github
/
portainer
mirror of https://github.com/portainer/portainer
1
0
Fork 0
Code Issues Releases Wiki Activity
Page: Deployment
Pages
Configuration Deployment FAQ Home
8 Deployment
Anthony Lapenna edited this page 2016-09-25 17:55:18 +13:00
Table of Contents

How to deploy Portainer

Here you'll find more information on how to deploy Portainer.

Portainer can be deployed using Docker (recommended way) or by downloading and extracting the Portainer archive.

Using Docker

Running Portainer in a container requires that you expose the port 9000 which is the port where the app will be available.

Using the Docker socket

If you don't specify any target to Portainer, it will try to connect to the Docker engine socket using the path /var/run/docker.sock. In order to work, you'll need to bind mount the socket in the container:

$ docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer

If your host is using SELinux, you'll need to pass the --privileged flag to the Docker run command:

$ docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock portainer/portainer

You can also specify an alternative socket path by using the -H flag and the unix:/// protocol:

$ docker run -d -p 9000:9000 -v /var/run/docker.sock:/docker/docker.sock portainer/portainer -H unix://docker/docker.sock

Connect to a remote Docker engine

In order to connect to a remote host, use the -H flag and the tcp:// protocol:

$ docker run -d -p 9000:9000 portainer/portainer -H tcp://<DOCKER_HOST>:<DOCKER_PORT>

Connect to a Docker engine with TLS enabled

If your Docker engine is protected using TLS, you'll need to ensure that you have access to CA, the certificate and the public key used to access your Docker engine.

You can then use the --tlsverify flag to enable TLS communication with the Docker API. Portainer will try to use the following paths to the files specified previously:

  • CA: /certs/ca.pem
  • certificate: /certs/cert.pem
  • public key: /certs/key.pem

You must ensure these files are present in the container using a bind mount:

$ docker run -d -p 9000:9000 portainer/portainer -v /path/to/certs:/certs -H tcp://<DOCKER_HOST>:<DOCKER_PORT> --tlsverify

You can also use the --tlscacert, --tlscert and --tlskey flags if you want to change the default path to the CA, certificate and key file respectively:

$ docker run -d -p 9000:9000 portainer/portainer -v /path/to/certs:/certs -H tcp://<DOCKER_HOST>:<DOCKER_PORT> --tlsverify --tlscacert /certs/myCa.pem --tlscert /certs/myCert.pem --tlskey /certs/myKey.pem

Without Docker

Portainer binaries are available on each release page: https://github.com/portainer/portainer/releases

Download and extract the binary to a location on disk:

$ cd /opt
$ wget https://github.com/portainer/portainer/releases/download/1.9.0/portainer-1.9.0.tar.gz
$ tar xvpfz portainer-1.9.0.tar.gz

Then just use the portainer binary as you would use CLI flags with Docker.

$ /opt/portainer/portainer -H tcp://DOCKER_HOST:DOCKER_PORT