Details
Add HEALTHCHECK instruction in your docker container images to perform thehealth check on running containers.
Rationale:
One of the important security triads is availability. Adding HEALTHCHECK instruction to your container image ensures that the docker engine periodically checks the running container instances against that instruction to ensure that the instances are still working.
Based on the reported health status, the docker engine could then exit non-working containers and instantiate new ones.
NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.
Solution
Follow Docker documentation and rebuild your container image with HEALTHCHECK instruction.
Impact:
None.
Default Value:
By default, HEALTHCHECK is not set.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.