Quay Clair - Could not get an output on scanning the container images

Question

I'm new to the container security concept. I would like to find the vulnerabilities in the Container images using Quay Clair.

Note: I already tried the container vulnerability scanning using Anchore Engine(which is very straightforward); however, would like to do a comparison with Clair.

My requirement is, scan the docker images available in my local docker environment using Clair. I just tried with the following Clair concepts, but could not get any outputs.. sometimes errors.

-- Using Clair-Scanner CLI

Github link - https://github.com/arminc/clair-scanner

When I run the scan by using the below command getting an error.

clair-scanner --ip YOUR_LOCAL_IP alpine:3.5

Or

HOST_IP=$(ip -4 addr show docker0 | grep -Po 'inet \K[\d.]+')
clair-scanner --ip {HOST_IP} alpine:3.5

getting an error:

2021/07/13 08:30:05 [CRIT] ▶ Could not analyze layer: POST to Clair failed Post http://127.0.0.1:6060/v1/layers: dial tcp 127.0.0.1:6060: connect: connection refused

Could someone please help me on how to fix this issue.

I also tried with "Analyze Local Images" CLI; since it is deprecated by Clair, I could not go further.

Thanks in advance!

Answer 1

I ran the Clair-Scanner CLI in Linux, it's working fine; not sure why the issue is only with Windows.

For Reference to run the clair-scanner in Linux machine. Please follow this link. https://github.com/arminc/clair-scanner

Thanks!