db0473b1be
Add a new 'docs' directory for that can be built on in the future. Docs are divided into a 'user guide', 'contributor guide', and 'architecture guide'. This is currently a work in progress. PiperOrigin-RevId: 223326836 Change-Id: I78d08d6a89d686e92d3415d4269463e8e74bddee |
||
|---|---|---|
| .. | ||
| architecture_guide | ||
| contributor_guide | ||
| user_guide | ||
| README.md | ||
README.md
gVisor Documentation
This doc is a work in progress. For the definitive documentation please see the README
gVisor is a user-space kernel, written in Go, that implements a substantial portion of the Linux system call interface. It provides an additional layer of isolation between running applications and the host operating system.
gVisor includes an Open Container Initiative (OCI) runtime called runsc
that makes it easy to work with existing container tooling. The runsc runtime
integrates with Docker and Kubernetes, making it simple to run sandboxed
containers.
Check out the gVisor Quick Start to get started using gVisor.
gVisor takes a distinct approach to container sandboxing and makes a different set of technical trade-offs compared to existing sandbox technologies, thus providing new tools and ideas for the container security landscape.
Check out Why gVisor? for more on why we made gVisor.
How this documentation is organized
- The Architecture Guide explains about gVisor's architecture & design philosophy. Start here if you would like to know more about how gVisor works and why it was created.
- The User Guide contains info on how to use gVisor and integrate it into your application or platform.
- The Contributer Guide includes documentation on how to build gVisor, run tests, and contribute to gVisor's development.