Configure Docker Pull Rate Limit - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide

Product
Cortex XPANSE
Version
2
Creation date
2024-05-22
Last date published
2024-07-01
Category
User Guide
Solution
Cloud
Abstract

Configure the Docker pull rate limit on public images. Create a Docker user account and receive higher pull limit.

Docker enforces a pull rate limit on public images. The limit is based on an IP address or as a logged-in Docker hub user. The default limit (100 pulls per 6 hours) is usually high enough for Cortex Xpanse's use of Docker images, but the rate limit may be reached if using a single IP address for a large organization (behind a NAT). If the rate limit is reached, the following error message is issued:

Error response from daemon: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit.

To increase the limit, take the following steps.

  1. Sign up a free user in the Docker hub.

    The pull limit is higher for a registered user (200 pulls per 6 hours).

  2. Authenticate the user on the engine machine by running the following command.

    sudo -u demisto docker login

  3. (Optional) Instead of manually logging in to Docker to pull images, you can edit the Docker config file to use credentials from the file or from a credential store.