ddcecc06d4
Release 1.8.0 |
||
---|---|---|
api | ||
app | ||
assets | ||
examples/nginx-basic-auth | ||
test/unit | ||
.dockerignore | ||
.gitignore | ||
.godir | ||
Dockerfile | ||
LICENSE | ||
Procfile | ||
README.md | ||
bower.json | ||
dashboard.png | ||
gruntFile.js | ||
index.html | ||
package.json |
README.md
Portainer
Portainer is a web interface for the Docker remote API.
Supported Docker versions
The following Docker versions are supported:
- full support for Docker 1.10, 1.11 and 1.12
- partial support for Docker 1.9 (some features won't be available)
Run
Quickstart
-
Run:
docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock cloudinovasi/portainer
-
Open your browser to
http://<dockerd host ip>:9000
Bind mounting the Unix socket into the Portainer container is much more secure than exposing your docker daemon over TCP.
The --privileged
flag is required for hosts using SELinux.
Specify socket to connect to Docker daemon
By default Portainer connects to the Docker daemon with/var/run/docker.sock
. For this to work you need to bind mount the unix socket into the container with -v /var/run/docker.sock:/var/run/docker.sock
.
You can use the --host
, -H
flags to change this socket:
# Connect to a tcp socket:
$ docker run -d -p 9000:9000 cloudinovasi/portainer -H tcp://127.0.0.1:2375
# Connect to another unix socket:
$ docker run -d -p 9000:9000 cloudinovasi/portainer -H unix:///path/to/docker.sock
Swarm support
Supported Swarm version: 1.2.3
You can access a specific view for you Swarm cluster by defining the --swarm
flag:
# Connect to a tcp socket and enable Swarm:
$ docker run -d -p 9000:9000 cloudinovasi/portainer -H tcp://<SWARM_HOST>:<SWARM_PORT> --swarm
NOTE: Due to Swarm not exposing information in a machine readable way, the app is bound to a specific version of Swarm at the moment.
Change address/port Portainer is served on
Portainer listens on port 9000 by default. If you run Portainer inside a container then you can bind the container's internal port to any external address and port:
# Expose Portainer on 10.20.30.1:80
$ docker run -d -p 10.20.30.1:80:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock cloudinovasi/portainer
Access a Docker engine protected via TLS
Ensure that you have access to the CA, the cert and the public key used to access your Docker engine.
These files will need to be named ca.pem
, cert.pem
and key.pem
respectively. Store them somewhere on your disk and mount a volume containing these files inside the UI container:
$ docker run -d -p 9000:9000 cloudinovasi/portainer -v /path/to/certs:/certs -H https://my-docker-host.domain:2376 --tlsverify
You can also use the --tlscacert
, --tlscert
and --tlskey
flags if you want to change the default path to the CA, certificate and key file respectively:
$ docker run -d -p 9000:9000 cloudinovasi/portainer -v /path/to/certs:/certs -H https://my-docker-host.domain:2376 --tlsverify --tlscacert /certs/myCa.pem --tlscert /certs/myCert.pem --tlskey /certs/myKey.pem
Note: Replace /path/to/certs
to the path to the certificate files on your disk.
Use your own logo
You can use the --logo
flag to specify an URL to your own logo.
For example, using the Docker logo:
$ docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock cloudinovasi/portainer --logo "https://www.docker.com/sites/all/themes/docker/assets/images/brand-full.svg"
The custom logo will replace the Portainer logo in the UI.
Hide containers with specific labels
You can hide specific containers in the containers view by using the --hide-label
or -l
options and specifying a label.
For example, take a container started with the label owner=acme
:
$ docker run -d --label owner=acme nginx
You can hide it in the view by starting the ui with:
$ docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock cloudinovasi/portainer -l owner=acme
Reverse proxy configuration
Has been tested with Nginx 1.11.
Use the following configuration to host the UI at myhost.mydomain.com/portainer
:
upstream portainer {
server ADDRESS:PORT;
}
server {
listen 80;
location /portainer/ {
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_pass http://portainer/;
}
location /portainer/ws/ {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_pass http://portainer/ws/;
}
}
Replace ADDRESS:PORT
with the Portainer container details.
Host your own apps
You can specify an URL to your own templates (Apps) definitions using the --templates
or -t
flags.
By default, CloudInovasi templates will be used (https://raw.githubusercontent.com/cloud-inovasi/ui-templates/master/templates.json).
For more information about hosting your own template definition and the format, see: https://github.com/cloud-inovasi/ui-templates
Available options
The following options are available for the portainer
binary:
--host
,-H
: Docker daemon endpoint (default:"unix:///var/run/docker.sock"
)--bind
,-p
: Address and port to serve Portainer (default:":9000"
)--data
,-d
: Path to the data folder (default:"."
)--assets
,-a
: Path to the assets (default:"."
)--swarm
,-s
: Swarm cluster support (default:false
)--tlsverify
: TLS support (default:false
)--tlscacert
: Path to the CA (default/certs/ca.pem
)--tlscert
: Path to the TLS certificate file (default/certs/cert.pem
)--tlskey
: Path to the TLS key (default/certs/key.pem
)--hide-label
,-l
: Hide containers with a specific label in the UI--logo
: URL to a picture to be displayed as a logo in the UI--templates
,-t
: URL to templates (apps) definitions