Docker run connectivity requirements opendxl-node-red-docker

  • Hi,


    Our prod environment is locked down and I have to justify any connections needed. Hence anything installed on build is fine. Installing anything on a run not so much. So I've moved the npm installs to the Dockerfile from the bash script.

    I have built and run the custom docker environment from node-red and I don't see outgoing connections on a run.


    151.101.0.223

    199.232.57.63

    104.16.24.35,104.16.24.35


    When running the opendxl-node-red-docker container I see https connections out to the following IPs. I'm struggling to identify what specifically is going on. They look to be python and npmjs repo requests why are they being carried out at run and not build? Any ideas on what theses connections are would be greatly received? I can the decide whether to ditch, move or allow them.


    EDIT: Checked the package.json and looked at the dependencies. I moved any node-red node-modules into the docker file. I've also removed the python venv from startup.sh. I'm just down to the npmjs registry traffic now.

    Thanks Mark

  • Hi Mark,


    You mentioned that you have moved the node-red modules and python from the startup.sh. After that are you still seeing outgoing connections?


    Let us know if we need to investigate this further.


    Thanks,

    Viji

  • Hi,


    Yes I am to registry.nodejs.com. The container on run still seems to be checking for nodejs packages which is fine as long as I can justify why?

    Thanks Mark

  • Hi,


    Now I've got rid of the node-red base container, I'm hitting pypi as well now to install wheels. I don't want to have two containers around 1G. Would send the packet capture but think there are security implications around that.

    Thanks Mark


    EDIT just realised wrong docker file :) Will grab later