker]: https://www.docker.com/
-[docker-install]: /docs/user_guide/docker/
+[docker-install]: /docs/user_guide/quick_start/docker/
[wordpress]: https://wordpress.com/
-[wordpress-k8s]: /docs/tutorials/kubernetes/ \ No newline at end of file
+[wordpress-k8s]: /docs/tutorials/kubernetes/
diff --git a/content/docs/user_guide/FAQ.md b/content/docs/user_guide/FAQ.md
index 19358e8db..2cee17477 100644
--- a/content/docs/user_guide/FAQ.md
+++ b/content/docs/user_guide/FAQ.md
@@ -25,15 +25,15 @@ Binaries run in gVisor should be built for the
### Can I run Docker images using gVisor.
-Yes. Please see the [Docker Quick Start](/docs/user_guide/docker/).
+Yes. Please see the [Docker Quick Start][docker].
### Can I run Kubernetes pods using gVisor.
-Yes. Please see the [Docker Quick Start](/docs/user_guide/kubernetes/).
+Yes. Please see the [Docker Quick Start][k8s].
### What's the security model?
-See the [Security Model](../../architecture_guide/security/).
+See the [Security Model][security-model].
## Troubleshooting
@@ -41,18 +41,18 @@ See the [Security Model](../../architecture_guide/security/).
If you’re having problems running a container with `runsc` it’s most likely due
to a compatibility issue or a missing feature in gVisor. See
-[Debugging](../debugging/).
+[Debugging][debugging].
### When I run my container, docker fails with: `open /run/containerd/.../<containerid>/log.json: no such file or directory`
You are using an older version of Linux which doesn't support `memfd_create`.
gVisor requires Linux {{< required_linux >}} ([older Linux][old-linux]).
-[comment]: # (TODO[gvisor.dev/issue/268] remove when better error messages are implemented.)
+This is tracked in [bug #268](https://gvisor.dev/issue/268).
### When I run my container, docker fails with: `flag provided but not defined: -console`
-You're using an old version of Docker. See [Docker Quick Start](../docker/).
+You're using an old version of Docker. See [Docker Quick Start][docker].
### I can’t see a file copied with: `docker cp`
@@ -61,9 +61,9 @@ not realize a new file was copied to a given directory. To invalidate the cache
and force a refresh, create a file under the directory in question and list the
contents again.
-As a workaround, shared root filesystem can be enabled. See [Filesystem](../filesystem/).
+As a workaround, shared root filesystem can be enabled. See [Filesystem][filesystem].
-This bug is tracked in [bug #4](https://github.com/google/gvisor/issues/4).
+This bug is tracked in [bug #4](https://gvisor.dev/issue/4).
Note that `kubectl cp` works because it does the copy by exec'ing inside the
sandbox, and thus gVisor's internal cache is made aware of the new files and
@@ -96,6 +96,10 @@ sandbox isolation. There are a few different workarounds you can try:
* Use IPs instead of container names.
* Use [Kubernetes][k8s]. Container name lookup works fine in Kubernetes.
+[security-model]: /docs/architecture_guide/security/
[old-linux]: /docs/user_guide/networking/#gso
[host-net]: /docs/user_guide/networking/#network-passthrough
-[k8s]: /docs/user_guide/kubernetes \ No newline at end of file
+[debugging]: /docs/user_guide/debugging/
+[filesystem]: /docs/user_guide/filesystem/
+[docker]: /docs/user_guide/quick_start/docker/
+[k8s]: /docs/user_guide/quick_start/kubernetes/
diff --git a/content/docs/user_guide/debugging.md b/content/docs/user_guide/debugging.md
index e6f024de6..4d26d557c 100644
--- a/content/docs/user_guide/debugging.md
+++ b/content/docs/user_guide/debugging.md
@@ -4,7 +4,7 @@ weight = 120
+++
To enable debug and system call logging, add the `runtimeArgs` below to your
-[Docker](../docker/) configuration (`/etc/docker/daemon.json`):
+[Docker](../quick_start/docker/) configuration (`/etc/docker/daemon.json`):
```json
{
diff --git a/content/docs/user_guide/quick_start/docker.md b/content/docs/user_guide/quick_start/docker.md
index 523831c1b..f599e3ae1 100644
--- a/content/docs/user_guide/quick_start/docker.md
+++ b/content/docs/user_guide/quick_start/docker.md
@@ -85,9 +85,12 @@ $ docker run --runtime=runsc -it ubuntu dmesg
Note that this is easily replicated by an attacker so applications should never
use `dmesg` to verify the runtime in a security sensitive context.
-Next, look at the different options available for gVisor: [platform](../platforms/),
-[network](../networking/), [filesystem](../filesystem/).
+Next, look at the different options available for gVisor: [platform][platforms],
+[network][networking], [filesystem][filesystem].
[docker]: https://docs.docker.com/install/
-
[storage-driver]: https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-storage-driver
+
+[filesystem]: /docs/user_guide/filesystem/
+[networking]: /docs/user_guide/networking/
+[platforms]: /docs/user_guide/platforms/