+1 for distroless.
On Mon, Feb 1, 2021 at 3:03 PM Bjoern Rabenstein wrote:
> On 31.01.21 17:32, Ben Kochie wrote:
> > Another option is we could fully build our own busybox binary, with the
> > necessary fixes.
> >
> > I'm somewhat in favor of going distroless. With a large number of users
> > u
On 31.01.21 17:32, Ben Kochie wrote:
> Another option is we could fully build our own busybox binary, with the
> necessary fixes.
>
> I'm somewhat in favor of going distroless. With a large number of users
> using our container images in Kubernetes, it's less necessary to include
> busybox, as the
Proposal #4 also contains:
gcr.io/distroless/static:
ca-certificates
A /etc/passwd entry for a root user
A /tmp directory
tzdata
If exporters require cgo, there is also a version with:
gcr.io/distroless/base:
glibc
libssl
openssl
On 31 Jan 17:32, Ben Kochie wrote:
>
That's proposal #4.
On Sun, Jan 31, 2021 at 5:31 PM Gabriel Cavalcante <
gabriel.cavalcant...@gmail.com> wrote:
> Is it possible to use the scratch image with Prometheus binary inside
> only? That would reduce the surface entirely.
>
> On Sun, 31 Jan 2021 at 13:26 Julien Pivotto
> wrote:
>
>> He
Another option is we could fully build our own busybox binary, with the
necessary fixes.
I'm somewhat in favor of going distroless. With a large number of users
using our container images in Kubernetes, it's less necessary to include
busybox, as they can attach userspace sidecar containers.
On Su
Is it possible to use the scratch image with Prometheus binary inside only?
That would reduce the surface entirely.
On Sun, 31 Jan 2021 at 13:26 Julien Pivotto
wrote:
> Hello,
>
> From time to time we get users reporting that the docker image we use to
> build Prometheus contain a Busybox vulner
Hello,
>From time to time we get users reporting that the docker image we use to
build Prometheus contain a Busybox vulnerability:
https://github.com/prometheus/node_exporter/issues/1937
https://github.com/prometheus/prometheus/issues/8277
https://github.com/prometheus/prometheus/issues/7794
We
7 matches
Mail list logo
