agent
agent copied to clipboard
portainer
switching to edge agent
Is there a guide available how one would switch to the edge agent? We currently have a Swarm setup running with the regular agent. I'd love to switch the agent to edge, but I can't redo all permissions setup on existing stacks, etc.. Any migration paths?
Hi @till
There is no migration guide on how to migrate from the regular agent to the Edge agent. The two agent modes were designed for different use cases, may I ask what makes you wanna migrate from the regular agent to the Edge mode?
@deviantony we are managing a lot individual docker or swarm setups with a single instance of portainer. So that seems more scalable in EDGE mode.
Also looks like I can have different keys per setup with edge, while regular agents would share agent secrets.
Add to that, I like the idea of not exposing a port. See my other ticket.
Hello, I'm on the same boat here in my company. We started our Docker Swarm adventure last year with Portainer and the integrated Agent setup in a Swarm stack. Then, we started to grow faster and more than expected and we ended-up having multiple clusters in Swarm mode. Each of these initially with their own Portainer + Agent stack.
Of course, we didn't realise in due time how this would not scale well in terms of management logistics and now I'm migrating our multi-Portainer setups to a unified Portainer setup with multiple Edge agents.
Similar to @till , the main reason to use the Edge Agent in contrast to, for example an Agent using AGENT_SECRET, is the ability to have different secrets per Swarm cluster.
An alterantive solution would be for Portainer to be configurable per-endpoint in the GUI with individual Agent Shared Secrets to use instead of an application-wide environment variable as is today. Unfortunately this is not possible at the moment. Also, ideally, the Agent should be able to read a dedicated Agent Shared Secret from a Swarm secret (i.e. a file) instead of an environment variable so we do not need to embed it into our stacks.
Given that none of the ideals described above are currently available, the next best thing is the Edge Agent.
Therefore, like @till , I'm currently figuring out a way to migrate our existing stacks to the new Edge Agent endpoints. Fortunately, our user control is not complex (yet) so the really critical part is to migrate the stacks themselves. I'm planning to do a dirty direct BoldDB editing of the unified Portainer to accomplish this. Wish me luck!
And as I have said many times, thanks for Portainer, is a really great piece of management software 👍
@hhromic this is also still on my list to test/verify. If you happen to figure out what you need to edit in the boltdb to "migrate" stacks. Can you share? :)
@till of course!
From my initial assessment, the trick here will be to align the endpointId values where relevant. For instance, all existing stacks will have endpointId set to the current standard agent endpoint number.
So, my initial idea is this. In the running Portainer, add the new edge agent endpoints which will get their own new Id in the database. Then, shutdown Portainer and edit the boltdb. Now we should change all references of endpointId from the old endpoint Id to the new one.
After this, I plan to restart Portainer and verify that now the stacks belong to the newly added endpoint. After that, the old traditional agent endpoint should be safe to be removed.
Probably the same can be done with all other object types in the Portainer boltdb.
Also, ideally, the Agent should be able to read a dedicated Agent Shared Secret from a Swarm secret (i.e. a file) instead of an environment variable so we do not need to embed it into our stacks.
Just for the sake of completeness, there is an existing issue already for this, but not yet addressed: #127