Connect via an engine to your own authenticated Docker image registry.
Using an engine to communicate with an image registry streamlines deployment by managing dependencies, ensuring version control, and facilitating scalability, load balancing, and secure access to private images.
If you use an engine, you need to connect it to the registry before setting up Cortex XSIAM to pull images.
The following example describes connecting an engine to an authenticated Docker image registry. It uses the --username
and --password
command line options to pass the username and password directly. For environments where command history or logs are visible to others, consider more secure methods like Docker configuration files for handling authentication in production or CI/CD environments. For more details, see docker login or podman-login.
Open a terminal on the machine where your engine is running.
Run
docker login
with username and password.docker login --username=<your-username> --password=<your-password> <registry-url>
Replace
<your-username>
,<your-password>
, and<registry-url>
with your Docker registry credentials and the URL of your Docker image registry.(Optional) Search for or pull a Docker image.
After logging in successfully, you can optionally validate access to images by searching for an image or pulling an image from the registry to your local machine using the
docker search
ordocker pull
command.docker search <registry-url>/<image-name>:<tag> docker pull <registry-url>/<image-name>:<tag>
Replace
<registry-url>
,<image-name>
, and<tag>
with your registry URL, the name of the Docker image, and the image tag, respectively.
When using an engine shell installer on a system that runs a Docker client, for example Ubuntu, the demisto
user is created without a home directory. By default, the Docker client stores the Docker login credentials in the home directory, Therefore, you need to create a home directory if you are using the default Docker configuration.
You can run the following commands when logged in as root (or another privileged user).
Open a terminal on the machine where your engine is running.
Run the following commands to create a home directory for the
demisto
user.mkdir /home/demisto chown demisto:demisto /home/demisto
Switch to the
demisto
user and executedocker login
.sudo -s -u demisto docker login --username=<your-username> --password=<your-password> <registry-url>