Trust Center 25.06.0 Image Inventory¶
This topic describes each container image in use in the Trust Center version 25.06.0-rc48 deployment. You can also download this content as a PDF from SBOM.
Contents¶
Component List¶
| Container Image | Component |
|---|---|
| trust-center/trust-center-ctl | Trust Center Init Job |
| library/busybox | Busybox |
| ms_activity_log | Activity Log Service |
| ms_authorization | Authorization Service |
| trust-center/asset-mgmt | Asset Management Service |
| trust-center/command | Command Service |
| trust-center/endpoint-connector | Endpoint Connector Service |
| trust-center/endpoint-registry | Endpoint Registry Service |
| trust-center/endpoint-updater | Endpoint Updater Service |
| trust-center/health | Health Service |
| trust-center/manager-ui | Manager UI Service |
| trust-center/ostree-sync | OSTree Sync Service |
| trust-center/pki-adapter | PKI Adapter Service |
| job_rotate_signing_key | Rotate Signing Key Job |
| ms_secret_mgmt | Secret Management Service |
| trust-center/trust-enforcement | Trust Enforcement Service |
| trust-center/vault-unseal | Vault Unseal Job |
| trust-center/docs-external-v1 | External API Docs |
| trust-center/watcher | Watcher Service |
| trust-center/t2-connector | Tera2 Connector Service |
| hashicorp/vault | Vault |
| valkey/valkey | Redis |
| oliver006/redis_exporter | Redis Prometheus Exporter |
| confluentinc/cp-kafka | Kafka |
| danielqsj/kafka-exporter | Kafka Prometheus Exporter |
| library/mongo | MongoDB |
| bitnami/mongodb-exporter | MongoDB Prometheus Exporter |
| ingress-nginx/controller | NGINX Ingress Controller |
| fluent/fluent-bit | Fluent Bit |
| fluent/fluentd | Fluentd |
| jetstack/cert-manager-cainjector | cert-manager CA Injector |
| jetstack/cert-manager-controller | cert-manager Controller |
| jetstack/cert-manager-webhook | cert-manager Webhooks |
Verifying Container Images¶
-
Copy the container registry password from
global.images.passwordin your Trust Center'sconfig.yamlfile. -
Log in to the container registry:
$ docker login docker.cloudsmith.io Username: teradici/trust-center Password: <Password>Info
If using a beta release, use
teradici/trust-center-betainstead. -
Check the details for a specific container image in the remote registry:
$ docker buildx imagetools inspect <Image tag> Name: <Image tag> MediaType: application/vnd.docker.distribution.manifest.v2+json Digest: sha256:002f688e9756d464d2064b526d4446306210198e8c8b234b36c9a8d5399b80d7The
<Image tag>should be the full URI to the image, example,docker.cloudsmith.io/teradici/trust-center/fluent/fluentd:v1.16-2 -
Download the image to your local system:
$ docker pull <Image tag> [...] $ docker inspect --format='{{index .RepoDigests 0}}' <Image tag> <Image tag>@sha256:002f688e9756d464d2064b526d4446306210198e8c8b234b36c9a8d5399b80d7The sha256 hash of the images of the remote container registry and the local copy must match. Additionally, the hash should also match the image hash listed for each container image in these READMEs.
Component Details¶
Trust Center Init Job¶
Description¶
This container runs on initial installation and upgrade of Trust Center. It initializes and upgrades the Trust Center service configuration.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/trust-center-ctl |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:b838a7a8565e11aba77a0680ef312d3df89ea1b2c38015f5d8019b824c1329b3 |
Busybox¶
Description¶
This container is used for various init containers that prevent services from starting up before dependencies are ready.
Info
We use the official Docker image for Busybox.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/library/busybox |
| Product | Trust Center |
| Supplier | Open Source |
| Version | 1.36.1 |
| Image Hash | sha256:023917ec6a886d0e8e15f28fb543515a5fcd8d938edb091e8147db4efed388ee |
Activity Log Service¶
Description¶
The Activity Log service handles events generated by Trust Center services, and exposes an API to query activity logs.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/ms_activity_log |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 0.0.864_43ed890 |
| Image Hash | sha256:87ede8e0fb2246c41a29ff038d893d9ed5dde0dda834f7eb42870e6ea99dce7d |
Authorization Service¶
Description¶
The Authorization service handles authentication and authorization for Trust Center API service accounts.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/ms_authorization |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 0.0.5863_d42c581 |
| Image Hash | sha256:0f737f26017f7657d8e8fca989f0a33449f2cda8e2c49897cd49294d0b8c347b |
Asset Management Service¶
Description¶
The Asset Management service enables storing and retrieving assets (such as support bundles, branding assets) within the Trust Center.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/asset-mgmt |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:cfd13f93d240958eb5614c573b19a2cc30757ab0397dd6b84b158422c1621875 |
Command Service¶
Description¶
The Command service enables sending commands to endpoints connected to the Trust Center and processing command status updates.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/command |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:a8378731566e976a827048335742573a6fd2c689fddf08d96660ac2210b3dbe7 |
Endpoint Connector Service¶
Description¶
The Endpoint Connector service provides APIs which Trusted Zero Clients and other endpoints use to communicate with the Trust Center.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/endpoint-connector |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:909880ac92d3dab673f6a55c47b0cc9f86cefeee6434b31a172a4adb99ab0bb8 |
Endpoint Registry Service¶
Description¶
The Endpoint Registry service maintains endpoint digital twins and provides APIs for management of endpoint configuration.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/endpoint-registry |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:d34ccb395b3de4325652bff5ca655baf72ff33c825993e228a4e80acd7301154 |
Endpoint Updater Service¶
Description¶
The Endpoint Updater service is responsible for triggering OTA updates for connected endpoints when requested in endpoint configuration.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/endpoint-updater |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:fc38be3b7552962000eb1d22963f6ee01704caaeb07f415b68865cdea30129b7 |
Health Service¶
Description¶
The Health service provides API endpoints for Trust Center deployment health-checks.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/health |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:9666cc19ac60cd5a9d63ac1f2bff0c2d0a71d09c31886be6e1340e0fe2f52cb5 |
Manager UI Service¶
Description¶
The Manager UI service provides a web-based user interface for administrators to manage and configure the Trust Center deployment.
