Our Stack
Voltainer
A lightweight container runtime built on systemd-nspawn instead of Docker's containerd. By leveraging systemd's battle-tested process isolation, we achieve stronger security guarantees with a dramatically smaller footprint.
- Native systemd integration for process management
- Kernel namespace isolation (PID, network, mount, user)
- Seccomp syscall filtering and capability dropping
- No daemon required—containers are systemd units
ArmoredContainers
Our orchestration platform manages Voltainer containers across distributed infrastructure. Think of it as a simpler, more opinionated alternative to Kubernetes for teams that don't need the complexity.
- Declarative configuration with YAML manifests
- Built-in service discovery and load balancing
- Zero-downtime deployments with health checks
- Integrated secrets management
ArmoredForge
Convert existing Docker/OCI images to Voltainer format. ArmoredForge analyzes your images, strips unnecessary layers, and produces optimized artifacts that deploy faster and use less storage.
- Automatic layer deduplication
- Dead code elimination
- Security scanning during conversion
- Preserves runtime compatibility
The Difference
Traditional containers carry significant overhead. We built ArmoredGate to show there's a better way.
These aren't cherry-picked benchmarks—they're typical results for real-world workloads. Smaller images mean faster deploys, lower storage costs, and reduced attack surface.
Architecture Principles
Every design decision at ArmoredGate is guided by these principles:
- →Simplicity over features. We'd rather do fewer things well than everything poorly.
- →Security by default. The safest configuration should be the easiest one.
- →No magic. Everything should be inspectable and understandable.
- →Unix philosophy. Build on proven primitives, not reinvented wheels.