Skip to main content How to create Edge Agent with Nginx and Cloudflare ? : r/portainer
r/portainer icon
Go to portainer

How to create Edge Agent with Nginx and Cloudflare ?

I have two oracle server, master and agent. Both of them are using Ubuntu 22.04. Now I want to use master server's portainer to manage docker of agent server.

First, I use Cloudflare to manage my domain, for example, mydomain.com, and my SSL/TLS encryption mode is Full (Strict), that means I've my own public-key, private-key and origin-pull-ca. The portainer.myadmin.com is for portainer on master server. Image-Cloudflare

The following statement is on Master server:

  1. I use docker-compose to create Nginx server via Nginx Proxy Manager and portainer

Nginx Proxy Manager 

version: '3.8'
services:
  npm:
    image: jc21/nginx-proxy-manager:latest
    restart: unless-stopped
    ports:
      - 80:80
      - 443:443
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    healthcheck:
      test: ['CMD', '/bin/check-health']
      interval: 10s
      timeout: 3s

networks:
  default:
    external: true
    name: scoobydoo

Portainer 

version: '3.8'

services:
  portainer:
    image: portainer/portainer-ce:latest
    container_name: portainer
    privileged: true
    restart: always
    security_opt:
      - no-new-privileges:true
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - ./portainer-data:/data

networks:
  default:
    external: true
    name: scoobydoo

2. I use UFW on master and agent server for manage firewall, the following log is UFW rule on Master server

UFW 

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)

3. I've created the reverse proxy via Nginx Proxy Manager for Portainer on master server

Image-Domain

Image-SSL

Now, the following statement is on Agent server:

  1. docker-compose for portainer_edge_agent 

version: '3.8'

services:
  portainer_edge_agent:
    image: portainer/agent:latest
    container_name: portainer_edge_agent
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
      - /:/host
      - portainer_agent_data:/data
    environment:
      - EDGE=1
      - EDGE_ID=#####
      - EDGE_KEY=#####
      - EDGE_INSECURE_POLL=1

volumes:
  portainer_agent_data:

2. UFW

UFW 

Status: active

To                         Action      From
--                         ------      ----
OpenSSH                    ALLOW       Anywhere
OpenSSH (v6)               ALLOW       Anywhere (v6)

Thanks in advance !!

Try Out the Print Solution That IT Pros (Literally) Swear By
Learn More
vasion.com
Thumbnail image: Try Out the Print Solution That IT Pros (Literally) Swear By
Sort by:
Best
Open comment sort options

are you just not able to get the edge agent to accociate with the server?

Exactlly !!

More replies More replies

any updates here? I got the same problem and a similar setup. My edge agent wont stablish the connection to the portainer server.

Nope, still cannot get any connection

More replies More replies