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/manager-ui |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:bf8031d99e02764199216a76b25a88bbecfd35e92c3c67f423eebbd65d56a359 |
OSTree Sync Service¶
Description¶
The OSTree Sync service is responsible for storing Trusted Zero Client OTA update images and serving them to endpoints when requested.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/ostree-sync |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:50cc639bf1e9709e96f67fb065f7c649b421a3a833862fb1e6ca891b5fc7fbda |
PKI Adapter Service¶
Description¶
The PKI Adapter Service is responsible for for providing an interface for Trust Center services to request certificates and tokens generated by internal and external issuers.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/pki-adapter |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:34a4ee5ea561db482e74f43a8fe65d982af699898c85e9104091694af36f8816 |
Rotate Signing Key Job¶
Description¶
The Rotate Signing Key job is used as a perodic CronJob in the Trust Center to rotate internal token signing keys.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/job_rotate_signing_key |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 0.0.338_df40f59 |
| Image Hash | sha256:06650cc96fd6419fabe526306add72af5157e10a15028336250c31f60072e99f |
Secret Management Service¶
Description¶
The Secret Management service provides an interface for Trust Center services to access key/value secrets from internal (Vault) and external secret storage providers.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/ms_secret_mgmt |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 0.0.690_b709211 |
| Image Hash | sha256:ed8044a52a74886470b84ea3ddfba3762eef537fed16d6ef3e8568f99ae4370f |
Trust Enforcement Service¶
Description¶
The Trust Enforcement Service is responsible for facilitating policy evaluation and enforcement on endpoints connected to the Trust Center.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/trust-enforcement |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:8d9a637b73a87101fae439daf626976f8aedc381804329d39d7b293f5550d6e0 |
Vault Unseal Job¶
Description¶
The Vault Unseal job is a CronJob used by the Trust Center to ensure the internal Vault instance (for on-prem deployments) is unsealed.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/vault-unseal |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:b76f5e529bcfa4535989a172637cabbd4977a4f6fa96f169bc3b2b45c906d0d9 |
External API Docs¶
Description¶
This container serves a copy of the External API documentation corresponding to this version of the Trust Center.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/docs-external-v1 |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:8ff333304796a9fc1fe5ac97cec266dd39081b894b6abaaae8b9ba488f619df0 |
Watcher Service¶
Description¶
The Watcher service is responsible for evaluating endpoint policies configured via the Trust Center.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/watcher |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:530e8c564628ea974695c2545631d012d87ae397f3349223ba3d668ff1ca1534 |
Tera2 Connector Service¶
Description¶
The Tera2 Connector service provides APIs used by Tera2 endpoints to connect to the Trust Center.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/trust-center/t2-connector |
| Product | Trust Center |
| Supplier | HP Inc. |
| Version | 25.06.0-rc48 |
| Image Hash | sha256:29e107db7950d2c8777607fd3a23d2999366c89c80aeabe8596681045172f40d |
Vault¶
Description¶
Hashicorp Vault is a third party component deployed with the Trust Center in on-premises deplyoments to securely store deployment secrets.
We use the official Docker image for Hashicorp Vault: https://hub.docker.com/r/hashicorp/vault
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/hashicorp/vault |
| Product | Hashicorp Vault |
| Supplier | Hashicorp |
| Version | 1.19.1 |
| Image Hash | sha256:9014214058baad9bfb26959ad1b1946d04b1d22e10d454de271402d995c6e963 |
Redis¶
Description¶
Redis is a third-party component deployed with the Trust Center to function as an in-memory cache.
Info
We use the official Docker image for Redis.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/valkey/valkey |
| Product | Redis |
| Supplier | Redis Ltd. |
| Version | 7.2.8-alpine |
| Image Hash | sha256:5fc10e150821a2a7ebb472fcd5bd637b98764d9a6fa628b3b8916d4989dbb37d |
Redis Prometheus Exporter¶
Description¶
Small third-party component used to export Prometheus metrics from Redis.
