registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3 linux/amd64

registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3 - 国内下载镜像源浏览次数:480

安全受验证的发布者-Kubernetes

该镜像 registry.k8s.io/ingress-nginx/controller-chroot 是用于 Kubernetes 集群的 Nginx Ingress 控制器的一个版本。它与标准的 Ingress Nginx 控制器镜像有所不同，主要区别在于使用了 chroot 技术。

chroot 技术能够创建一个隔离的环境，将 Nginx 进程限制在一个虚拟的根目录下运行。这增强了安全性，减少了潜在的攻击面，因为即使 Nginx 进程被攻破，攻击者也无法访问主机系统上的其他文件和资源。

因此，这个镜像提供了一个更安全可靠的方式来部署 Nginx Ingress 控制器，特别是在安全性要求较高的环境中。

源镜像	registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3
国内镜像	swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3
镜像ID	sha256:362adbe6e5a848e844d2ece3c4ca42c20cddfcfec479db8cc84c3f43e7407fb1
镜像TAG	v1.11.3
大小	308.50MB
镜像源	registry.k8s.io
CMD	/nginx-ingress-controller
启动入口	/usr/bin/dumb-init --
工作目录	/chroot/etc/nginx
OS/平台	linux/amd64
浏览量	480 次
贡献者
镜像创建	2024-10-08T05:37:40.947187705Z
同步时间	2024-11-22 09:36

开放端口

443/tcp 80/tcp

环境变量

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/luajit/bin:/usr/local/nginx/sbin:/usr/local/nginx/bin LUA_PATH=/usr/local/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/lib/lua/?.lua;; LUA_CPATH=/usr/local/lib/lua/?/?.so;/usr/local/lib/lua/?.so;;

镜像标签

900a4a22-538e-4b3f-ae8b-6a2193191cc1: build_id https://kubernetes.github.io/ingress-nginx/: org.opencontainers.image.documentation Apache-2.0: org.opencontainers.image.licenses 0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a: org.opencontainers.image.revision https://github.com/kubernetes/ingress-nginx: org.opencontainers.image.source NGINX Ingress Controller for Kubernetes: org.opencontainers.image.title The Kubernetes Authors: org.opencontainers.image.vendor v1.11.3: org.opencontainers.image.version

镜像安全扫描查看Trivy扫描报告

系统OS: alpine 3.20.3 扫描引擎: Trivy 扫描时间: 2024-11-22 09:38

低危漏洞:3

中危漏洞:0

高危漏洞:0

严重漏洞:0

registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3 (alpine 3.20.3) (alpine)

dbg (gobinary)

nginx-ingress-controller (gobinary)

wait-shutdown (gobinary)

Chatgpt|Claude一站式支持平台提供先进的AI镜像服务，助你在国内优雅的使用Chatgpt和Claude等AI服务

无权限下载?点我修复生成Docker Run命令生成Kubernetes YAML资源

Docker拉取命令

docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3
docker tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3  registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3

Containerd拉取命令

ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3
ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3  registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3

Shell快速替换命令

sed -i 's#registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3#swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3#' deployment.yaml

Ansible快速分发-Docker

#ansible k8s -m shell -a 'docker pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3 && docker tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3  registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3'

Ansible快速分发-Containerd

#ansible k8s -m shell -a 'ctr images pull swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3 && ctr images tag  swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3  registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3'

镜像构建历史


# 2024-10-08 13:37:40  0.00B 设置默认要执行的命令
CMD ["/nginx-ingress-controller"]
                        
# 2024-10-08 13:37:40  0.00B 配置容器启动时运行的命令
ENTRYPOINT ["/usr/bin/dumb-init" "--"]
                        
# 2024-10-08 13:37:40  0.00B 声明容器运行时监听的端口
EXPOSE map[443/tcp:{} 80/tcp:{}]
                        
# 2024-10-08 13:37:40  0.00B 指定运行容器时使用的用户
USER www-data
                        
# 2024-10-08 13:37:40  14.00B 执行命令并创建新的镜像层
RUN |4 TARGETARCH=amd64 VERSION=v1.11.3 COMMIT_SHA=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a BUILD_ID=900a4a22-538e-4b3f-ae8b-6a2193191cc1 /bin/sh -c mkdir -p /chroot/modules_mount   && mkdir -p modules_mount   && ln -s /modules_mount /chroot/modules_mount # buildkit
                        
