Image management is the core of any infrastructure. As a service provider or a consumer of infrastructure, one needs a guarantee of the integrity of the image being used and ensure it is free from vulnerabilities. In situations of hybrid infrastructure, it is challenging to ensure the security and compliance policies are met uniformly across VMs, containers, and bare-metal images. Also, with growing workload needs of the hybrid environment, there’s a need for pre-baked application ready images to reduce provisioning time.
As a solution to above challenges, we will demonstrate a framework, capable of creating pre-packaged application images for containers, bare-metal, and VMs along with scanning them for CVE’s.
- Building pre-packaged application ready images using packer and linuxkit for bare-metal, vms and containers.
- Understanding benefits of centralized image lifecycle management for hybrid infrastructure.
- Integration of OpenSCAP with image building tools to scan for common vulnerabilities and exposure.