content: update content to current state

Updates:
- Mention that AMD and Arm are in developer preview.
- Mention container integrations (Kata, Weave).
- Link to the correct roadmap project.
- Add the "KVM userspace" article to QEMU mentions.
- Mention jailer.
- Mention rust-vmm as part of the crosvm story.
- Add OSv as a supported guest operating system.

Signed-off-by: Radu Weiss <[email protected]>

Author: raduweiss

index.html

@@ -66,7 +66,8 @@
                 <header>Firecracker is an open source virtualization technology that is purpose-built for creating and managing secure, multi-tenant container and function-based services.</header>
                 <section>
                     <p>Until now, you needed to choose between containers with fast startup times and high density, or VMs with strong hardware-virtualization-based security and workload isolation. With Firecracker, you no longer have to choose. Firecracker enables you to deploy workloads in lightweight virtual machines, called microVMs, which provide enhanced security and workload isolation over traditional VMs, while enabling the speed and resource efficiency of containers. Firecracker was developed at Amazon Web Services to improve the customer experience of services like <a href="https://aws.amazon.com/lambda/">AWS Lambda</a> and <a href="https://aws.amazon.com/fargate/">AWS Fargate</a>.<p/>
-                    <p>Firecracker implements a virtual machine monitor (VMM) that uses the Linux Kernel-based Virtual Machine (KVM) to create and manage microVMs. Firecracker has a minimalist design. It excludes unnecessary devices and guest functionality to reduce the memory footprint and attack surface area of each microVM.  This improves security, decreases the startup time, and increases hardware utilization. Firecracker currently supports Intel CPUs, with planned AMD and Arm support. Firecracker will also be integrated with popular container runtimes such as containerd. Our latest roadmap can be found <a href="https://github.com/firecracker-microvm/firecracker/labels/Roadmap">here</a>.</p>
+		    <p>Firecracker is a virtual machine monitor (VMM) that uses the Linux Kernel-based Virtual Machine (KVM) to create and manage microVMs. Firecracker has a minimalist design. It excludes unnecessary devices and guest functionality to reduce the memory footprint and attack surface area of each microVM.  This improves security, decreases the startup time, and increases hardware utilization. Firecracker currently supports Intel CPUs, with AMD and Arm support in developer preview.</p>
+		    <p>Firecracker is integrated with <a href="https://github.com/kata-containers/documentation/wiki/Initial-release-of-Kata-Containers-with-Firecracker-support">Kata Containers</a>, <a href="https://www.weave.works/oss/firekube/">Weave FireKube</a> (via <a href="https://github.com/weaveworks/ignite">Weave Ignite</a>), and containerd via <a href="https://github.com/firecracker-microvm/firecracker-containerd">firecracker-containerd</a>. It's also available within the <a href="https://github.com/solo-io/unik">UniK</a> unikernel and microVM platform. Firecracker can run Linux and <a href="http://blog.osv.io/blog/2019/04/19/making-OSv-run-on-firecraker">OSv</a> guests. Our latest roadmap can be found <a href="https://github.com/firecracker-microvm/firecracker/projects/13">here</a>.</p>
                 </section>
             </article>
         </section>
@@ -91,7 +92,7 @@
                     </a>
                 </div>
             </div>
-        </section>
+        </section>	
         <section class="mdl-benefits">
             <div class="m-content">
                 <div id="benefits" name="benefits" class="m-title">Benefits</div>
@@ -108,14 +109,14 @@
                             <img src="img/[email protected]" alt="Speed icon">
                             <header>Speed by design</header>
                         </div>
-                        <section>In addition to a minimal device model, Firecracker also accelerates kernel loading and provides a minimal guest kernel configuration. This enables fast startup times. Firecracker initiates user space or application code in less than 125ms and supports microVM creation rates of 150 microVMs per second per host.</section>
+                        <section>In addition to a minimal device model, Firecracker also accelerates kernel loading and provides a minimal guest kernel configuration. This enables fast startup times. Firecracker initiates user space or application code in as little as 125 ms and supports microVM creation rates of up to 150 microVMs per second per host.</section>
                     </article>
                     <article class="m-item">
                         <div class="m-header">
                             <img src="img/[email protected]" alt="hardware icon">
                             <header>Scale and efficiency</header>
                         </div>
-                        <section>Each Firecracker microVM runs with a reduced memory overhead of less than 5MiB, enabling a high density of microVMs to be packed on each server. Firecracker provides a rate limiter built into every microVM. This enables optimized sharing of network and storage resources, even across thousands of microVMs. </section>
+                        <section>Each Firecracker microVM runs with a reduced memory overhead of less than 5 MiB, enabling a high density of microVMs to be packed on each server. Firecracker provides a rate limiter built into every microVM. This enables optimized sharing of network and storage resources, even across thousands of microVMs. </section>
                     </article>
                 </div>
             </div>
@@ -129,8 +130,8 @@
                     <img src="img/[email protected]" class="m-device" alt="Firecracker diagram">
                 </div>
                 <section>
