Connect Portainer Environments Together

Connecting Portainer Environments Together using Portainer Agent

I wanted to join some servers up so that I could get better monitoring and quicker control. I have a Proxmox server in Asia, and an Unraid server in the UK. I’m a big fan of Docker. I run it natively on Unraid, but I also have it installed in a Proxmox LXC (You can read how I did that linked here). For container administration I like to use Portainer. It gives me a quick and easy overview, with the ability to stop and start, remove and create as needed.

Connected Environments
Connected Environments

In this post, I am going to show you how you can join Portainer instances together without the need for port forwards or exposing anything to the wider world (at least outside of a vpn anyway). I will also cover upgrading Portainer Community Edition to Portainer Business Edition (they give you 5 free nodes). This is a seamless update where you don’t lose anything.

Portainer Business Edition

Let’s upgrade to Portainer business edition first. Go to Portainer and apply for a licence here: https://www.portainer.io/pricing/take5


Use Personal Use for company and fill the rest in as required. Within 5-10 minutes, you should receive an email with a really long token.
In my Proxmox/LXC instance, I carried out the following commands:

docker stop portainer
docker rm portainer
docker run -d -p 8000:8000 -p 9000:9000 –name=portainer –restart=always –pull=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ee:2.12.
docker start portainer

Note if your Portainer version is before 2.X then see here for alternative instructions as they differ slightly.

After a moment or so, I navigated to: http://my.server.ip.here:9000
I was met with a screen asking me to paste in the key. I pasted it in fully (mindful not to add trailing spaces), but I was met with an authentication error. I needed to basically clear the cache of the browser and navigate back to the original URL (ip:9000). Once there, I logged in with my username and password, for some reason, I was then able to paste the code directly into the second screen. Maybe you’ll be able to work through without the error, but if it comes up, you know how to fix it!

Ok so we’re now in Business edition and all your containers and stacks should be looking at you as per before. If you’re looking to save some space, remember to remove the old community edition image(s).

docker image prune -y

For Unraid, it was even easier. Remove and delete your existing Portainer-CE app (if you already have it), and then download and install Portainer-BE. I left everything as standard in the template. Once installed, I entered the webgui. Signed in, and pasted in that licence key again. Now we have Portainer-BE installed in both locations, it’s time to join them together.

Connecting Servers

Whilst in Unraid, download and install Portainer-Agent. Again, I accepted the default template settings.

Both Portainer Apps need to be installed
Both Portainer Apps need to be installed

Next, You’re going to want to make sure you’re using Tailscale. If you have never set this up before, you can take a look at my post detailing the steps here.

Once you have Tailscale installed on both servers, make sure they’re authenticated and running. I have Tailscale running in Unraid, and I installed Tailscale at a Host level (not in the LXC) on the Proxmox host. Make sure both instances are updated to the latest and greatest.

Unraid Running Tailscale and Portainer
Unraid Running Tailscale and Portainer

Now go to your master instance (i.e. the main install where you want to see both). In my case, Proxmox. Click on Environments > Add environment

How to connect to another Instance
How to connect to another Instance

Highlight Agent at the top and all you fill in is the Environment URL:9001. Make sure you’re using the Tailscale ip address for the URL. In my case it was 100.101.X.X:9001.
Add the environment, and within seconds, you’re connected.

Click on Home at the top of the Portainer Menu and you now have access to both instances. You’re done. Full access to the remote instance, without port forwarding or messing around with reverse proxies etc. You can stop, start, rebuild containers as you see fit.

To see how to monitor and control the containers from Home-Assistant and Node-red, feel free to check out my walkthrough here.

If you’re wondering why did I upgrade to Portainer business edition, well firstly, they’re offering it free to home labbers, so why not? Secondly here are a list of comparable features here:

Things that caught my eye:

  • Oauth
  • Read only access (especially if I am going to hand it out to things like Home-Assistant for monitoring)
  • Automated backups
  • Auto-pull image latest from registry (the icing on the cake)

YMMV!

If you have any good ideas or additions for Docker, let me know in the comments, or if you have anything cool that you’re working on, think about joining our facebook group to share your inspiration.

https://www.facebook.com/groups/386238285944105

 

If you’re considering a renovation and looking at the structured wiring side of things, or maybe you just want to support the blog, have a look below at my smarthome book, it’s available in all the usual places (including paperback)!

The Smarthome Book
The Smarthome Book

 

Leave a Reply