Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container Image Infrastructure #39

Open
joshmue opened this issue Feb 26, 2021 · 4 comments
Open

Container Image Infrastructure #39

joshmue opened this issue Feb 26, 2021 · 4 comments

Comments

@joshmue
Copy link
Contributor

joshmue commented Feb 26, 2021

It should be ensured that the container images which are used in SCS, ...

  • are up to date
  • do not contain software with known vulnerabilities
  • do meet high quality standards

(Potential) Image sources include, but are most likely not limited to:

Dockerhub Official (Base) Images

Examples include: alpine, debian, ubuntu, mysql

Upstram managed images on DockerHub/Quay.io/...

Examples include: prom/prometheus

  • mileage will vary from one project to another

Red Hat Certified Base Images

  • I personally do not have a lot of experience with them
  • they seem very nicely curated and maintained
  • RHEL/OpenShift centric
  • To be determined: Relation to subscription model, OKD and S2I

SCS solution?

Being a "cloud distribution", SCS may have its own set of maintained images driven by the given goals.

  • Implementing own base images with patch process etc. (got some ideas there)
  • Security scanning (e. g. hosting a Harbor/Quay installation)
@garloff
Copy link
Contributor

garloff commented Mar 1, 2021

See also https://scs.sovereignit.de/nextcloud/s/g3iZS6y4srAJ3HX for a mindmap with various (VM/container) image metadata properties.

@joshmue
Copy link
Contributor Author

joshmue commented Mar 17, 2021

Another effort of curated images:

Bitnami Application Catalog

Examples include: bitnami/prometheus (https://github.com/bitnami/bitnami-docker-prometheus)

  • Maintained by Bitnami/VMware
  • Big collection of curated images
  • Based on custom bitnami debian base image
  • Automation of package updating and upstream tracking present
    • Implemented via Stacksmith (not open source as far as I understand)?
  • Relation to VMware Tanzu Application Catalog?

@garloff
Copy link
Contributor

garloff commented Apr 6, 2021

I've partnered with Bitnami in a previous life.
The charges turned out to be prohibitive.

@fkr
Copy link
Member

fkr commented Dec 23, 2021

@garloff if we want to keep this issue open, I'd suggest to move it to another repo (eg. Docs/?), since the rest of the Design-Docs have been merged over to Docs as well.

@fkr fkr transferred this issue from SovereignCloudStack/Design-Docs Jan 13, 2022
@tibeer tibeer mentioned this issue Apr 4, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fkr @garloff @joshmue