Install Portainer with Docker Swarm on Linux
These instructions are for Portainer Community Edition. For Business Edition, please refer to the Business Edition documentation.
Prefer a video guide?

Introduction

Portainer consists of two elements, the Portainer Server and the Portainer Agent. Both elements run as lightweight Docker containers on a Docker engine. This document will help you deploy the Portainer Server and Agent containers on your Linux environment. To add a new Linux Swarm environment to an existing Portainer Server installation, please refer to the Portainer Agent installation instructions.
To get started, you will need:
  • The latest version of Docker installed and working
  • Swarm mode enabled and working, including the overlay network for the swarm service communication
  • sudo access on the manager node of your swarm cluster
  • By default, Portainer will expose the UI over port 9443 and expose a TCP tunnel server over port 8000. The latter is optional and is only required if you plan to use the Edge compute features with Edge agents.
  • The manager and worker nodes must be able to communicate with each other over port 9001.
The installation instructions also make the following assumptions about your environment:
  • Your environment meets our requirements. While Portainer may work with other configurations, it may require configuration changes or have limited functionality.
  • You are accessing Docker via Unix sockets. Connecting via TCP is not supported in Docker Swarm.
  • SELinux is disabled on the machine running Docker. If you require SELinux, you will need to pass the --privileged flag to Docker when deploying Portainer.
  • Docker is running as root. Portainer with rootless Docker has some limitations, and requires additional configuration.
  • You are running a single manager node in your swarm. If you have more than one, please read this FAQ entry before proceeding.
  • If your nodes are using DNS records to communicate, that all records are resolvable across the cluster.

Deployment

Portainer can be directly deployed as a service in your Docker cluster. Note that this method will automatically deploy a single instance of the Portainer Server, and deploy the Portainer Agent as a global service on every node in your cluster.
First, retrieve the stack YML manifest:
curl -L https://downloads.portainer.io/portainer-agent-stack.yml -o portainer-agent-stack.yml
Then use the downloaded YML manifest to deploy your stack:
docker stack deploy -c portainer-agent-stack.yml portainer
By default, Portainer generates and uses a self-signed SSL certificate to secure port 9443. Alternatively you can provide your own SSL certificate during installation or via the Portainer UI after installation is complete.
Portainer Server and the Agents have now been installed. You can check to see whether the Portainer Server and Agent containers have started by running docker ps:
[email protected]:~# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
59ee466f6b15 portainer/agent:2.11.1 "./agent" About a minute ago Up About a minute portainer_agent.xbb8k6r7j1tk9gozjku7e43wr.5sa6b3e8cl6hyu0snlt387sgv
2db7dd4bfba0 portainer/portainer-ce:2.11.1 "/portainer -H tcp:/…" About a minute ago Up About a minute 8000/tcp, 9443/tcp portainer_portainer.1.gpuvu3pqmt1m19zxfo44v7izx

Logging In

Now that the installation is complete, you can log into your Portainer Server instance by opening a web browser and going to:
https://localhost:9443
Replace localhost with the relevant IP address or FQDN if needed, and adjust the port if you changed it earlier.
You will be presented with the initial setup page for Portainer Server.
Copy link
Edit on GitHub