Portainer and remote portainer edge agent on vps

SoulAssassin · February 16, 2022, 3:24pm

Hi!

Guys could someone explame me please, how I can expose the 8000 default edge port correctly via Traefik for connection between Portainer and remote edge agent?

Here is my yaml for portainer host:

http:
  routers:
    portainer:
      service: portainer
      rule: "Host(`portainer.host.com`)"
      entryPoints:
        - websecure
      tls:
        certresolver: myresolver

  services:
    portainer:
      loadBalancer:
        servers:
          - url: "http://192.168.140.30:9000"

As I understood from agent's log, my vps is trying to connect via ws, I'm had tryed to add edge.host.com with the same settings and 8000 port, trying to add xforwardproto but without results, any suggestion?

SoulAssassin · February 16, 2022, 3:33pm

Oh seems I found the solution, but need to check it...

SoulAssassin · February 16, 2022, 8:55pm

I solved it with the next steps:

Add edge router:

http:
  routers:
    portainer:
      service: portainer
      rule: "Host(`portainer.host.com`)"
      entryPoints:
        - websecure
      tls:
        certresolver: myresolver

    edge:
      service: edge
      rule: "Host(`edge.host.com`)"
      entryPoints:
        - websecure
      tls:
        certresolver: myresolver

  services:
    portainer:
      loadBalancer:
        servers:
          - url: "http://192.168.0.30:9000"

    edge:
      loadBalancer:
        servers:
          - url: "http://192.168.0.30:8000"

This step is related to the peculiarities of the implementation of agent-server communication, this will probably be fixed in the next releases, I will leave it here if someone has the same need to add the ability to communicate with the agent to the server using wss:

2.1 At server side is need to create environment via edge agent but without adding
2.2 Need to decode the base64 encoded join token like:
https://portainer.host.com|portainer.host.com:8000|aa:bb:cc:dd:ee:ff:00:00:00:00:00:00:00:00:00:00|1 via https://www.base64encode.org
2.3 Now need is modify edge (second) value in the url, add https, fix host and remove port like this:
https://portainer.host.com|https://edge.host.com|aa:bb:cc:dd:ee:ff:00:00:00:00:00:00:00:00:00:00|1
2.4 Next is back to https://www.base64encode.org and encode new token back to url base64 format
2.5 Now can add new environment with a new token at agent side

That's it.

system · February 19, 2022, 8:55pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Custom entrypoints not working Traefik v2 (latest) docker , tcp , middleware , udp	8	205	February 1, 2024
Setting a traefik reverse proxy domain as the portainer edge agent API server URL Traefik v2 (latest) docker	4	142	January 22, 2024
Traefik v2.5 no redirecting to portainer portal Traefik v2 (latest) docker , middleware	7	4352	June 30, 2022
Traefik and rport (non-docker) Traefik v2 (latest) tcp	10	818	February 13, 2023
Traefik + Portainer Traefik v2 (latest) docker , tcp	3	1572	October 5, 2023

Portainer and remote portainer edge agent on vps

Related Topics