# 2024-10-08 13:37:40  86.00B 执行命令并创建新的镜像层
RUN |4 TARGETARCH=amd64 VERSION=v1.11.3 COMMIT_SHA=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a BUILD_ID=900a4a22-538e-4b3f-ae8b-6a2193191cc1 /bin/sh -c ln -sf /chroot/etc/nginx /etc/nginx   && ln -sf /chroot/tmp/nginx /tmp/nginx   && ln -sf /chroot/etc/ingress-controller /etc/ingress-controller   && ln -sf /chroot/var/log/nginx /var/log/nginx   && touch /chroot/var/log/nginx/access.log   && chown www-data:www-data /chroot/var/log/nginx/access.log   && echo "" > /chroot/etc/resolv.conf   && chown -R www-data.www-data /chroot/var/log/nginx /chroot/etc/resolv.conf   && mknod -m 0666 /chroot/dev/null c 1 3   && mknod -m 0666 /chroot/dev/random c 1 8   && mknod -m 0666 /chroot/dev/urandom c 1 9   && mknod -m 0666 /chroot/dev/full c 1 7   && mknod -m 0666 /chroot/dev/ptmx c 5 2   && mknod -m 0666 /chroot/dev/zero c 1 5   && mknod -m 0666 /chroot/dev/tty c 5 0 # buildkit
                        
# 2024-10-08 13:37:40  63.76MB 执行命令并创建新的镜像层
RUN |4 TARGETARCH=amd64 VERSION=v1.11.3 COMMIT_SHA=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a BUILD_ID=900a4a22-538e-4b3f-ae8b-6a2193191cc1 /bin/sh -c apk add --no-cache libcap   && setcap    cap_sys_chroot,cap_net_bind_service=+ep /nginx-ingress-controller   && setcap -v cap_sys_chroot,cap_net_bind_service=+ep /nginx-ingress-controller   && setcap    cap_sys_chroot,cap_net_bind_service=+ep /usr/bin/unshare   && setcap -v cap_sys_chroot,cap_net_bind_service=+ep /usr/bin/unshare   && setcap    cap_net_bind_service=+ep /chroot/usr/local/nginx/sbin/nginx   && setcap -v cap_net_bind_service=+ep /chroot/usr/local/nginx/sbin/nginx   && setcap    cap_sys_chroot,cap_net_bind_service=+ep /usr/bin/dumb-init   && setcap -v cap_sys_chroot,cap_net_bind_service=+ep /usr/bin/dumb-init   && apk del libcap # buildkit
                        
# 2024-10-08 13:37:35  67.00B 执行命令并创建新的镜像层
RUN |4 TARGETARCH=amd64 VERSION=v1.11.3 COMMIT_SHA=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a BUILD_ID=900a4a22-538e-4b3f-ae8b-6a2193191cc1 /bin/sh -c bash -xeu -c '   writeDirs=(     /var/log   );   for dir in "${writeDirs[@]}"; do     mkdir -p ${dir};     chown -R www-data.www-data ${dir};   done'   && echo "/lib:/usr/lib:/usr/local/lib:/modules_mount/etc/nginx/modules/otel" > /chroot/etc/ld-musl-x86_64.path # buildkit
                        
# 2024-10-08 13:37:35  0.00B 设置工作目录为/chroot/etc/nginx
WORKDIR /chroot/etc/nginx
                        
# 2024-10-08 13:37:35  685.00B 复制新文件或目录到容器中
COPY --chown=www-data:www-data nginx-chroot-wrapper.sh /usr/bin/nginx # buildkit
                        
# 2024-10-08 13:37:35  3.20MB 复制新文件或目录到容器中
COPY --chown=www-data:www-data bin/amd64/wait-shutdown / # buildkit
                        
# 2024-10-08 13:37:35  50.14MB 复制新文件或目录到容器中
COPY --chown=www-data:www-data bin/amd64/nginx-ingress-controller / # buildkit
                        
# 2024-10-08 13:37:34  7.36MB 复制新文件或目录到容器中
COPY --chown=www-data:www-data bin/amd64/dbg / # buildkit
                        
# 2024-10-08 13:37:34  276.55KB 复制新文件或目录到容器中
COPY --chown=www-data:www-data etc /chroot/etc # buildkit
                        
# 2024-10-08 13:37:34  162.45MB 复制新文件或目录到容器中
COPY /chroot /chroot # buildkit
                        
# 2024-10-08 13:37:33  13.52MB 执行命令并创建新的镜像层
RUN |4 TARGETARCH=amd64 VERSION=v1.11.3 COMMIT_SHA=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a BUILD_ID=900a4a22-538e-4b3f-ae8b-6a2193191cc1 /bin/sh -c apk update   && apk upgrade   && apk add -U --no-cache      bash      openssl      ca-certificates      dumb-init      tzdata      diffutils      util-linux   && ln -s /usr/local/nginx/sbin/nginx /sbin/nginx   && adduser -S -D -H -u 101 -h /usr/local/nginx     -s /sbin/nologin -G www-data -g www-data www-data # buildkit
                        
