https://access.redhat.com/solutions/3526791
We have good performance with our PostgreSQL on RDS even with the huge amount of images we deal with on Quay.io. We have two Clair stacks, one if dedicated to analyze images and run vulnerability updates, the another one to respond to the vulnerability queries. Two Clair instances improved our performances a lot because the analysis takes a lot of CPU time due to unarchiving the image tarballs. It is configurable in config lines
SECURITY_SCANNER_ENDPOINT is for the regular queries (such as asking for vulnerabilities) and SECURITY_SCANNER_ENDPOINT_BATCH is for analysis
This should give you a huge improvement if users push a lot.
Comments
0 comments
Please sign in to leave a comment.