Skip to content

Trust Center 25.03.0 Image Inventory

This document describes each container image in use in the Trust Center version 25.03.0 deployment.

You can download this content as a PDF by clicking here.

Contents

Component List

Container Image Component
trust-center/trust-center-ctl Trust Center Init Job
library/busybox Busybox
ms_activity_log Activity Log Service
ms_authorization Authorization Service
trust-center/asset-mgmt Asset Management Service
trust-center/command Command Service
trust-center/endpoint-connector Endpoint Connector Service
trust-center/endpoint-registry Endpoint Registry Service
trust-center/endpoint-updater Endpoint Updater Service
trust-center/health Health Service
trust-center/ostree-sync OSTree Sync Service
trust-center/pki-adapter PKI Adapter Service
job_rotate_signing_key Rotate Signing Key Job
ms_secret_mgmt Secret Management Service
trust-center/trust-enforcement Trust Enforcement Service
trust-center/vault-unseal Vault Unseal Job
trust-center/docs-external-v1 External API Docs
hashicorp/vault Vault
library/redis Redis
oliver006/redis_exporter Redis Prometheus Exporter
confluentinc/cp-kafka Kafka
danielqsj/kafka-exporter Kafka Prometheus Exporter
library/mariadb MariaDB
library/mongo MongoDB
bitnami/mongodb-exporter MongoDB Prometheus Exporter
ingress-nginx/controller NGINX Ingress Controller
fluent/fluent-bit Fluent Bit
fluent/fluentd Fluentd
jetstack/cert-manager-cainjector cert-manager CA Injector
jetstack/cert-manager-controller cert-manager Controller
jetstack/cert-manager-webhook cert-manager Webhooks
## Verifying Container Images
First, copy the container registry password from global.images.password in your Trust Center's config.yaml.

Then, log into the container registry:

$ docker login docker.cloudsmith.io
Username: teradici/trust-center
Password: <Password>

(note: If using a beta release, use teradici/trust-center-beta instead)

Next, check the details for a specific container image in the remote registry:

$ docker buildx imagetools inspect <Image tag>
Name:      <Image tag>
MediaType: application/vnd.docker.distribution.manifest.v2+json
Digest:    sha256:002f688e9756d464d2064b526d4446306210198e8c8b234b36c9a8d5399b80d7

<Image tag> should be the full URI to the image, e.g.: docker.cloudsmith.io/teradici/trust-center/fluent/fluentd:v1.16-2

Now, pull the image to download it locally:

$ docker pull <Image tag>
[...]
$ docker inspect --format='{{index .RepoDigests 0}}' <Image tag>
<Image tag>@sha256:002f688e9756d464d2064b526d4446306210198e8c8b234b36c9a8d5399b80d7

The image sha256 hash should match between the remote container registry and the local copy. Additionally, the hash calculated here should match the image hash listed for each container image in these READMEs.

Component Details

Trust Center Init Job

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/trust-center-ctl
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:b2efc1157a4ea0feb8c18537b922bf21f946e0cb53ad1971a70d6a462d69d0aa

Description

Container which runs on initial installation and upgrade of the Trust Center. Initializes and upgrades Trust Center service configuration.

Back to overview

Busybox

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/library/busybox
Product Trust Center
Supplier Open Source
Version 1.36.1
Image Hash sha256:023917ec6a886d0e8e15f28fb543515a5fcd8d938edb091e8147db4efed388ee

Description

Used for various init containers preventing services from starting up before dependencies are ready.

We use the official Docker image for Busybox: https://hub.docker.com/_/busybox

Back to overview

Activity Log Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/ms_activity_log
Product Trust Center
Supplier HP Inc.
Version 0.0.768_84f4c1f
Image Hash sha256:67dea90c8be993dfc79ec697d89647d13474fcf3a0abed979638782ad598f7c9

Description

The Activity Log service handles events generated by Trust Center services, and exposes an API to query activity logs.

Back to overview

Authorization Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/ms_authorization
Product Trust Center
Supplier HP Inc.
Version 0.0.5559_fde52ff
Image Hash sha256:1f667811704697c58b9f98785b6f039a0dfbcd2bae35733abdc91a3f6611e093

Description

The Authorization service handles authentication and authorization for Trust Center API service accounts.

Back to overview

Asset Management Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/asset-mgmt
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:0b1d80810c435b5e3ab4bf2e602bedc9b491fdee446f37632a6db82f9d539019

Description

The Asset Management service enables storing and retrieving assets (such as support bundles, branding assets) within the Trust Center.

Back to overview

Command Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/command
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:45743bbbd2e471515be901112cbbc9736bdee937b6bb57ade21cccb7f09fb5b9

Description

The Command service enables sending commands to endpoints connected to the Trust Center and processing command status updates.

Back to overview

Endpoint Connector Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/endpoint-connector
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:d81a2da2016fff638685e2e24d737c6ef010b76c2603164c831a3bda36a0ebc3

Description

The Endpoint Connector service provides APIs which Trusted Zero Clients and other endpoints use to communicate with the Trust Center.

