Private Locations Configuration

Overview

Synthetic private locations come with a set of options you can configure to match your environment requirements. All these options can be found by running the below help command:

docker run --rm datadog/synthetics-private-location-worker --help

The private locations configuration options can be then be passed as parameters to your JSON configuration file or as arguments in the launch command, like below:

docker run --rm -v $PWD/<MY_WORKER_CONFIG_FILE_NAME>.json:/etc/datadog/synthetics-check-runner.json datadog/synthetics-private-location-worker:latest --logFormat=json

Note: Arguments set in the launch command have precedence over the configuration file. However, these options are not stored and are consequently only prevalent for a given launch.

Configuration options

Datadog site configuration

site
Type: String
Default: datadoghq.com
Datadog site from which the private location pulls the test configuration and pushes the test results. Your site is .

DNS configuration

The two below parameters can be used to customize DNS resolution on your API tests:

dnsUseHost
Type: Boolean
Default: true
Use host local DNS configuration first (for example, the configuration from your etc/resolv.conf file), then DNS servers specified in the dnsServer parameter if any.
dnsServer
Type: Array of Strings
Default: ["8.8.8.8","1.1.1.1"]
DNS servers IPs to use in given order (for example, --dnsServer="8.8.4.4" --dnsServer="8.8.8.8").

On browser tests, the DNS resolution is done directly by the browser, which usually reads DNS servers from the host. Alternatively, you can configure it at the container level (for example, using the --dns flag on Docker, or dnsConfig.nameservers on Kubernetes).

Reserved IPs configuration

enableDefaultBlockedIpRanges
Type: Boolean
Default: false
Prevent users from creating Synthetic tests on endpoints that are using reserved IP ranges (IANA IPv4 and IPv6 Special-Purpose Address Registry), unless for those explicitly set with the allowedIPRanges parameter.
allowedIPRanges
Type: Array of Strings
Default: none
Grant access to specific IPs and/or CIDR among IP ranges blocked through enableDefaultBlockedIpRanges or blockedIPRanges (for example, "allowedIPRanges.4": "10.0.0.0/8"). Note: allowedIPRanges has precedence over blockedIPRanges.
blockedIPRanges
Type: Array of Strings
Default: none
Block access to specific IPs and/or CIDR in addition, or not, to the IP ranges blocked when setting the enableDefaultBlockedIpRanges parameter to true (for example, --blockedIPRanges.4="127.0.0.0/8" --blockedIPRanges.6="::1/128".)

Note: The whitelistedRange and blacklistedRange parameters are deprecated and should be replaced by the above listed ones.

Proxy configuration

proxyDatadog
Type: String
Default: none
Proxy URL used by the private location to send requests to Datadog (for example, --proxyDatadog=http://<YOUR_USER>:<YOUR_PWD>@<YOUR_IP>:<YOUR_PORT>).
proxyTestRequests
Type: String
Default: none
Proxy URL used by the private location to send test requests to the endpoint.
proxyIgnoreSSLErrors
Type: Boolean
Default: false
Discard SSL errors when private location is using a proxy to send requests to Datadog.

Note: The proxy parameter is deprecated and should be replaced by proxyDatadog.

Advanced configuration

concurrency
Type: Number
Default: 10
Maximum number of tests executed in parallel.
enableStatusProbes
Type: Boolean
Enables the readiness and liveness of private location probes. This enables two endpoints: http://127.0.0.1:8080/liveness and http://127.0.0.1:8080/readiness.
maxTimeout
Type: Number
Default: 60000
Maximum test execution duration for API tests (in milliseconds).
statusProbesPort
Type: Number
Default: 8080
Overrides the port for the private location status probes.

Private root certificates

You can upload custom root certificates to your private locations to have your API and Browser tests perform SSL handshake using your own .pem files. When spinning up your private location containers, mount the relevant certificate .pem files to /etc/datadog/certs, the same way your private location configuration file is mounted. These certificates are then considered trusted CA and used as such at test runtime.

Note: This feature is supported for versions 1.5.3+ of the private location Docker image.

Private locations admin

config
Type: String
Default: /etc/datadog/synthetics-check-runner.json
Path to JSON configuration file.
logFormat
Type: String
Default: pretty
Format log output between "pretty", and "json". Setting your log format to json allows you to have these logs automatically parsed when collected by Datadog.
verbosity
Type: Number
Default: 3
Verbosity level (for example, -v, -vv, -vvv, …).
dumpConfig
Type: Boolean
Default: none
Display worker configuration parameters without secrets.
dumpFullConfig
Type: Boolean
Default: none
Display full worker configuration parameters.
help
Type: Boolean
Default: none
Show help.

Note: Private Location containers output logs to stdout/stderr without saving them within the container.

Further Reading

Additional helpful documentation, links, and articles:

Getting Started with Private LocationsDOCUMENTATION more more Dimension your Private LocationsDOCUMENTATION more more