I’ve deployed a new docker host due to my first host hitting the upper limits of what I could run without affecting performance of the services it is serving for me. I already had Portainer running on my first host for management and I didn’t want to have to deploy another Portainer container to manage the new host as it’d complicate management for me and just mean more resources would be taken up than necessary. I knew that Portainer could manage multiple docker hosts so I decided I would try it out and see whether I could get it running without compromising security of either of my hosts.
I found that to setup Portainer without compromising on security, my 2 hosts would need direct network access to each other so that they can communicate without traversing the internet. I am hosting my docker instances within Vultr (here is $100 credit with Vultr if you’re interested in signing up: https://www.vultr.com/?ref=8916306), so I jumped into the management of the 2 server instances and enabled the Private Network between the hosts. You can see a screenshot below of where to find this if you’d like to do this yourself.
I checked the current IP addresses of the server after enabling the Private Network to find the interface that I needed to configure with the below command.
I was able to see from here, that the interface that will have access to the private network was not yet configured. You can confirm for yourself by looking for something like the below command. Confirm the MAC address matches what is shown in the Vultr portal. You will need this MAC address later.
I created a yaml file using the below command so that I could configure the interface with the private IP which Vultr has assigned in the portal. You may be doing this on your own network at home etc so you can full in the IP address that is appropriate for your own environment.
sudo nano /etc/netplan/10-ens7.yaml
Once I was within the yaml file, I entered the below configuration template and replaced the MAC address with the address which was shown above in the screenshot and the relevant IP address supplied by Vultr.
I was now ready to apply this configuration to the interface. Run the below command to apply the configuration and then check the interface is now showing the address which was configured.
sudo netplan apply
I repeated these steps on the second host and then confirmed that I could ping between the two docker hosts as you can see below.
I was now ready to add the second docker host into my Portainer instance. Browse to the endpoints on the homepage of Portainer.
Select “Edge Agent” as the environment type, give it a name and fill in the “Portainer server URL” with the internal IP address of your Portainer host along with port 9000 and hit “Add Endpoint”.
Select “Docker Instance” from the tabs along the top of this page and copy the docker config from the below screenshot. You will now need to run this on your second docker host (the one you wish to add to your existing Portainer instance). Ensure that you run this with sudo if you’re not running as root.
Once that’s been deployed, you will see a new container that’s been created on the second host. Grab the IP address of the second host, return to the Portainer page we were on and enter it’s IP address into the below location in the screenshot and update the endpoint. You will now be ready to check whether this is working.
Browse to your Portainer home and you will now see your second host with a healthy heartbeat. You can now click into this second Docker host and manage it as you normally would.