Calls from Quay.io originates from:
50.19.215.206 , 50.17.203.165 , 23.21.56.188 , 23.23.103.69
Please double check IPs by running dig quay.io.
HTTPS allows these calls to be signed and verified.
Quay Workers can live on any part of AWS us-east-1, so receiving calls from arbitrary worker nodes requires allowing all public IP ranges of us-east-1. If need be, this can be done by running curl https://ip-ranges.amazonaws.com/ip-ranges.json | jq -r '.prefixes[] | select(.region=="us-east-1") | .ip_prefix
These calls are also signed with the Quay SSL certificate and can be verified.
nslookup quay-registry.s3.amazonaws.com
sudo watch -d -n1 'netstat -anp | grep -i docker'
Comments
0 comments
Please sign in to leave a comment.