Created by: Info
Modified on: Thu, 26 Apr, 2018 at 1:17 PM
The Anchore Engine requires two categories of network access:
- Registry Access
Network connectivity, including DNS resolution, to the registries from which the Anchore Engine needs to download images.
- Feed Service
The Anchore Engine synchronizes feed data such as operating system vulnerabilities (CVEs) from the Anchore Cloud Service.
The initial synchronization may take 5 to 10 minutes, based on network speed, after which time the Anchore Engine will download updated feed data at a user configurable interval, by default every 4 hours.
Only a single end point is required for this synchronization, host: ancho.re TCP port: 443
- The Anchore Engine can optionally be configured to download policies created on the Anchore Cloud service. If configured this will use the same host/port as the feed service.
- No data is uploaded to Anchore, the synchronization is one-way.
- An optional on-premises feed service and policy editor is available to commercial users.
- A Network Proxy can be used to provide external connectivity to the Anchore Engine. See: Network Proxy documentation.
Did you find it helpful?
Sorry we couldn't be helpful. Help us improve this article with your feedback.