-                    <p>Firecracker runs in user space and uses the Linux Kernel-based Virtual Machine (KVM) to create microVMs. The fast startup time and low memory overhead of each microVM enables you to pack thousands of microVMs onto the same machine. This means that every function or container group can be encapsulated with a virtual machine barrier, enabling workloads from different customers to run on the same machine, without any tradeoffs to security or efficiency. Firecracker is an alternative to QEMU, an established VMM with a general purpose and broad feature set that allows it to host a variety of guest operating systems.</p>
-                    <p>You can control the Firecracker process via a RESTful API that enables common actions such as configuring the number of vCPUs or starting the machine. It provides built-in rate limiters, which allows you to granularly control network and storage resources used by thousands of microVMs on the same machine. You can create and configure rate limiters via the Firecracker API and define flexible rate limiters that support bursts or specific bandwidth/operations limitations. Firecracker also provides a metadata service that securely shares configuration information between the host and guest operating system. You can set up and configure the metadata service using the Firecracker API.</p>
+                    <p>Firecracker runs in user space and uses the Linux Kernel-based Virtual Machine (KVM) to create microVMs. The fast startup time and low memory overhead of each microVM enables you to pack thousands of microVMs onto the same machine. This means that every function, container, or container group can be encapsulated with a virtual machine barrier, enabling workloads from different customers to run on the same machine, without any tradeoffs to security or efficiency. Firecracker is an <a href="https://www.redhat.com/en/blog/all-you-need-know-about-kvm-userspace">alternative to QEMU</a>, an established VMM with a general purpose and broad feature set that allows it to host a variety of guest operating systems.</p>
+                    <p>You can control the Firecracker process via a RESTful API that enables common actions such as configuring the number of vCPUs or starting the machine. It provides built-in rate limiters, which allows you to granularly control network and storage resources used by thousands of microVMs on the same machine. You can create and configure rate limiters via the Firecracker API and define flexible rate limiters that support bursts or specific bandwidth/operations limitations. Firecracker also provides a metadata service that securely shares configuration information between the host and guest operating system. You can set up and configure the metadata service using the Firecracker API. Each Firecracker microVM is further isolated with common Linux user-space security barriers by a companion program called "jailer". The jailer provides a second line of defense in case the virtualization barrier is ever compromised.</p>
                 </section>
             </article>
         </section>
@@ -140,31 +141,31 @@
                 <div class="m-grid sta-masonry">
                     <article class="m-item">
                         <header>Who developed Firecracker?</header>
-                        <section>Firecracker was built by developers at Amazon Web Services to enable services such as <a href="https://aws.amazon.com/lambda/">AWS Lambda</a> and <a href="https://aws.amazon.com/fargate/">AWS Fargate</a> to improve resource utilization and customer experience, while providing the security and isolation required of public cloud infrastructure. Firecracker started from Chromium OS's Virtual Machine Monitor (crosvm), an open source VMM written in Rust. Today, crosvm and Firecracker have diverged to serve very different customer needs. We plan to contribute bug fixes and tests for Rust crates that originated from crosvm, and any Firecracker functionality that's appealing for crosvm.</section>
+                        <section>Firecracker was built by developers at Amazon Web Services to enable services such as <a href="https://aws.amazon.com/lambda/">AWS Lambda</a> and <a href="https://aws.amazon.com/fargate/">AWS Fargate</a> to improve resource utilization and customer experience, while providing the security and isolation required of public cloud infrastructure. Firecracker started from Chromium OS's Virtual Machine Monitor, <a href="https://chromium.googlesource.com/chromiumos/platform/crosvm/">crosvm</a>, an open source VMM written in Rust. Today, crosvm and Firecracker have diverged to serve very different customer needs. <a href="https://github.com/rust-vmm">Rust-vmm</a> is an open source community where we collaborate with crosvm and other groups and individuals to build and share quality Rust virtualization components.</section>
                     </article>            
                     <article class="m-item">
                         <header>Why did you develop Firecracker?</header>
-                        <section>When we launched Lambda in November of 2014, we were focused on providing a secure <a href="https://aws.amazon.com/serverless/">serverless</a> experience. At launch we used per-customer EC2 instances to provide strong security and isolation between customers. As Lambda grew, we saw the need for technology to provide a highly secure, flexible, and efficient runtime environment for services like Lambda and Fargate. Using our experience building isolated EC2 instances with hardware virtualization technology, we started an effort to build a VMM that was tailored to integrate with container ecosystems.</section>
