Fwd: how to fix ceph vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





---------- Forwarded message ---------
From: Minor, Mona <Mona.Minor@xxxxxxxxxx>
Date: Tue, Dec 29, 2020 at 8:15 PM
Subject: how to fix ceph vulnerability
To: dupadhya@xxxxxxxxxx <dupadhya@xxxxxxxxxx>


Hi Deepika,

I am working on a project where I need storage for my kubernetes pods.
I am looking to get the storage from ceph cluster.
ceph is very nice tool for completing most of the storage requirements.

but, I am in doubt to proceed ahead as I found that ceph is “vulnerable”.
I tried to setup cluster with cephadm tool as well as ceph-ansible tool as well. After then that I also tried ceph with rook as well.
the image that’s available on docker hub (ceph/ceph) that doesn’t having any Dockerfile.
I scanned the ceph:v15.xx image with “trivy”, and its generated report with some vulnerability (with HIGH , CRITICAL ).

I am interested to get any ceph image that is not vulnerable.
please let me know if any image is available or any process that I have to follow for getting ceph image that is not vulnerable.

For your reference I have attached generated trivy report for ceph. Kindly have a look on them

Thank You and Regards,

Mona Minor

 

Attachment: ceph-15.2-vul.log
Description: Binary data

_______________________________________________
Dev mailing list -- dev@xxxxxxx
To unsubscribe send an email to dev-leave@xxxxxxx

[Index of Archives]     [CEPH Users]     [Ceph Devel]     [Ceph Large]     [Information on CEPH]     [Linux BTRFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux