Firewall changes for Red Hat container image pulls

Firewall changes for Red Hat container image pulls

book

Article ID: KB0071586

calendar_today

Updated On:

Products Versions
TIBCO BusinessWorks Container Edition All

Description

This change from Red Hat side will have an impact on any BWCE customers who are using Red Hat Linux for creating base Docker images.

The Red Hat container image registries are changing, and this means you may need to adjust firewall settings. Please be sure to make this adjustment by May 1, 2023.
Currently all image manifests and filesystem blobs are served directly from registry.redhat.io and registry.access.redhat.com. The coming change will mean filesystem blobs are served from Quay.io instead.

Issue/Introduction

Firewall changes for Red Hat container image pulls

Environment

Red Hat Linux

Resolution

To avoid problems pulling container images, you will need to allow outbound TCP connections (ports 80 and 443) to these hostnames:

    •    cdn.quay.io
    •    cdn01.quay.io
    •    cdn02.quay.io
    •    cdn03.quay.io

This change should be made to any firewall configuration that specifically allows outbound connections to registry.redhat.io or registry.access.redhat.com. After making this change you will be able to continue pulling images from registry.redhat.io and registry.access.redhat.com as before.

Refer the below link for complete details.

Additional Information

1. Firewall changes for container image pulls
https://access.redhat.com/articles/6999582
 
Powered by Wolken Software