Back to overview

Endpoint Registry Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/endpoint-registry
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:d416949a06e0ff8984ba1cebedb3e9dc65758a78d1f69716af1378c486d09b4a

Description

The Endpoint Registry service maintains endpoint digital twins and provides APIs for management of endpoint configuration.

Back to overview

Endpoint Updater Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/endpoint-updater
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:03632a2b29b9c6aaa030f0c59dca3b10ac94d5021b7f2bb73cb6daadfb2586db

Description

The Endpoint Updater service is responsible for triggering OTA updates for connected endpoints when requested in endpoint configuration.

Back to overview

Health Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/health
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:42dc2ba1d4d6aa7e9c5b0a1e11f48549359186d663e1a07c42b2158d95560dfa

Description

The Health service provides API endpoints for Trust Center deployment health-checks.

Back to overview

OSTree Sync Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/ostree-sync
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:3d1f135e6bfdc26784ac36d10952f0f484b8565b1e271b6557b82f592295efe5

Description

The OSTree Sync service is responsible for storing Trusted Zero Client OTA update images and serving them to endpoints when requested.

Back to overview

PKI Adapter Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/pki-adapter
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:6590ca883905e7fd593223c5ac5d5908e9956ec4216a43b5d5b2ce9970bd59bc

Description

The PKI Adapter Service is responsible for for providing an interface for Trust Center services to request certificates and tokens generated by internal and external issuers.

Back to overview

Rotate Signing Key Job

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/job_rotate_signing_key
Product Trust Center
Supplier HP Inc.
Version 0.0.306_1fd114b
Image Hash sha256:2dd340a6ae9d7f6b9cb880aa3f3196cbbaf2c037b54480df0879dc234200e982

Description

The Rotate Signing Key job is used as a perodic CronJob in the Trust Center to rotate internal token signing keys.

Back to overview

Secret Management Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/ms_secret_mgmt
Product Trust Center
Supplier HP Inc.
Version 0.0.690_b709211
Image Hash sha256:ed8044a52a74886470b84ea3ddfba3762eef537fed16d6ef3e8568f99ae4370f

Description

The Secret Management service provides an interface for Trust Center services to access key/value secrets from internal (Vault) and external secret storage providers.

Back to overview

Trust Enforcement Service

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/trust-enforcement
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:21ba3bc68aebd76e4a0ef85fd6cafde54c14ff325663ad639933f38d2223af46

Description

The Trust Enforcement Service is responsible for facilitating policy evaluation and enforcement on endpoints connected to the Trust Center.

Back to overview

Vault Unseal Job

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/vault-unseal
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:8797c865fa259dab02f5b79d30fc43b7e806510c3f64113d3a11e78b41be12ca

Description

The Vault Unseal job is a CronJob used by the Trust Center to ensure the internal Vault instance (for on-prem deployments) is unsealed.

Back to overview

External API Docs

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/trust-center/docs-external-v1
Product Trust Center
Supplier HP Inc.
Version 25.03.0
Image Hash sha256:0b43981ec016021277aeaf82fbfc1d21002c70d83833464d6e86621dd6160d7c

Description

This container serves a copy of the External API documentation corresponding to this version of the Trust Center.

Back to overview

Vault

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/hashicorp/vault
Product Hashicorp Vault
Supplier Hashicorp
Version 1.18.2
Image Hash sha256:0d40cc366fd251520002c170f3f3c9a89e935d303313ed2f36cbc58fd3a530ef

Description

Hashicorp Vault is a third party component deployed with the Trust Center in on-premises deplyoments to securely store deployment secrets.

We use the official Docker image for Hashicorp Vault: https://hub.docker.com/r/hashicorp/vault

Back to overview

Redis

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/library/redis
Product Redis
Supplier Redis Ltd.
Version 7.4.1-alpine
Image Hash sha256:7438ca8459132b9fe507a95fe6838fecd7c55f8611ed835742a014d7a92618e4

Description

Redis is a third-party component deployed with the Trust Center to function as an in-memory cache.

We use the official Docker image for Redis: https://hub.docker.com/_/redis

Back to overview

Redis Prometheus Exporter

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/oliver006/redis_exporter
Product Redis
Supplier Open Source - Oliver006
Version v1.66.0-alpine
Image Hash sha256:617b1e5b51498d0e98d0b2e55abfe45a017dd0d08c37ca88e3c973c0d77fa47b

Description

Small third-party component used to export Prometheus metrics from Redis.

Uses mirrored Docker Hub image: https://hub.docker.com/r/oliver006/redis_exporter

Back to overview

Kafka

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/confluentinc/cp-kafka
Product Kafka
Supplier Confluent Inc.
Version 7.7.1
Image Hash sha256:a21737d09496a8b9bb38b995ab021e94e952259a5a2756ee22cef1cc84f5d9fe

Description

Kafka is deployed as part of the Trust Center to handle message queueing.

