mirror of
https://github.com/siderolabs/talos.git
synced 2026-03-10 16:11:08 +01:00
916a306829
This PR ensures we look cool on twitter. Signed-off-by: Spencer Smith <spencer.smith@talos-systems.com>
166 lines
6.2 KiB
HTML
166 lines
6.2 KiB
HTML
+++
|
||
title = "Talos Linux"
|
||
+++
|
||
|
||
<meta name="twitter:card" content="summary_large_image">
|
||
<meta name="twitter:site" content="@SideroLabs">
|
||
<meta name="twitter:title" content="Talos Linux">
|
||
<meta name="twitter:description" content="Talos Linux is Linux designed for Kubernetes – secure, immutable, and minimal.">
|
||
<meta name="twitter:image" content="https://www.talos.dev/images/logo.svg">
|
||
|
||
{{< blocks/cover title="Talos Linux" image_anchor="top" color="orange" >}}
|
||
<div class="mx-auto">
|
||
<div class="col-12 text-center">
|
||
<img width="250" class="" src="/images/logo.svg">
|
||
</div>
|
||
<br/>
|
||
<h3 class="display-4 text-center mb-3">The Kubernetes Operating System</h3>
|
||
</div>
|
||
{{< /blocks/cover >}}
|
||
|
||
<section class="">
|
||
<div class="container">
|
||
<div class="row align-items-center justify-content-center">
|
||
<div class="col-12 col-lg-6">
|
||
<h1 class="display-1 text-center mb-5">What is Talos Linux?</h1>
|
||
<p class="">
|
||
Talos Linux is Linux designed for Kubernetes – secure, immutable, and minimal.
|
||
</p>
|
||
<ul class="">
|
||
<li class="">
|
||
Supports cloud platforms, bare metal, and virtualization platforms
|
||
</li>
|
||
<li class="">
|
||
All system management is done via an API. No SSH, shell or console
|
||
</li>
|
||
<li class="">
|
||
Production ready: supports some of the largest Kubernetes clusters in the world
|
||
</li>
|
||
<li class="">
|
||
Open source project from the team at Sidero Labs
|
||
</li>
|
||
</ul>
|
||
<div class="row align-items-center">
|
||
<div class="col-8">
|
||
<p class="my-5 h5">
|
||
It only takes 3 minutes to launch a Talos cluster on your laptop inside Docker.
|
||
</p>
|
||
</div>
|
||
<div class="col-4 text-center">
|
||
<a class="btn btn-primary btn-lg my-5"
|
||
href="https://www.talos.dev/docs/latest/introduction/quickstart/">
|
||
Try it now
|
||
</a>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section class="">
|
||
<div class="container">
|
||
<h2 class="display-2 text-center mb-5">Why Talos Linux?</h2>
|
||
<div class="row mb-5">
|
||
<div class="col-12 col-lg-4">
|
||
<h3 class="display-4 text-center mb-3">Security</h3>
|
||
<p class="">
|
||
Talos reduces your attack surface. It's minimal, hardened and
|
||
immutable. All API access is secured with mutual TLS (mTLS)
|
||
authentication.
|
||
</p>
|
||
</div>
|
||
<div class="col-12 col-lg-4">
|
||
<h3 class="display-4 text-center mb-3">Predictability</h3>
|
||
<p class="">
|
||
Talos eliminates configuration drift, reduces unknown factors by
|
||
employing immutable infrastructure ideology, and delivers atomic
|
||
updates.
|
||
</p>
|
||
</div>
|
||
<div class="col-12 col-lg-4">
|
||
<h3 class="display-4 text-center mb-3">Evolvability</h3>
|
||
<p class="">
|
||
Talos simplifies your architecture, increases your agility, and
|
||
always delivers current stable Kubernetes and Linux versions.
|
||
</p>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section class="">
|
||
<div class="container">
|
||
<h2 class="display-2 text-center mb-5">Features</h2>
|
||
<div class="row justify-content-center mb-5">
|
||
<div class="col-12 col-lg-4 mb-3">
|
||
<h3 class="display-4 text-center mb-3">Minimal</h3>
|
||
<p class="text-center">
|
||
Talos consists of only a handful of binaries and shared libraries:
|
||
just enough to run containerd and a small set of system services.
|
||
</p>
|
||
<p class="text-center">
|
||
This aligns with NIST's recommendation in the Application Container
|
||
Security Guide.
|
||
</p>
|
||
</div>
|
||
<div class="col-12 col-lg-4 mb-3">
|
||
<h3 class="display-4 text-center mb-3">Hardened</h3>
|
||
<p class="text-center">
|
||
Hardened by design:
|
||
</p>
|
||
<ul class="pl-4">
|
||
<li>
|
||
Built with the Kernel Self Protection Project configuration
|
||
recommendations.
|
||
</li>
|
||
<li>
|
||
All access to the API is secured with Mutual TLS.
|
||
</li>
|
||
<li>
|
||
Settings and configuration described in the CIS guidelines are
|
||
applied by default.
|
||
</li>
|
||
</ul>
|
||
</div>
|
||
<div class="col-12 col-lg-4 mb-3">
|
||
<h3 class="display-4 text-center mb-3">Immutable</h3>
|
||
<p class="text-center">
|
||
Talos improves security further by mounting the root filesystem as
|
||
read-only and removing any host-level such as a shell and SSH.
|
||
</p>
|
||
</div>
|
||
<div class="col-12 col-lg-4 mb-3">
|
||
<h3 class="display-4 text-center mb-3">Ephemeral</h3>
|
||
<p class="text-center">
|
||
Talos runs in memory from a SquashFS, and persists nothing, leaving
|
||
the primary disk entirely to Kubernetes.
|
||
</p>
|
||
</div>
|
||
<div class="col-12 col-lg-4 mb-3">
|
||
<h3 class="display-4 text-center mb-3">Current</h3>
|
||
<p class="text-center">
|
||
Delivers the latest stable versions of Kubernetes and Linux.
|
||
</p>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</section>
|
||
|
||
<section class="">
|
||
<div class="container">
|
||
<div class="row mb-5">
|
||
<div class="col-12 text-center">
|
||
<img width="142" class="" src="/images/certified-kubernetes-color.png" alt="Certified Kubernetes">
|
||
</div>
|
||
</div>
|
||
<div class="row">
|
||
<div class="col-12 text-center">
|
||
<img width="250" class="" src="/images/cncf-color.png" alt="Certified Kubernetes">
|
||
<p class="my-3"> We are a <a class="" href="https://cncf.io/"> Cloud Native Computing Foundation </a>
|
||
member. </p>
|
||
</div>
|
||
</div>
|
||
</div>
|
||
</section>
|