Private Locations Configuration
Security Monitoring is now available Security Monitoring is now available

Private Locations Configuration

Overview

Synthetic private locations come with a set of options you can configure to match your environment requirements. All these options can be found by running the below help command:

docker run --rm datadog/synthetics-private-location-worker --help

The private locations configuration options can be then be passed as parameters to your JSON configuration file or as arguments in the launch command, like below:

docker run --rm -v $PWD/<MY_WORKER_CONFIG_FILE_NAME>.json:/etc/datadog/synthetics-check-runner.json datadog/synthetics-private-location-worker:latest --logFormat=json

Note: Arguments set in the launch command have precedence over the configuration file. However, these options are not stored and are consequently only prevalent for a given launch.

Configuration Options

Datadog Site Configuration

OptionTypeDefaultDescription
siteStringdatadoghq.comDatadog site from which the private location pulls the test configuration and pushes the test results. Needs to be set to datadoghq.eu for Datadog EU users.

DNS Configuration

OptionTypeDefaultDescription
dnsUseHostBooleantrueUse host local DNS configuration first (e.g., the configuration from your etc/resolv.conf file), then DNS servers specified in the dnsServer parameter if any.
dnsServerArray of Strings["8.8.8.8","1.1.1.1"]DNS servers IPs to use in given order (e.g., --dnsServer="8.8.4.4" --dnsServer="8.8.8.8").

Reserved IPs Configuration

OptionTypeDefaultDescription
enableDefaultBlockedIpRangesBooleanfalsePrevent users from creating Synthetic tests on endpoints that are using reserved IP ranges (IANA IPv4 and IPv6 Special-Purpose Address Registry), unless for those explicitly set with the allowedIPRanges parameter.
allowedIPRangesArray of StringsnoneGrant access to specific IPs and/or CIDR among IP ranges blocked through enableDefaultBlockedIpRanges or blockedIPRanges (e.g., "allowedIPRanges.4": "10.0.0.0/8"). Note: allowedIPRanges has precedence over blockedIPRanges.
blockedIPRangesArray of StringsnoneBlock access to specific IPs and/or CIDR in addition, or not, to the IP ranges blocked when setting the enableDefaultBlockedIpRanges parameter to true (e.g. --blockedIPRanges.4="127.0.0.0/8" --blockedIPRanges.6="::1/128".)

Note: The whitelistedRange and blacklistedRange parameters are now deprecated and should be replaced by the above listed ones.

Proxy Configuration

OptionTypeDefaultDescription
proxyDatadogStringnoneProxy URL used by the private location to send requests to Datadog (e.g., --proxyDatadog=http://<YOUR_USER>:<YOUR_PWD>@<YOUR_IP>:<YOUR_PORT>).
proxyTestRequestsStringnoneProxy URL used by the private location to send test requests to the endpoint.
proxyIgnoreSSLErrorsBooleanfalseDiscard SSL errors when private location is using a proxy to send requests to Datadog.

Note: The proxy parameter is now deprecated and should be replaced by proxyDatadog.

Advanced Configuration

OptionTypeDefaultDescription
concurrencyNumber10Maximum number of tests executed in parallel.
maxTimeoutNumber60000Maximum test execution duration for API tests (in milliseconds).

Private Locations Admin

OptionTypeDefaultDescription
logFormatStringprettyFormat log output between "pretty", and "json". Setting your log format to json allows you to have these logs automatically parsed when collected by Datadog.
verbosityNumber3Verbosity level (e.g., -v, -vv, -vvv, …).
dumpConfigBooleannoneDisplay worker configuration parameters without secrets.
dumpFullConfigBooleannoneDisplay full worker configuration parameters.
helpBooleannoneShow help.

Further Reading