Hi Deepika,

I am working on a project where I need storage for my kubernetes pods.
I am looking to get the storage from ceph cluster.
ceph is very nice tool for completing most of the storage requirements.

but, I am in doubt to proceed ahead as I found that ceph is “vulnerable”.
I tried to setup cluster with cephadm tool as well as ceph-ansible tool as well. After then that I also tried ceph with rook as well.
the image that’s available on docker hub (ceph/ceph) that doesn’t having any Dockerfile.
I scanned the ceph:v15.xx image with “trivy”, and its generated report with some vulnerability (with HIGH , CRITICAL ).

I am interested to get any ceph image that is not vulnerable.
please let me know if any image is available or any process that I have to follow for getting ceph image that is not vulnerable.

For your reference I have attached generated trivy report for ceph. Kindly have a look on them

Thank You and Regards,

Mona Minor