Anyone have any experience paying a vendor for bas...
# kubernetesj
Joey Jensen
10/23/2025, 12:07 AMAnyone have any experience paying a vendor for base images with security fixes? We are looking at paying a vendor to provide us with base images. Basically to limit the security issues, but also because the internal base images aren't updated.
a
Andrew Kirkpatrick
10/23/2025, 1:11 PMYou can say MinIO if it's MinIO 😉 https://github.com/minio/minio/issues/21647#issuecomment-3418675115
j
Joey Jensen
10/23/2025, 1:56 PMActually not minio!
a
Andrew Kirkpatrick
10/23/2025, 1:57 PMOh interesting! Figured with the timing it might've been. Unfortunately I've not paid for support in this way, but following along to hear from anyone that has (as it's got to be tricky if you're stuck in a situation where you can't easily/quickly migrate)
s
Scott Rosenberg
11/04/2025, 5:56 AMI know of many companies that have gone with bitnamis enterprise version which does this. You also have chainguard who make amazing images
👍 2
r
Robert Glowacz
11/04/2025, 2:12 PMr
Ramiro Berrelleza
11/06/2025, 10:09 PMDocker also has a similar service -> https://www.docker.com/products/hardened-images
Ramiro Berrelleza
11/06/2025, 10:11 PMWe looked into it, and it's pricey (we got quotes on the 30-50K a year). However, it's also a big time saver, so it's important to consider that. I'd say, that if one person is spending more than a day or two on this a month (including monitoring and patching) then it's worth it.
r
Robert Glowacz
11/07/2025, 7:36 AMyeah but the docker images are full of CVEs and not really built from source. they are ok if you have low-medium security requirements, but anything else will show up in your security scanners
r
Ramiro Berrelleza
11/10/2025, 3:00 AMah interesting. are you using a vendor for images @Robert Glowacz?
r
Robert Glowacz
11/14/2025, 2:34 PMI've been happy with chainguard, especially with their free drop in https://www.chainguard.dev/unchained/secure-and-free-minio-chainguard-containers