Extrem Secure Docker Image For Nginx — Kubernetets Hardening

  1. Inherit from a distroless image base
  2. Default user of image is not-root ( USER 1001)
  3. If the image expose a port, it must be above 1024 because ports under 1024 requires root.
  4. Files used by the main process must be owned by random user and root group (chown 1001:0)
  • docker.io/kyos0109/nginx-distroless : which focus only on the 1st way.
  • docker.io/nginxinc/docker-nginx-unprivileged: which focus on all ways except the first.
docker pull abdennour/nginx-distroless-unprivileged:1.18

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Abdennour Toumi

Abdennour Toumi

Software engineer, Cloud Architect, 5/5 AWS|GCP|PSM Certified, Owner of kubernetes.tn