Private Locations Configuration
Overview
Synthetic private locations come with a set of options you can configure to match your environment requirements. All these options can be found by running the below help
command:
docker run --rm datadog/synthetics-private-location-worker --help
The private locations configuration options can be then be passed as parameters to your JSON configuration file or as arguments in the launch command, like below:
docker run --rm -v $PWD/<MY_WORKER_CONFIG_FILE_NAME>.json:/etc/datadog/synthetics-check-runner.json datadog/synthetics-private-location-worker:latest --logFormat=json
Note: Arguments set in the launch command have precedence over the configuration file. However, these options are not stored and are consequently only prevalent for a given launch.
Configuration options
Datadog site configuration
site
- Type: String
Default: datadoghq.com
Datadog site from which the private location pulls the test configuration and pushes the test results. Your site
is
.
DNS configuration
The two below parameters can be used to customize DNS resolution on your API tests:
dnsUseHost
- Type: Boolean
Default: true
Use host local DNS configuration first (for example, the configuration from your etc/resolv.conf
file), then DNS servers specified in the dnsServer
parameter if any. dnsServer
- Type: Array of Strings
Default: ["8.8.8.8","1.1.1.1"]
DNS servers IPs to use in given order (for example, --dnsServer="8.8.4.4" --dnsServer="8.8.8.8"
).
On browser tests, the DNS resolution is done directly by the browser, which usually reads DNS servers from the host. Alternatively, you can configure it at the container level (for example, using the --dns
flag on Docker, or dnsConfig.nameservers
on Kubernetes).
Reserved IPs configuration
enableDefaultBlockedIpRanges
- Type: Boolean
Default: false
Prevent users from creating Synthetic tests on endpoints that are using reserved IP ranges (IANA IPv4 and IPv6 Special-Purpose Address Registry), unless for those explicitly set with the allowedIPRanges
parameter. allowedIPRanges
- Type: Array of Strings
Default: none
Grant access to specific IPs and/or CIDR among IP ranges blocked through enableDefaultBlockedIpRanges
or blockedIPRanges
(for example, "allowedIPRanges.4": "10.0.0.0/8"
). Note: allowedIPRanges
has precedence over blockedIPRanges
. blockedIPRanges
- Type: Array of Strings
Default: none
Block access to specific IPs and/or CIDR in addition, or not, to the IP ranges blocked when setting the enableDefaultBlockedIpRanges
parameter to true
(for example, --blockedIPRanges.4="127.0.0.0/8" --blockedIPRanges.6="::1/128"
.)
Note: The whitelistedRange
and blacklistedRange
parameters are deprecated and should be replaced by the above listed ones.
Proxy configuration
proxyDatadog
- Type: String
Default: none
Proxy URL used by the private location to send requests to Datadog (for example, --proxyDatadog=http://<YOUR_USER>:<YOUR_PWD>@<YOUR_IP>:<YOUR_PORT>
). proxyTestRequests
- Type: String
Default: none
Proxy URL used by the private location to send test requests to the endpoint. proxyIgnoreSSLErrors
- Type: Boolean
Default: false
Discard SSL errors when private location is using a proxy to send requests to Datadog.
Note: The proxy
parameter is deprecated and should be replaced by proxyDatadog
.
Advanced configuration
concurrency
- Type: Number
Default: 10
Maximum number of tests executed in parallel. enableStatusProbes
- Type: Boolean
Enables the readiness and liveness of private location probes. This enables two endpoints: http://127.0.0.1:8080/liveness and http://127.0.0.1:8080/readiness. maxTimeout
- Type: Number
Default: 60000
Maximum test execution duration for API tests (in milliseconds). statusProbesPort
- Type: Number
Default: 8080
Overrides the port for the private location status probes.
Private root certificates
You can upload custom root certificates to your private locations to have your API and Browser tests perform SSL handshake using your own .pem
files. When spinning up your private location containers, mount the relevant certificate .pem
files to /etc/datadog/certs
, the same way your private location configuration file is mounted. These certificates are then considered trusted CA and used as such at test runtime.
Note: This feature is supported for versions 1.5.3+ of the private location Docker image.
Private locations admin
config
- Type: String
Default: /etc/datadog/synthetics-check-runner.json
Path to JSON configuration file. logFormat
- Type: String
Default: pretty
Format log output between "pretty"
, and "json"
. Setting your log format to json
allows you to have these logs automatically parsed when collected by Datadog. verbosity
- Type: Number
Default: 3
Verbosity level (for example, -v
, -vv
, -vvv
, …). dumpConfig
- Type: Boolean
Default: none
Display worker configuration parameters without secrets. dumpFullConfig
- Type: Boolean
Default: none
Display full worker configuration parameters. help
- Type: Boolean
Default: none
Show help.
Note: Private Location containers output logs to stdout/stderr without saving them within the container.
Further Reading
Additional helpful documentation, links, and articles: