Use Traefik to proxy Edge agent traffic on :8000 to portainer

[robdyke]

Fix for #24

• added Traefik listener on :8000
• added TCP router to Portainer on :8000

[xe-nvdk]

Hi. Thank you for this contribution. I'm not sure about the idea of exposing the port 8000 directly. Have you problems with the current compose to connect Portainer with an Edge endpoint?

[robdyke]

Hi @xe-nvdk This doesn't expose portainer:8000 to the interwebs, it exposes traefik:8000 which routes the TCP to portainer.

(yes, I've had trouble setting up portainer + edge with HTTPS only exposed)

[xe-nvdk]

Hi @xe-nvdk This doesn't expose portainer:8000 to the interwebs, it exposes traefik:8000, which routes the TCP to portainer.

(yes, I've had trouble setting up portainer + edge with HTTPS only exposed)

What problems you had?

Can you make an RP with an alternative name of the file? My idea is have have both options and users pick what fits best for them.

[xe-nvdk]

Please provide this configuration in another file to maintain both versions. Thank you.

[robdyke]

@xe-nvdk happy with this PR?

[xe-nvdk]

Looks good to me. Because I'm not part of the Portainer team anymore. Let's wait for them to merge this PR.

[baskinsy]

Port here should be 9000. Edge agent wants to access the api and port 8000 which is routed by the TCP router below. I had to change the https edge vhost to 9000 to be able to associate it with the portainer server. I still cannot browse the egde endpoint but at least it is associated. With the https router pointing to 8000 (the same with tcp router) the association didn't work.

[baskinsy]

Host rule should be changed to HostSNI otherwise traefik throws an error about "unknown rule".

traefik/traefik#5016

[deviantony]

Trying to figure out what do we need to make progress on this one, it seems that @baskinsy requested some changes that would need to be added here, would you agree @robdyke ?

Also keen to get your opinion on that one too @xe-nvdk :)

[robdyke]

I'll have another look at this and try to incorporate the suggestion about the host rule

…

On Tue, 19 Jan 2021, 03:59 Anthony Lapenna, ***@***.***> wrote: Trying to figure out what do we need to make progress on this one, it seems that @baskinsy <https://github.com/baskinsy> requested some changes that would need to be added here, would you agree @robdyke <https://github.com/robdyke> ? Also keen to get your opinion on that one too @xe-nvdk <https://github.com/xe-nvdk> :) — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#25 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AAHF5AH7LDYI6XI2LXVMKMDS2T7TVANCNFSM4T2U74FQ> .