# 2024-10-08 13:37:33  0.00B 设置环境变量 PATH
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/luajit/bin:/usr/local/nginx/sbin:/usr/local/nginx/bin
                        
# 2024-10-08 13:37:33  0.00B 设置环境变量 LUA_CPATH
ENV LUA_CPATH=/usr/local/lib/lua/?/?.so;/usr/local/lib/lua/?.so;;
                        
# 2024-10-08 13:37:33  0.00B 设置环境变量 LUA_PATH
ENV LUA_PATH=/usr/local/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/lib/lua/?.lua;;
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL build_id=900a4a22-538e-4b3f-ae8b-6a2193191cc1
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.revision=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.version=v1.11.3
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.licenses=Apache-2.0
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.vendor=The Kubernetes Authors
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.source=https://github.com/kubernetes/ingress-nginx
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.documentation=https://kubernetes.github.io/ingress-nginx/
                        
# 2024-10-08 13:37:33  0.00B 添加元数据标签
LABEL org.opencontainers.image.title=NGINX Ingress Controller for Kubernetes
                        
# 2024-10-08 13:37:33  0.00B 定义构建参数
ARG BUILD_ID=900a4a22-538e-4b3f-ae8b-6a2193191cc1
                        
# 2024-10-08 13:37:33  0.00B 定义构建参数
ARG COMMIT_SHA=0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a
                        
# 2024-10-08 13:37:33  0.00B 定义构建参数
ARG VERSION=v1.11.3
                        
# 2024-10-08 13:37:33  0.00B 定义构建参数
ARG TARGETARCH=amd64
                        
# 2024-09-07 06:20:07  0.00B 
/bin/sh -c #(nop)  CMD ["/bin/sh"]
                        
# 2024-09-07 06:20:07  7.80MB 
/bin/sh -c #(nop) ADD file:5758b97d8301c84a204a6e516241275d785a7cade40b2fb99f01fe122482e283 in /

