Connect Your Engine to an Image Registry - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Administrator Guide

Product
Cortex XSIAM
Creation date
2024-07-16
Last date published
2024-10-07
Category
Administrator Guide
Abstract

Connect via an engine to your own authenticated Docker image registry.

Using an engine to communicate with an image registry streamlines deployment by managing dependencies, ensuring version control, and facilitating scalability, load balancing, and secure access to private images.

If you use an engine, you need to connect it to the registry before setting up Cortex XSIAM to pull images.

Example: Connect Your Engine Directly to an Image Registry

The following example describes connecting an engine to an authenticated Docker image registry. It uses the --username and --password command line options to pass the username and password directly. For environments where command history or logs are visible to others, consider more secure methods like Docker configuration files for handling authentication in production or CI/CD environments. For more details, see docker login or podman-login.

  1. Open a terminal on the machine where your engine is running.

  2. Run docker login with username and password.

    docker login --username=<your-username> --password=<your-password> <registry-url>

    Replace <your-username>, <your-password>, and <registry-url> with your Docker registry credentials and the URL of your Docker image registry.

  3. (Optional) Search for or pull a Docker image.

    After logging in successfully, you can optionally validate access to images by searching for an image or pulling an image from the registry to your local machine using the docker search or docker pull command.

    docker search <registry-url>/<image-name>:<tag>
    docker pull <registry-url>/<image-name>:<tag>

    Replace <registry-url>, <image-name>, and <tag> with your registry URL, the name of the Docker image, and the image tag, respectively.

Example: Connect Your Engine Using a Shell Installer on a System Running a Docker Client

When using an engine shell installer on a system that runs a Docker client, for example Ubuntu, the demisto user is created without a home directory. By default, the Docker client stores the Docker login credentials in the home directory, Therefore, you need to create a home directory if you are using the default Docker configuration.

You can run the following commands when logged in as root (or another privileged user).

  1. Open a terminal on the machine where your engine is running.

  2. Run the following commands to create a home directory for the demisto user.

    mkdir /home/demisto
    chown demisto:demisto /home/demisto
  3. Switch to the demisto user and execute docker login.

    sudo -s -u demisto
    docker login --username=<your-username> --password=<your-password> <registry-url>