Setting up Portainer for managing Docker containers

In this guide, I'll explain how to set up Portainer inside docker to manage docker itself. Quite ironic, I know :P.

Portainer hides the complexity of managing containers behind an easy-to-use UI. By removing the need to use the CLI, write YAML, or understand manifests, Portainer makes deploying apps and troubleshooting problems so easy that anyone can do it.

Portainer Community edition has 2 products.

Portainer Server: This is the main portainer service required to manage docker containers.

Portainer Agent: This is a workaround for a Docker API limitation when using the Docker API to manage a Docker environment. The user interactions with specific resources (containers, networks, volumes, and images) are limited to those available on the node targeted by the Docker API request. If you are setting up multiple docker nodes, you will have portainer agents installed on each of those nodes.

We'll be installing Portainer Server Community Edition on Docker in Linux.

Pre Requisites

  1. You need to have Docker installed and set up. Refer to my previous guide on how to do so.
  2. By default, Portainer Server will expose the UI over the port 9443 and expose a TCP tunnel server over port 8000. The latter is optional and is only required if you plan to use the Edge compute features with Edge agents.

Installation

  1. First, we need to create a volume for the portainer where it will store its database.
docker volume create portainer_data

Remember to back up the above volume regularly.

In ubuntu, default path for docker volumes is /var/lib/docker/volumes

You will need sudo or root privileges to access that.

2. Then installing portainer is as simple as

docker run -d -p 8000:8000 -p 9443:9443 -p 9000:9000 --name portainer \
    --restart=always \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    portainer/portainer-ce:latest

Some key points to note.

  • Port 8000 is for connecting the portainer server to the agent. We are not using any portainer agent here. So, you can remove it if you want.
  • Port 9443 is for Portainer https.
  • Port 9000 is for Portainer http.
  • -v portainer_data:/data here portainer_data is the portainer volume we created in the previous step.

In case you want to install in host networking mode like mine,

docker run -d \
    --network host \
    --name=portainer \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    --restart=no \
    portainer/portainer-ce:latest --tunnel-port 8008

Some key points to note.

  • You can change the portainer agent tunnel port via the --tunnel-port command. I did that because I have some other service running on 8000 port.
  • I have set --restart=no since I'm managing containers via systemd. You can refer here on how to do so.

Now you can go over to,

https://localhost:9443 if you are using SSL.

or http://localhost:9000 if you are using HTTP.

Upgrading Portainer

  1. First, stop the container.
docker stop portainer

2. Then, remove the container.

docker rm portainer

3. Then, pull the latest image.

docker pull portainer/portainer-ce:latest

4. Then use the same command you used earlier to deploy the container again.

If you are using bridged network mode.

docker run -d -p 8000:8000 -p 9443:9443 -p 9000:9000 --name portainer \
    --restart=always \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    portainer/portainer-ce:latest

If you are using host network mode.

docker run -d \
    --network host \
    --name=portainer \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    --restart=no \
    portainer/portainer-ce:latest --tunnel-port 8008

That's it. You learned how to deploy and upgrade the portainer on Linux to manage your docker containers.

You can also refer to the portainer official documentation for various other configurations.

In my future guides, I'll be providing mostly the portainer stack files, which are basically docker-compose files, to set up various containers via portainer.