I see in the getting started I need to allow access to docker.com & docker.io.
Any time we open access for an internal server to external site I need to be able to give our security team some sort of justification. Is there any documentation that describes why CSA needs access to these sites? Also is any info being sent up to those sites?
Solved! See The Solution
4 REPLIES 4
The CSA agent software is developed and tested by Netapp. We however do not have a publicly facing docker registry. Hence we use docker.com and docker.io to actually have the binary images available for download to a customer.
The CSA is using this to download Binaries, after initial setup will the CSA still need access to the site?
For me it would be easier to get approval to open it up tempoarly for initial setup than close it down.
It should just need it at initial setup and then run fine so long as it can get to csa.netapp.com.
If we push revised agent versions, it will attempt to download and restart, and may fail at that point. You will start getting "agent offline" emails that should notify you of that condition if it occurs.