Manage Docker with Portainer

Portainer is a platform that really simplify management of docker environments

Portainer runs as a light (4Mb) container on Docker.


Official docs

Mounting the docker unix socket gives the container the full access to create and manipulate the host’s Docker daemon.

# create a volume
docker volume create portainer_data
# run portainer
docker run -d -p 9000:9000 -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer

Test portainer on port 9000. Eventually open the port on the Firewall


Generate certificates

# create a folder to put the keys
mkdir portainer
cd portainer
# make the key
openssl genrsa -out portainer.key 2048
openssl ecparam -genkey -name secp384r1 -out portainer.key
openssl req -new -x509 -sha256 -key portainer.key -out portainer.crt -days 3650

Rerun the container. It is possible to use the standard 443 port so the browser automatically uses https. I choose to leave the 443 free for other services.

docker run -d --name portainer -p 9000:9000 -v ~/portainer:/certs -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer --ssl --sslcert /certs/portainer.crt --sslkey /certs/portainer.key


Docker automatically opens al the ports mapped for the machine. No ufw rule is necessary.


Connect to the host with the browser. Use https if certificates are installed.

On the first run it will ask for a new admin password.


docker start portainer
docker stop portainer