Redis is one of the most versatile and popular databases available, and today we’re announcing that Chainguard Images has added Redis 7 to our collection. Our Redis image is built on Wolfi, our Linux (un)distribution, making the images minimal, secure-by-default, and up-to-date. They’re also based on glibc, making them compatible with most other applications and extensions.
All Chainguard Images are hardened using most common industry benchmarks and frameworks, for Redis, this means we:
In addition to the standard scan/rebuild process, Chainguard builds all dependencies from source. This means we don’t have to wait for upstream patches to become available, we are the upstream. We can also mark CVEs that are not applicable in our images as invalid directly in our security database, which is automatically ingested by most major container scanning products.
The end result is a small, hardened container with fewer CVEs than the other options. The numbers speak for themselves – the Chainguard Redis image comes in at just 13.3MB, which is nearly a 71% average size reduction from most other Redis images available today.
In addition to size reduction, our Chainguard Image returns zero-known CVEs when compared with other Redis images.
To further put this into perspective, one of the scans we completed on a Redis image uncovered a total of 79 known vulnerabilities.
As always, the binaries in our Images are built from source and come with comprehensive and SBOMs from the start. These SBOMs contain the package metadata for everything in the Image and can be used for vulnerability scanning or license compliance. You can download the SBOMs for these containers with cosign:
If you want to see upwards of an 87% reduction in your Redis Image sizes with more security built in by default start using Chainguard’s Redis Image today at github.com/chainguard-images, or get started with our Redis image using documentation in Chainguard Academy. Chainguard Images are now available for Bazel, curl, Git, Go, Jenkins, Postgres, Ruby and more. If you’re interested in support contracts, SLAs for vulnerabilities, FIPS-enabled images, or support for custom images or older versions, please reach out.
We are always looking for ways to improve our end user experience. If you have feedback or would like to submit a support issue you can reach out to us directly or file it here.
Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.