Portainer

From Zombi Wiki
Revision as of 20:41, 28 April 2020 by Madmaurice (talk | contribs) (Created page)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
     
Portainer

status: stable

Description Docker Web Frontend
URL  https://10.0.0.1:9000
Maintainer  User:Madmaurice
Authentication  LDAP

Portainer is a web-frontend for Docker. It consists of one central Portainer Instance and one Portainer Agent for any server the Portainer instance is not running on. After login you can create, start, stop, restart as well as remove docker containers. Portainer allows to specify one or more maintainers per docker container, which are granted full managing rights on said container, without granting access to the full docker environment.

How to use

Just login with your LDAP credentials via https://10.0.0.1:9000/, which is only reachable through the VPN.

Get access to containers / Become admin

After logging in for the first time, ask your trusty portainer administrator to add you to the list of administrators or the list of maintainers of one or more docker containers.

Setup

Portainer Instance

  1. Create a named volume portainer_data for persistent configuration
    docker volume create portainer_datay
  2. Start Portainer instance with docker.sock to be able to control Docker on the host where Portainer is running on. Add certs as a volume as well as the flags ssl, sslcert and sslkey for ssl support.
    docker run -d -p 9000:9000 -p 8000:8000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data -v /etc/ssl/private:/certs portainer/portainer --ssl --sslcert /certs/cert.pem --sslkey /cert/cert.key

Portainer Agent

  1. Run the following on the target host
    docker run -d -p 9001:9001 --name portainer_agent --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v /var/lib/docker/volumes:/var/lib/docker/volumes portainer/agent
  2. Add the server as an endpoint in the Portainer Instance using ip or hostname and port 9001