manual:installation:upgrade_notes_4020

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
manual:installation:upgrade_notes_4020 [2021/01/27 19:24]
127.0.0.1 external edit
manual:installation:upgrade_notes_4020 [2021/02/04 10:33] (current)
martins-v non-root permissions implemented for Docker images (ZBX-18007)
Line 10: Line 10:
  
 === Docker appliance support dropped === === Docker appliance support dropped ===
 +
 Zabbix Docker Appliance image has been decommissioned and will not be available for 4.0.20 and newer releases. Please use a separate Docker image for each component instead of the all-in-one solution. Zabbix Docker Appliance image has been decommissioned and will not be available for 4.0.20 and newer releases. Please use a separate Docker image for each component instead of the all-in-one solution.
  
 +=== Non-root permissions implemented for Docker images ===
 +
 +Zabbix Docker images have been updated to implement non-root container best practices. Due to the change:
 +
 +  * All directories have been restricted for the container user, except directories which are required for the container. For example, /​etc/​zabbix/​ with Zabbix component configuration files.
 +  * Ports 80 and 443 have been changed to 8080 and 8443, because usage of all ports <1024 is restricted for non-privileged users. Zabbix web interface images have been updated to use non-privileged ports 8080, 8443; Zabbix snmptrap images port 1162.
 +  * All Zabbix images are updated to use a non-privileged user. By default, '​zabbix'​ with UID 1997.
 +
 +A known issue: Nginx based images do not run under root. Will be fixed soon.