Clair镜像扫描社区版持续探索
Posted ericnie
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Clair镜像扫描社区版持续探索相关的知识,希望对你有一定的参考价值。
Clair地址
https://github.com/quay/clair/blob/master/Documentation/running-clair.md
claricli地址
https://github.com/joelee2012/claircli
-
安装配置
mkdir $PWD/clair_config curl -L https://raw.githubusercontent.com/coreos/clair/master/config.yaml.sample -o $PWD/clair_config/config.yaml docker run -d -e POSTGRES_PASSWORD="" -p 5432:5432 postgres docker run --net=host -d -p 6060-6061:6060-6061 -v $PWD/clair_config:/config quay.io/coreos/clair:latest -config=/config/config.yaml
启动后clair会下载漏洞库然后放到postgres数据库中。需要等待一段时间,fetching结束
[root@mirror ~]# docker logs -f 0a4aa93eb96b {"Event":"running database migrations","Level":"info","Location":"pgsql.go:216","Time":"2020-01-27 07:48:23.835691"} {"Event":"database migration ran successfully","Level":"info","Location":"pgsql.go:223","Time":"2020-01-27 07:48:23.840739"} {"Event":"notifier service is disabled","Level":"info","Location":"notifier.go:77","Time":"2020-01-27 07:48:23.840913"} {"Event":"starting main API","Level":"info","Location":"api.go:52","Time":"2020-01-27 07:48:23.840946","port":6060} {"Event":"starting health API","Level":"info","Location":"api.go:85","Time":"2020-01-27 07:48:23.841310","port":6061} {"Event":"updater service started","Level":"info","Location":"updater.go:83","Time":"2020-01-27 07:48:23.841383","lock identifier":"07fb180b-49f7-4f40-80ca-013b6587807a"} {"Event":"Handled HTTP request","Level":"info","Location":"router.go:57","Time":"2020-01-27 07:50:09.745914","elapsed time":361665425,"method":"DELETE","remote addr":"192.168.56.108:56760","request uri":"/v1/layers/sha256:bc9ab73e5b14b9fbd3687a4d8c1f1360533d6ee9ffc3f5ecc6630794b40257b7","status":"404"} {"Event":"failed to write response","Level":"warning","Location":"routes.go:94","Time":"2020-01-27 07:54:46.354907","error":"http: Handler timeout"} {"Event":"Handled HTTP request","Level":"info","Location":"router.go:57","Time":"2020-01-27 07:54:46.354942","elapsed time":276604498860,"method":"POST","remote addr":"192.168.56.108:56762","request uri":"/v1/layers","status":"201"} {"Event":"updating vulnerabilities","Level":"info","Location":"updater.go:192","Time":"2020-01-27 07:55:54.897757"} {"Event":"fetching vulnerability updates","Level":"info","Location":"updater.go:239","Time":"2020-01-27 07:55:54.897791"} {"Event":"Start fetching vulnerabilities","Level":"info","Location":"ubuntu.go:85","Time":"2020-01-27 07:55:54.897816","package":"Ubuntu"} {"Event":"Start fetching vulnerabilities","Level":"info","Location":"alpine.go:52","Time":"2020-01-27 07:55:54.921575","package":"Alpine"} {"Event":"Start fetching vulnerabilities","Level":"info","Location":"debian.go:63","Time":"2020-01-27 07:55:54.943595","package":"Debian"} {"Event":"Start fetching vulnerabilities","Level":"info","Location":"oracle.go:119","Time":"2020-01-27 07:55:54.944000","package":"Oracle Linux"} {"Event":"Start fetching vulnerabilities","Level":"info","Location":"rhel.go:92","Time":"2020-01-27 07:55:54.944082","package":"RHEL"} {"Event":"finished fetching","Level":"info","Location":"updater.go:253","Time":"2020-01-27 07:56:25.455733","updater name":"alpine"} {"Event":"finished fetching","Level":"info","Location":"updater.go:253","Time":"2020-01-27 07:57:55.854087","updater name":"rhel"} {"Event":"could not unmarshal Debian‘s JSON","Level":"error","Location":"debian.go:115","Time":"2020-01-27 08:01:06.093947","error":"read tcp 10.0.3.15:34708-u003e23.111.9.35:443: read: connection reset by peer"} {"Event":"an error occured when fetching update","Level":"error","Location":"updater.go:246","Time":"2020-01-27 08:01:06.094057","error":"updater/fetchers: could not parse","updater name":"debian"}
-
安装claircli
curl "https://bootstrap.pypa.io/get-pip.py" -o "get-pip.py" python get-pip.py pip install claircli
-
扫描
[root@mirror images]# claircli -c http://mirror.redhat.ren:6060 docker.io/debian:9.5 2020-01-27 15:28:12,685|INFO|*****************************1****************************** 2020-01-27 15:28:12,686|INFO|Analyzing <Image: docker.io/debian:9.5> 2020-01-27 15:28:17,951|INFO|Push layer [1/1]: sha256:bc9ab73e5b14b9fbd3687a4d8c1f1360533d6ee9ffc3f5ecc6630794b40257b7 2020-01-27 15:28:47,134|INFO|Fetch vulnerabilities for <Image: docker.io/debian:9.5> 2020-01-27 15:28:47,207|INFO|Defcon1 : 0 2020-01-27 15:28:47,207|INFO|Critical : 0 2020-01-27 15:28:47,208|INFO|High : 0 2020-01-27 15:28:47,208|INFO|Medium : 0 2020-01-27 15:28:47,208|WARNING|Low : 26 2020-01-27 15:28:47,208|WARNING|Negligible : 42 2020-01-27 15:28:47,208|WARNING|Unknown : 30 2020-01-27 15:28:47,208|INFO|Generate html report for docker.io/debian:9.5 2020-01-27 15:28:47,265|INFO|Location: /root/images/clair-docker.io_debian_9.5.html 2020-01-27 15:28:47,265|INFO|============================================================ 2020-01-27 15:28:47,265|INFO| CLAIR ANALYSIS REPORTS: (1) IN TOTAL 2020-01-27 15:28:47,265|INFO|============================================================ 2020-01-27 15:28:47,266|ERROR|IMAGES WITH DETECTED VULNERABILITIES (1) 2020-01-27 15:28:47,266|ERROR|docker.io/debian:9.5
会在当前目录生成一个html文件,打开文件是一个报告。
扫描私有镜像库和离线包暂时还有点问题,需要继续研究。
以上是关于Clair镜像扫描社区版持续探索的主要内容,如果未能解决你的问题,请参考以下文章