Portainer Setup
Debian / Ubuntu
OpenSUSE MicroOS
Overview
Install Portainer to manage containers.
Assumptions
Podman Setup completed.
Logged in as administrative user.
Install Portainer
Setup the Portainer container with Podman.
Connect
Assuming Podman is running rootless, start a MachineCTL shell as the Podman user.
sudo machinectl shell --uid=podmanuCreate Volume
Create a storage volume for the Portainer container. This volumes will be stored on disk at $HOME/.local/share/containers/storage/volumes, in rootless configurations.
podman volume create portainer_dataStart Portainer
Download the latest version of Portainer.
podman pull docker.io/portainer/portainer-ce:latestStart the Portainer container. For rootful configurations, replace the socket definition with /run/podman/podman.sock:/var/run/docker.sock.
podman run -d -p 9443:9443 --name portainer --security-opt label=disable -v /run/user/$(id -u)/podman/podman.sock:/var/run/docker.sock -v portainer_data:/data docker.io/portainer/portainer-ce:latestGenerate Systemd Unit
Generate a Systemd unit file with Podman to control Portainer as a service. Verify the Portainer container is running without issue before generation. Store the unit file in the rootless user’s Systemd directory, $HOME/.config/systemd/user/portainer.service.
podman generate systemd --name portainer --new > /opt/podmanu/.config/systemd/user/portainer.serviceReload the systemctl configuration. For rootful configurations, use sudo and ditch --user.
systemctl --user daemon-reloadControl the Portainer service with systemctl. For rootful configurations, use sudo and ditch --user.
systemctl enable --user portainerApply
Exit the MachineCTL shell of the rootless user.
exitReboot to verify all changes are applied. The enabled Portainer systemctl service should start on boot.
sudo rebootFirewall
Open port 9443 for the Portainer admin interface.
# Firewalld
sudo firewall-cmd --permanent --zone=public --add-port=9443/tcp && sudo firewall-cmd --reload# Ufw
sudo ufw allow proto tcp from any to any port 9443Review the Portainer documentation on ports. Open the necessary ports for features the system is inteded to use.
- TCP port 9443 (or 30779 for Kubernetes with NodePort) for the UI and API.
- TCP port 8000 (or 30776 for Kubernetes with NodePort) for the TCP tunnel server for Edge Agents. This port is optional and only required if using Edge Compute features with Edge Agents.
- TCP port 9001 (or 30778 for Kubernetes with NodePort) must be accessible on the Agent from the Portainer Server instance.
Portainer Dashboard
With the Portainer container running on Podman, and the dashboard port open, connect to Portainer in a browser. Replace 0.0.0.0 with the IP address of the Portainer system. If a custom port was configured, also replace 9443.
When prompted, enter a generated (64 character max) password for the admin Portainer user. Select Create user and the dashboard will redirect to the Quick Setup page.
https://0.0.0.0:9443/
On the Quick Setup page will, the local socket should automatically appear after a few seconds. Should it not appear, verify the socket definition in the Portainer command is correct. Select the local socket environment.
The local Podman system will now be available to Live Connect via Portainer; ready to connect and deploy containers.
Portainer Settings
Some basic initial configuration can be completed once logged in.
General
Navigate to the General tab under Settings in the Portainer menu.
In the SSL cerrtificate section, enable Force HTTPS only, then Save SSL settings.
Authentication
Navigate to the Authentication tab under Settings in the Portainer menu.
Consider decreasing the Session lifetime to 1 hour or 4 hours.
In Password rules, increase the minimum password length to 18 characters.
Errors
Unable to Hash Data
An error may occur when attempting to create the Portainer admin user, this is most commonly because the entered password was too long. The max length for the Portainer password is 64 characters.
Failure
Unable to hash dataReferences
Podman. “Podman Documentation.” 2024. ↩︎
Podman. “Basic Setup and Use of Podman in a Rootless environment.” 2024. ↩︎
Portainer. “Portainer Documentation.” 2024. ↩︎