FlexPod Discussions

Convergred System Advisor

ECEDERGREN
4,422 Views

I see in the getting started I need to allow access to docker.com & docker.io.

 

Any time we open access for an internal server to external site I need to be able to give our security team some sort of justification. Is there any documentation that describes why CSA needs access to these sites? Also is any info being sent up to those sites?

1 ACCEPTED SOLUTION

DanSarisky
4,266 Views

It should just need it at initial setup and then run fine so long as it can get to csa.netapp.com.

 

If we push revised agent versions, it will attempt to download and restart, and may fail at that point.  You will start getting "agent offline" emails that should notify you of that condition if it occurs.

View solution in original post

4 REPLIES 4

AlexDawson
4,367 Views

Hi there! Fair question. I have reached out to our development team to ask. I will let you know what I hear back.

DanSarisky
4,321 Views

The CSA agent software is developed and tested by Netapp.  We however do not have a publicly facing docker registry.  Hence we use docker.com and docker.io to actually have the binary images available for download to a customer.

ECEDERGREN
4,270 Views

The CSA is using this to download Binaries, after initial setup will the CSA still need access to the site? 

For me it would be easier to get approval to open it up tempoarly for initial setup than close it down.

DanSarisky
4,267 Views

It should just need it at initial setup and then run fine so long as it can get to csa.netapp.com.

 

If we push revised agent versions, it will attempt to download and restart, and may fail at that point.  You will start getting "agent offline" emails that should notify you of that condition if it occurs.

Public