+                        <section>When we launched Lambda in November of 2014, we were focused on providing a secure <a href="https://aws.amazon.com/serverless/">serverless</a> experience. At launch we used per-customer EC2 instances to provide strong security and isolation between customers. As Lambda grew, we saw the need for technology to provide a highly secure, flexible, and efficient runtime environment for services like Lambda and Fargate. Using our experience building isolated EC2 instances with hardware virtualization technology, we started an effort to build a VMM that was tailored to run serverless functions and integrate with container ecosystems.</section>
                     </article>
                     <article class="m-item">
                         <header>What processors does Firecracker support?</header>
-                        <section>The Firecracker VMM is built to be processor agnostic. Today, it can run on Intel processors. AMD and Arm processors will be supported in the near future.</section>
+                        <section>The Firecracker VMM is built to be processor agnostic. Intel processors are supported for production workloads. Support for AMD and Arm processors is in developer preview.</section>
                     </article>            
                     <article class="m-item">
                         <header>What language is Firecracker written in?</header>
                         <section>Firecracker is written in Rust.</section>
                     </article>
                     <article class="m-item">
-                        <header>Can Firecracker be used with Kubernetes, Docker, or Kata containers today?</header>
-                        <section>Not yet. We are making Firecracker open source because it provides a meaningfully different approach to security for running containers. We hope that others in the communities that build open source container technology find it useful. We are working to make Firecracker integrate naturally with the container ecosystem, with the goal to provide seamless integration in the future to provide more choices in how container workloads are isolated.</section>
+                        <header>Can Firecracker be used within the container ecosystem?</header>
+			<section>Yes. Firecracker is integrated with <a href="https://github.com/kata-containers/documentation/wiki/Initial-release-of-Kata-Containers-with-Firecracker-support">Kata Containers</a>, <a href="https://www.weave.works/oss/firekube/">Weave FireKube</a> (via <a href="https://github.com/weaveworks/ignite">Weave Ignite</a>), and containerd via <a href="https://github.com/firecracker-microvm/firecracker-containerd">firecracker-containerd</a>.</section>
                     </article>
                     <article class="m-item">
-                        <header>What is the difference between Firecracker and Kata Containers and QEMU?</header>
-                        <section>Kata Containers is an OCI-compliant container runtime that executes containers within QEMU based virtual machines. Firecracker is a cloud-native alternative to QEMU that is purpose-built for running containers safely and efficiently, and nothing more. Firecracker provides a minimal required device model to the guest operating system while excluding non-essential functionality (there are only 4 emulated devices: virtio-net, virtio-block, serial console, and a 1-button keyboard controller used only to stop the microVM). This, along with a streamlined kernel loading process enables a < 125 ms startup time and a reduced memory footprint. The Firecracker process also provides a RESTful control API, handles resource rate limiting for microVMs, and provides a microVM metadata service to enable the sharing of configuration data between the host and guest.</section>
+                        <header>What is the difference between Firecracker and QEMU?</header>
+			<section>Firecracker is an <a href="https://www.redhat.com/en/blog/all-you-need-know-about-kvm-userspace">alternative to QEMU</a> that is purpose-built for running serverless functions and containers safely and efficiently, and nothing more. Firecracker is written in Rust, provides a minimal required device model to the guest operating system while excluding non-essential functionality (only 5 emulated devices are available: virtio-net, virtio-block, virtio-vsock, serial console, and a minimal keyboard controller used only to stop the microVM). This, along with a streamlined kernel loading process enables a < 125 ms startup time and a < 5 MiB memory footprint. The Firecracker process also provides a RESTful control API, handles resource rate limiting for microVMs, and provides a microVM metadata service to enable the sharing of configuration data between the host and guest.</section>
                     </article>
                     <article class="m-item">
                         <header>What operating systems are supported by Firecracker?</header>
-                        <section>Firecracker supports Linux host and guest operating systems with kernel versions 4.14 and above. The long-term support plan is still under discussion. A leading option is to support Firecracker for the last two Linux stable branch releases.</section>
+			<section>Firecracker supports Linux host and guest operating systems with kernel versions 4.14 and above, as well as <a href="http://blog.osv.io/blog/2019/04/19/making-OSv-run-on-firecraker/">OSv</a> guests. The long-term support plan is still under discussion.</section>
                     </article>
                     <article class="m-item">
                         <header>What is the open source license for Firecracker?</header>
@@ -229,7 +230,7 @@
                     <a href="#home">
                         <img src="img/[email protected]" alt="Firecracker logo">
                     </a>
-                    <div>©2018, Amazon Web Services, Inc or its affiliates. All rights reserved.</div>
+                    <div>©2018 - 2019, Amazon Web Services, Inc or its affiliates. All rights reserved.</div>
                 </div>
             </footer>
         </section>