Info
We use the mirrored Docker Hub image.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/oliver006/redis_exporter |
| Product | Redis |
| Supplier | Open Source - Oliver006 |
| Version | v1.69.0-alpine |
| Image Hash | sha256:d8074df3c7dc9766ef0bd66f65772404fba7ee9968041c039b844dd5a94e95a3 |
Kafka¶
Description¶
Kafka is deployed as part of the Trust Center to handle message queueing.
Info
We use the Kafka Docker image (Community Version) maintained by Confluent Inc.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/confluentinc/cp-kafka |
| Product | Kafka |
| Supplier | Confluent Inc. |
| Version | 7.9.2 |
| Image Hash | sha256:2c465ada6e356b306894929e3328ea492758b50a414e6dd7806e4f4576176d0d |
Kafka Prometheus Exporter¶
Description¶
Small third-party component used to export Prometheus metrics from Kafka.
Info
We use the mirrored Docker Hub image.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/danielqsj/kafka-exporter |
| Product | Kafka |
| Supplier | Open Source - Daniel Qian |
| Version | v1.9.0 |
| Image Hash | sha256:5a639c8c918da17c8b01cc87e01fc4bcaa3554cbed5e76bd84c5874bcd8553e0 |
MongoDB¶
Description¶
MongoDB is included in on-premises deployments of the Trust Center to handle data persistence.
Info
We use the official Docker image for MongoDB.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/library/mongo |
| Product | MongoDB |
| Supplier | MongoDB Inc. |
| Version | 8.0.6 |
| Image Hash | sha256:77e756d6e0a52c9a6f9d8c39119ab075ba71c110695ba2a5c934598cc3026f93 |
MongoDB Prometheus Exporter¶
Description¶
Small third-party component used to export Prometheus metrics from MongoDB.
Info
We use the mirrored Docker Hub image.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/bitnami/mongodb-exporter |
| Product | MongoDB |
| Supplier | Bitnami |
| Version | 0.44.0 |
| Image Hash | sha256:e1ead1a2fcc2be3bd803a434367a704f24964c943c8287356fbcb20b9cf7b798 |
NGINX Ingress Controller¶
Description¶
The Trust Center uses the NGINX Ingress controller to handle ingress to Trust Center APIs (including TLS, WAF, etc.)
Info
We use the official Docker image for nginx-ingress.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/ingress-nginx/controller |
| Product | NGINX |
| Supplier | NGINX Inc. |
| Version | v1.12.2 |
| Image Hash | sha256:1b493796f5dfbfd2e00a255b7fc32af849bc416ad45b31558540a951d1afa3ba |
Fluent Bit¶
Description¶
Fluent Bit is a third party log processor deployed with the Trust Center to facilitate log aggregation.
Info
We use the official Docker image for Fluent Bit.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/fluent/fluent-bit |
| Product | Fluentd |
| Supplier | Fluent |
| Version | 4.0.1 |
| Image Hash | sha256:10cf12dd1f7f500187baf7bf3eb04784654d25f8c95f6dd946a37542e5a73d67 |
Fluentd¶
Description¶
Fluentd is a third party log data collector deployed with the Trust Center to facilitate log aggregation.
Info
We use the official Docker image for Fluentd.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/fluent/fluentd |
| Product | Fluentd |
| Supplier | Fluent |
| Version | v1.17-1 |
| Image Hash | sha256:c795c1bf9918c77a5415e2fda5825f9341f2dd0645d9adfb91f8cae3a3e6b240 |
cert-manager CA Injector¶
Description¶
We include cert-manager in the Trust Center deployment to automatically manage API ingress certificates.
Info
We use the Docker image for the cert-manager CA injector managed by Jetstack.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/jetstack/cert-manager-cainjector |
| Product | cert-manager |
| Supplier | cert-manager Project |
| Version | v1.17.2 |
| Image Hash | sha256:5da73b0d42def802217c969fdbfbd5f9a8a24a395f53f24aaf3662e7c9f97afb |
cert-manager Controller¶
Description¶
cert-manager is included in the Trust Center deployment to automatically manage API ingress certificates.
Info
We use the Docker image for the cert-manager controller managed by Jetstack.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/jetstack/cert-manager-controller |
| Product | cert-manager |
| Supplier | cert-manager Project |
| Version | v1.17.2 |
| Image Hash | sha256:466dead1d21b853cbd14b3608be0b75163a25d3f5d34c99eec3ea8740712c62e |
cert-manager Webhooks¶
Description¶
We include cert-manager in the Trust Center deployment to automatically manage API ingress certificates.
Info
We use the Docker image for the cert-manager webhooks managed by Jetstack.
Metadata¶
| Field | Value |
|---|---|
| Container Image | docker.cloudsmith.io/teradici/trust-center/jetstack/cert-manager-webhook |
| Product | cert-manager |
| Supplier | cert-manager Project |
| Version | v1.17.2 |
| Image Hash | sha256:57daadb1cee21729fd98739a62ce46efe35ef5dd1e66a307d55a1208d88674d4 |