Private Locations Configuration
Incident Management is now generally available! Incident Management is now generally available!

Private Locations Configuration


Synthetic private locations come with a set of options you can configure to match your environment requirements. All these options can be found by running the below help command:

docker run --rm datadog/synthetics-private-location-worker --help

The private locations configuration options can be then be passed as parameters to your JSON configuration file or as arguments in the launch command, like below:

docker run --rm -v $PWD/<MY_WORKER_CONFIG_FILE_NAME>.json:/etc/datadog/synthetics-check-runner.json datadog/synthetics-private-location-worker:latest --logFormat=json

Note: Arguments set in the launch command have precedence over the configuration file. However, these options are not stored and are consequently only prevalent for a given launch.

Configuration Options

Datadog Site Configuration

siteStringdatadoghq.comDatadog site from which the private location pulls the test configuration and pushes the test results. Your site is .

DNS Configuration

  • The two below parameters can be used to customize DNS resolution on your API tests:
dnsUseHostBooleantrueUse host local DNS configuration first (e.g., the configuration from your etc/resolv.conf file), then DNS servers specified in the dnsServer parameter if any.
dnsServerArray of Strings["",""]DNS servers IPs to use in given order (e.g., --dnsServer="" --dnsServer="").
  • On browser tests, the DNS resolution is done directly by the browser, which usually reads DNS servers from the host. Alternatively, you can configure it at the container level (e.g., using the --dns flag on Docker, or dnsConfig.nameservers on Kubernetes).

Reserved IPs Configuration

enableDefaultBlockedIpRangesBooleanfalsePrevent users from creating Synthetic tests on endpoints that are using reserved IP ranges (IANA IPv4 and IPv6 Special-Purpose Address Registry), unless for those explicitly set with the allowedIPRanges parameter.
allowedIPRangesArray of StringsnoneGrant access to specific IPs and/or CIDR among IP ranges blocked through enableDefaultBlockedIpRanges or blockedIPRanges (e.g., "allowedIPRanges.4": ""). Note: allowedIPRanges has precedence over blockedIPRanges.
blockedIPRangesArray of StringsnoneBlock access to specific IPs and/or CIDR in addition, or not, to the IP ranges blocked when setting the enableDefaultBlockedIpRanges parameter to true (e.g. --blockedIPRanges.4="" --blockedIPRanges.6="::1/128".)

Note: The whitelistedRange and blacklistedRange parameters are now deprecated and should be replaced by the above listed ones.

Proxy Configuration

proxyDatadogStringnoneProxy URL used by the private location to send requests to Datadog (e.g., --proxyDatadog=http://<YOUR_USER>:<YOUR_PWD>@<YOUR_IP>:<YOUR_PORT>).
proxyTestRequestsStringnoneProxy URL used by the private location to send test requests to the endpoint.
proxyIgnoreSSLErrorsBooleanfalseDiscard SSL errors when private location is using a proxy to send requests to Datadog.

Note: The proxy parameter is now deprecated and should be replaced by proxyDatadog.

Advanced Configuration

concurrencyNumber10Maximum number of tests executed in parallel.
maxTimeoutNumber60000Maximum test execution duration for API tests (in milliseconds).

Private Root Certificates

You can upload custom root certificates to your private locations to have your API and Browser tests perform SSL handshake using your own .pem files. When spinning up your private location containers, mount the relevant certificate .pem files to /etc/datadog/certs, the same way your private location configuration file is mounted. These certificates are then considered trusted CA and used as such at test runtime.

Note: This feature is supported for versions 1.5.3+ of the private location Docker image.

Private Locations Admin

logFormatStringprettyFormat log output between "pretty", and "json". Setting your log format to json allows you to have these logs automatically parsed when collected by Datadog.
verbosityNumber3Verbosity level (e.g., -v, -vv, -vvv, …).
dumpConfigBooleannoneDisplay worker configuration parameters without secrets.
dumpFullConfigBooleannoneDisplay full worker configuration parameters.
helpBooleannoneShow help.

Further Reading