Edge Compute
Last updated
Last updated
To enable and configure Edge Compute functionality in Portainer, select Settings from the menu then select Edge Compute.
To learn how to use our Edge Compute functionality, please refer to the Edge Compute section of this documentation.
In this section you can use the following options to enable and configure Edge Compute functionality within Portainer.
Enable Edge Compute features
Toggle this on to enable Edge Compute functionality including Edge Device features.
Portainer API server URL
Enter the default URL and port of your Portainer Server instance as it will be seen from your Edge environment. If using a FQDN, ensure that DNS is properly configured to provide this. This value can be overridden when manually deploying an Edge Agent. This feature is only available in Portainer Business Edition.
Portainer tunnel server address
Enter the default address and port of your Portainer Server instance's tunnel server as it will be seen from your Edge environment. If using a FQDN, ensure that DNS is properly configured to provide this.
In most cases, this will be the same address as the Portainer API server URL, but without the protocol and on port 8000
.
This value can be overridden when manually deploying an Edge Agent.
This feature is only available in Portainer Business Edition. For Community Edition users, refer to this GitHub issue.
Use separate mTLS cert
Enable this toggle to use a separate mTLS certificate for Edge Agent communication. With this option disabled, Edge Agents will use the same TLS certificate as the Portainer UI. For more information on mTLS read our advanced documentation.
TLS CA certificate
When Use separate mTLS cert is enabled, select and upload the CA certificate for use with mTLS.
TLS certificate
When Use separate mTLS cert is enabled, select and upload the server certificate for use with mTLS.
TLS key
When Use separate mTLS cert is enabled, select and upload the key corresponding to the server certificate.
Enforce use of Portainer generated Edge ID
Enable this option to require that the Edge ID used by an Edge Agent deployment exist within Portainer's database (in other words, have an environment with the matching ID already created) in order to connect.
When you are done, click Save Settings.
This section defines options that apply how Edge Agents sync with the Portainer Server instance.
Edge agent default poll frequency
Select how often Edge Agents in standard mode check in with the Portainer Server instance.
The following options apply to Edge Agents deployed in async mode.
Edge agent default ping frequency
Select how often Edge Agents in async mode ping back to the Portainer Server instance.
Edge agent default snapshot frequency
Select how often Edge Agents in async mode update their snapshot with the Portainer Server instance.
Edge agent default command frequency
Select how often Edge Agents in async mode check with the Portainer Server instance for pending commands.
This section lets you configure access to your Edge Compute environments through the use of the Edge Administrator role. The Edge Administrator role gives a user comprehensive control over Edge resources within all Edge environments, but does not provide full administrative access to the rest of Portainer.
To add a user as an Edge Administrator, select the username from the Select user(s) dropdown and click Create access.
To remove a user from the Edge Administrator role, check the box next to their username in the Edge administrators list and click Remove.
In this section you can configure how automatic Edge environment configuration functions.
Enable Edge Environment Waiting Room
Toggle this on to enable the waiting room feature for Edge devices. This will allow any Edge Device that connects to the Portainer instance to automatically associate with Portainer. We recommend leaving this on (the waiting room enabled).
This section controls the configuration of the Intel OpenAMT functionality in Portainer.
Enable OpenAMT
Toggle this option on to enable Portainer's OpenAMT functionality. This can only be enabled when Enable Edge Compute features is toggled on, and when on will reveal the below fields.
MPS Server
Enter the FQDN or IP address of your MPS server.
MPS User
Enter the username used to connect to your MPS server.
MPS Password
Enter the password for the MPS User defined above. The password must be between 8 and 32 characters and include at least one upper case letter, at least one lower case letter, at least one base-10 digit and at least one special character.
Domain Name
Enter the fully-qualified domain name associated with the provisioning certificate.
Provisioning Certificate File (.pfx)
Click Upload file to upload your PFX-format certificate. The PFX must contain the private key. On AMT 15 based devices you must use SHA2.
Currently supported CAs are Comodo, DigiCert, Entrust and GoDaddy.
Provisioning Certificate Password
Enter the password for the provisioning certificate. The password must be between 8 and 32 characters and include at least one upper case letter, at least one lower case letter, at least one base-10 digit and at least one special character.
When you have finished making changes, click Save Settings.