We use the Kafka Docker image (Community Version) maintained by Confluent Inc.: https://hub.docker.com/r/confluentinc/cp-kafka/

Back to overview

Kafka Prometheus Exporter

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/danielqsj/kafka-exporter
Product Kafka
Supplier Open Source - Daniel Qian
Version v1.8.0
Image Hash sha256:16bbe1d1647128a7060da21c36ae27b6f052bf5b8dedba0a5cb3460dee2f7b51

Description

Small third-party component used to export Prometheus metrics from Kafka.

Uses mirrored Docker Hub image: https://hub.docker.com/r/danielqsj/kafka-exporter

Back to overview

MariaDB

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/library/mariadb
Product MariaDB
Supplier MariaDB Foundation
Version 10.4.29
Image Hash sha256:f9f3c4b8fd9dc7717a903c79d847af9c783771b9e0ff3cc4fc983a40e9e5972d

Description

MariaDB is included in this release to facilitate data migration on upgrade from older Trust Center versions which required it. It will be removed in a subsequent release.

We use the official Docker image for MariaDB: https://hub.docker.com/_/mariadb

Back to overview

MongoDB

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/library/mongo
Product MongoDB
Supplier MongoDB Inc.
Version 5.0.30
Image Hash sha256:b3857ebaf1cf7d0c75090776ef76fb01cc142fe1ca0939be51da61fd5936a911

Description

MongoDB is included in on-premises deployments of the Trust Center to handle data persistence.

We use the official Docker image for MongoDB: https://hub.docker.com/_/mongo

Back to overview

MongoDB Prometheus Exporter

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/bitnami/mongodb-exporter
Product MongoDB
Supplier Bitnami
Version 0.42.1
Image Hash sha256:3aeaedd3faf7f9e16e919fdefc954153c5a0179eb733cce509d961fb2ed9885a

Description

Small third-party component used to export Prometheus metrics from MongoDB.

Uses mirrored Docker Hub image: https://hub.docker.com/r/bitnami/mongodb-exporter/

Back to overview

NGINX Ingress Controller

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/ingress-nginx/controller
Product NGINX
Supplier NGINX Inc.
Version v1.11.3
Image Hash sha256:38b51d8833e79d97d4adf825e0bf893e322d19be54ff65a88d9320139a68adfb

Description

The Trust Center uses the NGINX Ingress controller to handle ingress to Trust Center APIs (including TLS, WAF, etc.)

We use the official Docker image for nginx-ingress: https://hub.docker.com/r/nginx/nginx-ingress

Back to overview

Fluent Bit

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/fluent/fluent-bit
Product Fluentd
Supplier Fluent
Version 3.2.1
Image Hash sha256:905e3e329840de5b843c9277911ab3d82205a57851ad22b79d671b47012860c5

Description

Fluent Bit is a third party log processor deployed with the Trust Center to facilitate log aggregation.

We use the official Docker image for Fluent Bit: https://hub.docker.com/r/fluent/fluent-bit

Back to overview

Fluentd

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/fluent/fluentd
Product Fluentd
Supplier Fluent
Version v1.17-1
Image Hash sha256:c795c1bf9918c77a5415e2fda5825f9341f2dd0645d9adfb91f8cae3a3e6b240

Description

Fluentd is a third party log data collector deployed with the Trust Center to facilitate log aggregation.

We use the official Docker image for Fluentd: https://hub.docker.com/r/fluent/fluentd

Back to overview

cert-manager CA Injector

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/jetstack/cert-manager-cainjector
Product cert-manager
Supplier cert-manager Project
Version v1.16.2
Image Hash sha256:0a1f62ea3390a73239c0b4214e0ada1fb89c52d30677aebcdc3ca54508996511

Description

We include cert-manager in the Trust Center deployment to automatically manage API ingress certificates.

We use the Docker image for the cert-manager CA injector managed by Jetstack: https://quay.io/repository/jetstack/cert-manager-cainjector

Back to overview

cert-manager Controller

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/jetstack/cert-manager-controller
Product cert-manager
Supplier cert-manager Project
Version v1.16.2
Image Hash sha256:de97c3767802e33d3096ad9b276598ceee3ed92a0c67907221581b36c8ad055f

Description

We include cert-manager in the Trust Center deployment to automatically manage API ingress certificates.

We use the Docker image for the cert-manager controller managed by Jetstack: https://quay.io/repository/jetstack/cert-manager-controller

Back to overview

cert-manager Webhooks

Metadata

Field Value
Container Image docker.cloudsmith.io/teradici/trust-center/jetstack/cert-manager-webhook
Product cert-manager
Supplier cert-manager Project
Version v1.16.2
Image Hash sha256:25d87dff68f00587a3e76a1e5d530d40b6f0f7872e6d634db01a593047849109

Description

We include cert-manager in the Trust Center deployment to automatically manage API ingress certificates.

We use the Docker image for the cert-manager webhooks managed by Jetstack: https://quay.io/repository/jetstack/cert-manager-webhook

Back to overview