search

bowei / k8s-custom-iptables

How to add custom iptables rules to a Kubernetes cluster
Apache License 2.0
59 stars 34 forks source link

Update docker image in gcr repo to mitigate CVE-2019-5021 #10

Open YngveMolnes opened 5 years ago

YngveMolnes commented 5 years ago

https://www.alpinelinux.org/posts/Docker-image-vulnerability-CVE-2019-5021.html

I can find this in an instace of the image I run in a cluster.

⇒  kubectl exec -it k8s-custom-iptables-xxx /bin/sh
/ # cat /etc/shadow | grep root
root:::0:::::
daaain commented 4 years ago

In case anyone wants to use an updated image from their own repo, the REGISTRY variable assignment in the Makefile should be ?= instead of = as this way you'll try to push to Google's repo and will end up losing a few hours of your life like I just did 🤦