Setup easy container management with Portainer

This guide will help you setup a webbased ui management tool for managing your docker containers.

Table of Contents

Prerequisites

Guide

  • We will be using portainer as your docker management tool
  • We will store the persistent data of this container into a volume
  • We will assign a fixed IP to this container to we can access this container always on the same IP, and possible expose the ui to the internet
  • We will configure this container for automatic updating
  • Container configuration will be done by docker-compose
  • Portainer Installation Wizard

We are going to create a new volume to hold the portainer persistent storage.
Why are we creating the volume beforehand instead of having docker-compose do this for us ?

As an user you want control and minimize the risk the volume gets removed.
Even so, if the container is deleted we only loose our settings and preferences which we can simply redo.

But remember we are also preparing this container for automatic updating. We don't want to create the situation that the container is automatically updated and for some reason we loose the volume created by docker-compose and as a result we are exposing the portainer installation wizard externally.

To create the required volume, execute the following command as root in a terminal or remotely through SSH.

docker volume create portainer
Create volume for portainer

Now we need to store our configuration somewhere. Create or choose a folder.

Because I'm running on a Synology, I've opted to use /volume1/Docker the default directory which is created by docker on the volume after installation. (this is Synology specific)

In your docker data directory created a folder for portainer here.

mkdir /volume/Docker/portainer
Create folder for portainer

Now we are ready to create the docker-compose configuration for portainer. Inside the newly created folder, create a new file with the name docker-compose.yml this is going to be the configuration for portainer.

version: '3.7'

volumes:
  portainer:
    name: portainer
    external: true

networks:
  synology:
    external: true

services:
  portainer:
    container_name: docker-ui
    image: index.docker.io/portainer/portainer:latest
    restart: always
    command: --admin-password '${ADMIN_PASSWORD}'
    labels:
      com.centurylinklabs.watchtower.enable: 'true'
    networks:
      synology:
        ipv4_address: 172.20.0.2
    environment:
      TZ: Europe/Amsterdam
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer:/data
docker-compose.yml

Explanation

The docker-compose file consists of 3 sections, I will only highlight some important parts of this, for more information please see the docker compose file version 3 reference.

In volumes you will see the reference to the earlier created volume.

In networks you will see the earlier created network from the guide
Docker Network Configuration.

In services you will see a static assigned IP number for this container on the created network.

The label com.centurylinklabs.watchtower.enable: 'true' is part of the guide: Docker: Easy Container AutoUpdate (TODO)

Password: Please change the password between ' to your own

Start

We can start the container with the following commands as root.

cd /volume/Docker/portainer
docker-compose up -d
Start Portainer

Access

If you are not running on a Synology you can now access the portainer UI with your browser at http://172.20.0.2:9000 on the server.

If you are running on a Synology, or a non-GUI server. Then the following options are available.

  • Configure container to expose the portainer UI on the host.
  • Synology: Reverse proxy DNS.

Configure container to expose the portainer UI on the host

This will work for Synology servers and normal servers.

Alter the docker-compose.yml of portainer to include a port mapping between the host and the container.

version: '3.7'

volumes:
  portainer:
    name: portainer
    external: true

networks:
  synology:
    external: true

services:
  portainer:
    container_name: docker-ui
    image: index.docker.io/portainer/portainer:latest
    restart: always
    command: --admin-password '${ADMIN_PASSWORD}'
    labels:
      com.centurylinklabs.watchtower.enable: 'true'
    networks:
      synology:
        ipv4_address: 172.20.0.2
    environment:
      TZ: Europe/Amsterdam
    ports:
      - 9000:9000
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - portainer:/data
docker-compose.yml with host port mapping

This configuration will expose the container port 9000 to the host port 9000.

You can now access the portainer UI by using the IP of the server and port 9000.

http://server:9000

Synology: Reverse proxy DNS

To make portainer externally available we require to setup a reverse proxy.

Please follow guide: Synology: Reverse Proxy and use the following details.

Description: Portainer

Source:

  • Protocol: HTTPS
  • Hostname: docker.mynas.diskstation.me
  • Port: 443

Destination:

  • HTTP
  • Hostname: 172.20.0.2
  • Port: 9000

Of course substitute the Source Hostname with the domain you want.

Portainer Installation Wizard

When the installation wizard asks where if can find the docker you want to connect to choose for Local and the address of the docker socket is /var/run/docker.sock

I hope you enjoyed this guide