Using private Docker registry for Docker setup
By default, the DataOps Docker runner will pull from the standard Docker Hub registry (at index.docker.io). However, this requires a broad set of outbound IP addresses to be allowlisted. For some customers, a tighter configuration is required.
This page describes the setup for using a private Docker Registry hosted on the same set of IP addresses that already need to be allowlisted for the DataOps SaaS portal itself. It has been written for Ubuntu, and some file paths may need to be modified for other operating systems.
To confirm your network connectivity to
registry.dataops.live run the following telnet command.
telnet registry.dataops.live 443
If you see the message
Connected to registry.dataops.live. you have network connectivity, and it's safe to continue.
If the command halts at
Trying 126.96.36.199 or similar, your host does not have network connectivity, and you will need to resolve this with your network team before continuing.
To exit telnet, use the
ctrl+] and then
ctrl+d shortcut keys to close the connection.
Follow these instructions AFTER Docker has been installed. Still, BEFORE the DataOps Runner installation itself, edit (or more likely create since it won't be there) the file
/etc/docker/daemon.json to contain the following:
And then run:
sudo service docker restart
The command will tell docker to use
https://registry.dataops.live as a primary and only fail back to
docker.io if this is unavailable.
Confirm that docker has picked up this change with
docker info, which should contain:
Live Restore Enabled: false
Then you need to set up
~/.docker/config.json to look exactly like:
Note that this specifies the same credentials for two registries - due to a Docker peculiarity, this is required.
Using a private Docker registry for Kubernetes
Don't hesitate to contact Support for assistance.