docker-cloudflared icon indicating copy to clipboard operation
docker-cloudflared copied to clipboard

Published 20 hours ago verified publisher icon msnelling

Upgrade from legacy mode tunnels

Open realandrew opened this issue 3 years ago • 5 comments

It appears the default config for this runs the tunnels in so-called legacy mode. I pulled the freshest image from Docker Hub and the following is logged to the console when running the image:

INF You are running a Tunnel in legacy mode which will be deprecated. Please use the documentation below to switch to pre-created Tunnels for improved stability and management. INF - To expose applications to the internet create a permanent tunnel as described in https://developers.cloudflare.com/cloudflare-one/connections/connect-apps. INF - If you are running an ad-hoc tunnel from the terminal, add --name NAME flag to cloudflared tunnel command. INF See https://developers.cloudflare.com/cloudflare-one/tutorials/migrate-lb-tunnel for an example of migrating an existing tunnel.

As these will be deprecated, if possible the default config should be updated to use the modern tunnels.

realandrew avatar Dec 15 '21 07:12 realandrew

Thanks @realandrew. Unfortunately I currently don't have too much time on my hands to look into this right now. I'm happy to accept a PR though if you're able to assist.

msnelling avatar Dec 15 '21 08:12 msnelling

I don't know how to turn this into code, but here's what I did to get the Modern Tunnels working.

In Portainer, I changed the entrypoint to 'watch' 'date' so this container would start but without running cloudflared.

I dropped into the shell, and ran the following commands

apk add openrc cloudflared service install [KEY PROVIDED FROM CLOUDFLARE]

(this command was copied and pasted from the cloudflared dashboard. I just removed sudo from the front)

rc-service cloudflared start

The tunnel then showed up as registered on the Zero Trust dashboard on Cloudflare and from there I could start setting up my tunnels.

gabrielwhite avatar Apr 15 '22 20:04 gabrielwhite

Unfortunately, I'm not able to create a PR at the moment either due to time constraints. But I will mention that Cloudflare today sent me an email saying

Beginning on October 1, 2022, Cloudflare will no longer support legacy deployments of Cloudflare Tunnel. [...] In order to avoid service interruption, please take the following actions: Migrate your services to Named Tunnels, a newer deployment model of Cloudflare Tunnel that supports all existing use cases and significantly improves stability. [...] If no action is taken by October 1, 2022 this change will impact all active connections serving traffic in legacy deployments. Any remaining legacy connections on October 1, 2022 will be taken offline and will no longer serve traffic.

So heads up, this docker container will stop working soon unless updated.

realandrew avatar Jul 01 '22 19:07 realandrew

I've started using this other docker image that uses Named Tunnels: https://hub.docker.com/r/erisamoe/cloudflared

gabrielwhite avatar Jul 06 '22 13:07 gabrielwhite

Apologies for my lack of response on these issues, I'm facing the usual time constraints maintaining OSS projects. Right now I only have the bandwidth to simply update the docker image to the latest cloudflared version.

I am happy to accept pull-requests.

msnelling avatar Jul 06 '22 13:07 msnelling