Upgrade to Pro — share decks privately, control downloads, hide ads and more …

GCRと脆弱性検査

Avatar for youyo youyo
October 15, 2018
Technology
0
200

 GCRと脆弱性検査

GCRと脆弱性検査
Avatar for youyo

youyo

October 15, 2018
Tweet

More Decks by youyo

See All by youyo
家の快適度を計測してみた
Avatar for youyo youyo
1
190
Get started AWS CDK
Avatar for youyo youyo
0
100
Tried to create a deployment pipeline of AutoML Vision.
Avatar for youyo youyo
0
73
API GatewayのWebSocket対応について
Avatar for youyo youyo
0
800
goodbye-ec2
Avatar for youyo youyo
0
660
それでも僕はzabbixと生きていく
Avatar for youyo youyo
1
470
About AWS Lambda and kintone
Avatar for youyo youyo
1
260
TerraformとWerckerとAWS Organizationsで始めるステージング・開発環境構築 / terraform-wercker-aws-organizations
Avatar for youyo youyo
1
34k
ServerlessのおさらいとIronFunctionsについて
Avatar for youyo youyo
0
440

Other Decks in Technology

See All in Technology
白金鉱業Meetup_Vol.18_生成AIはデータサイエンティストを代替するのか?
Avatar for BrainPad brainpadpr
4
240
Serverlessだからこそコードと設計にはこだわろう
Avatar for Ken'ichirou Kimura kenichirokimura
2
530
AIエージェント開発手法と業務導入のプラクティス
Avatar for Yoshinori Kosaka ykosaka
9
2.7k
Previewでもここまで追える! Azure AI Foundryで始めるLLMトレース
Avatar for Tomodo_ysys tomodo_ysys
2
430
MySQL Indexes and Histograms – How they really speed up your queries
Avatar for lefred lefred
0
150
OPENLOGI Company Profile for engineer
Avatar for OPENLOGI hr01
1
26k
Azure & DevSecOps
Avatar for KAMEGAWA Kazushi kkamegawa
2
160
正式リリースされた Semantic Kernel の Agent Framework 全部紹介!
Avatar for Kazuki okazuki
1
790
LINE 購物幕後推手
Avatar for LINE Developers Taiwan line_developers_tw
PRO
0
400
Computer Use〜OpenAIとAnthropicの比較と将来の展望〜
Avatar for PharmaX(旧YOJO Technologies)開発チーム pharma_x_tech
6
990
MySQL InnoDB Data Recovery - The Last Resort
Avatar for lefred lefred
0
110
LangfuseではじめるAIアプリのLLMトレーシング
Avatar for Tadashi Shigeoka codenote
0
120

Featured

See All Featured
Adopting Sorbet at Scale
Avatar for Ufuk Kayserilioglu ufuk
76
9.3k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
Avatar for Marc Duiker marcduiker
30
2k
4 Signs Your Business is Dying
Avatar for Josh Pigford shpigford
183
22k
Facilitating Awesome Meetings
Avatar for Lara Hogan lara
54
6.3k
The Language of Interfaces
Avatar for Des Traynor destraynor
158
25k
A Modern Web Designer's Workflow
Avatar for Chris Coyier chriscoyier
693
190k
The MySQL Ecosystem @ GitHub 2015
Avatar for Sam Lambert samlambert
251
12k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
329
24k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
Avatar for mongodb mongodb
45
9.5k
How GitHub (no longer) Works
Avatar for Zach Holman holman
314
140k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
129
19k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
46
14k

Transcript

  1. GCRと脆弱性検査

  2. GCR? Google Container Registory Dockerhubみたいなもの 脆弱性検査 Container Registry 脆弱性スキャン まだアルファ版

    ubuntu, debian, alpine https://cloud.google.com/container‑registry/docs/vulnerability‑ scanning?authuser=0&hl=ja

  3. FROM debian LABEL maintainer "youyo <[email protected]>" RUN apt update -y

    RUN apt install apache2 -y EXPOSE 80/TCP ENTRYPOINT ["apachectl","-k","start","-D","FOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:latest . $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:latest
  4. None

  5. FROM alpine LABEL maintainer "youyo <[email protected]>" RUN apk add --update

    apache2 RUN mkdir /run/apache2 EXPOSE 80/TCP ENTRYPOINT ["httpd", "-DFOREGROUND"] $ docker build -t ¥ asia.gcr.io/any-applications/httpd:alpine alpine/ $ gcloud auth configure-docker $ docker push asia.gcr.io/any-applications/httpd:alpine
  6. None

  7. まとめ コンテナイメージも脆弱性検査をする時代 最適化されたベースイメージを使用するだけで脆弱性を減らせる https://github.com/GoogleContainerTools/distroless たぶんそんなにお金かからないし, とりあえず始めてみよう