镜像信息

{
    "Id": "sha256:362adbe6e5a848e844d2ece3c4ca42c20cddfcfec479db8cc84c3f43e7407fb1",
    "RepoTags": [
        "registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3",
        "swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3"
    ],
    "RepoDigests": [
        "registry.k8s.io/ingress-nginx/controller-chroot@sha256:22701f0fc0f2dd209ef782f4e281bfe2d8cccd50ededa00aec88e0cdbe7edd14",
        "swr.cn-north-4.myhuaweicloud.com/ddn-k8s/registry.k8s.io/ingress-nginx/controller-chroot@sha256:ae313a254f05a9698c4ab185c33ed5ab8058cfce2f558ffd1b0ecab69bdf5421"
    ],
    "Parent": "",
    "Comment": "buildkit.dockerfile.v0",
    "Created": "2024-10-08T05:37:40.947187705Z",
    "Container": "",
    "ContainerConfig": null,
    "DockerVersion": "",
    "Author": "",
    "Config": {
        "Hostname": "",
        "Domainname": "",
        "User": "www-data",
        "AttachStdin": false,
        "AttachStdout": false,
        "AttachStderr": false,
        "ExposedPorts": {
            "443/tcp": {},
            "80/tcp": {}
        },
        "Tty": false,
        "OpenStdin": false,
        "StdinOnce": false,
        "Env": [
            "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/luajit/bin:/usr/local/nginx/sbin:/usr/local/nginx/bin",
            "LUA_PATH=/usr/local/share/luajit-2.1.0-beta3/?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/lib/lua/?.lua;;",
            "LUA_CPATH=/usr/local/lib/lua/?/?.so;/usr/local/lib/lua/?.so;;"
        ],
        "Cmd": [
            "/nginx-ingress-controller"
        ],
        "ArgsEscaped": true,
        "Image": "",
        "Volumes": null,
        "WorkingDir": "/chroot/etc/nginx",
        "Entrypoint": [
            "/usr/bin/dumb-init",
            "--"
        ],
        "OnBuild": null,
        "Labels": {
            "build_id": "900a4a22-538e-4b3f-ae8b-6a2193191cc1",
            "org.opencontainers.image.documentation": "https://kubernetes.github.io/ingress-nginx/",
            "org.opencontainers.image.licenses": "Apache-2.0",
            "org.opencontainers.image.revision": "0106de65cfccb74405a6dfa7d9daffc6f0a6ef1a",
            "org.opencontainers.image.source": "https://github.com/kubernetes/ingress-nginx",
            "org.opencontainers.image.title": "NGINX Ingress Controller for Kubernetes",
            "org.opencontainers.image.vendor": "The Kubernetes Authors",
            "org.opencontainers.image.version": "v1.11.3"
        }
    },
    "Architecture": "amd64",
    "Os": "linux",
    "Size": 308497787,
    "GraphDriver": {
        "Data": {
            "LowerDir": "/var/lib/docker/overlay2/c84149b41c5ff6cdcb5a963978fff0a6259e475e46eec094531d22ed3f281da1/diff:/var/lib/docker/overlay2/5f322530f24bfe56fb69cd64a6db1dbd0809f151b29d69f690607ee5a51e4e4c/diff:/var/lib/docker/overlay2/a7b7c291ef880aed1cfd0b44cbfc255ce43be52de23b9be7cbd6ad2b57abf41e/diff:/var/lib/docker/overlay2/521840cf2eabcee8e8c555fade791503c48de8386613887439a875efcd4da15f/diff:/var/lib/docker/overlay2/a4602cdc76db9b39e1969fbff01dd772e878a9ecba52fcb1b372387f7ea673c8/diff:/var/lib/docker/overlay2/459dea7faa3571a016f5448197c6ad9da919f6a60c05666d59a93cebc75800f9/diff:/var/lib/docker/overlay2/e815040312fa06366b6fadaaaa4b6f70a7ba70be8a23ac4cce238d9082e70e64/diff:/var/lib/docker/overlay2/f9d871544c1408ec390024df5a3b398393fc531e2ec1e530cd05536ea0ca8e1f/diff:/var/lib/docker/overlay2/7f21ba71dfd81e7486cb8c3db23334e508fc90d5fba1332f9363d44956048e1c/diff:/var/lib/docker/overlay2/9e6c77898f51fab922a0fdff62dee272a8019f0099892b5e56c6faf91dbeaec1/diff:/var/lib/docker/overlay2/614fa96f9ba14d3521033ea1b5d491f3170d4ea6846dadefc6629fb3bfb1732b/diff:/var/lib/docker/overlay2/56dbc2212cbc9b991b1a93a72a8c08a3a8460c06576fe4f3267009446334aa65/diff",
            "MergedDir": "/var/lib/docker/overlay2/839967210ec57a255a645192c29e499e0612a40bf794f936133e10f6f46f0d2e/merged",
            "UpperDir": "/var/lib/docker/overlay2/839967210ec57a255a645192c29e499e0612a40bf794f936133e10f6f46f0d2e/diff",
            "WorkDir": "/var/lib/docker/overlay2/839967210ec57a255a645192c29e499e0612a40bf794f936133e10f6f46f0d2e/work"
        },
        "Name": "overlay2"
    },
    "RootFS": {
        "Type": "layers",
        "Layers": [
            "sha256:63ca1fbb43ae5034640e5e6cb3e083e05c290072c5366fcaa9d62435a4cced85",
            "sha256:f48a67db47fc5b361cd96f0986d14759c05b76c84d375a00d604ecbcb9317e81",
            "sha256:370daa6bd607dd779c9618bb6bce8e806cdf93871dbd3eb3d9adff0395cb1334",
            "sha256:8f1a54c858ac5bf60fc84d0fe3e4cf56ccd6efdef4d08fa991edf1bcdb32717d",
            "sha256:5d744606e00aeb21da76db6e1e6cb2e45cc162a728b7dab2e0200e6c0a14b3ca",
            "sha256:ae39e9b4c20cf35b86913e52dac2916a6c4270c007840696e93825a2c1aef320",
            "sha256:a4eedd2ec731b1d71d86b476e2165ff6f73c38967a4e2d841cb0e27a897b74f6",
            "sha256:cb97b3dc46ae6f84cb0e7d32bf6c8e7ff048aa58db0111f78894489034ece66a",
            "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef",
            "sha256:0de407993cdae57107e79e22da7750ec45194b0366d95c703b1cf61e7ff92d86",
            "sha256:22249f95e3ad7697ae2031ae86b19126b4f7142e2ec7f4bdc8ba82a199740fd1",
            "sha256:9eddc4fa8c00009bbd11476afecb22a844a270da0029a9db97d74f6d304d9165",
            "sha256:dfeb5b0390fbb805cbb38c5bb3981172f62bca5e97aa2270c74bb2a5b19444e8"
        ]
    },
    "Metadata": {
        "LastTagTime": "2024-11-22T09:36:45.803997156+08:00"
    }
}

更多版本

registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3

linux/amd64 registry.k8s.io308.50MB2024-11-22 09:36

479

registry.k8s.io/ingress-nginx/controller-chroot:v1.12.0-beta.0

linux/amd64 registry.k8s.io308.34MB2024-12-05 01:12

454

registry.k8s.io/ingress-nginx/controller-chroot:v1.12.1

linux/amd64 registry.k8s.io315.65MB2025-04-22 14:58

428

registry.k8s.io/ingress-nginx/controller-chroot:v1.11.3 linux/amd64

镜像安全扫描 查看Trivy扫描报告

镜像安全扫描查看Trivy扫描报告