With over 62 million pulls on the Docker Hub, Portainer is the most popular free and open-source management UI for Docker, with support for single hosts as well as Swarm clusters. Much like the Universal Control Plane (UCP) offered commercially by Docker, Portainer is a single dashboard for administrators to monitor and manage their containerized apps and services.
Portainer, written in Go and Node.js, is incredibly lightweight and has few dependencies besides Docker itself. It runs in a container of its own, either on the same node as your Docker host communicating via a socket, or connected to an external endpoint using TLS authentication.
The Universal Control Plane is designed to work out-of-the-box with Docker EE, but if you don’t have a subscription, you can get many of the same features by installing Portainer on your network. One of the features on Portainer’s roadmap is adding support for Docker-Compose, which UCP already supports. But in many ways, Portainer is working towards feature parity with UCP, such as by adding LDAP authentication support in version 1.14.0.
Below we have summarized the most significant features added to Portainer this year, between versions 1.12.0 to 1.14.0. For a full release log, you can visit Portainer’s Github page.
Multi-User Management and Teams (1.12.0)
In earlier versions, Portainer only supported a single admin login with superuser access to all the resources managed. The arrival of Multi-User Management and Teams will make it much easier to more granularly control which containers each user can manage, in addition to creating and revoking logins as needed.
Native SSL Support (1.13.0)
By default, Portainer listens on port 9000 in plain HTTP. For production use, it used to be necessary to set up a reverse proxy on HTTPS so that any communication between the client and the dashboard would be encrypted. Now with native SSL support, setting up Portainer with a self or CA signed certificate is simple as the following Docker command:
docker run -p 443:9000 -v ~/local-certs:/certs portainer/portainer --ssl --sslcert /certs/portainer.crt --sslkey /certs/portainer.key
HTTP API Documentation (1.14.0)
With the release of version 1.14.0, Portainer has published documentation for its HTTP API, which should be a godsend for developers who are looking to GET and POST data relating to user roles, resource permissions, registries and app templates among other settings from their own applications. For example if you needed to create a dashboard that automatically provisions a containerized app on your Docker host and/or Swarm, you could build upon Portainer’s user management model and pass queries to the Docker HTTP API through the Portainer API.
LinuxServer.io Templates (1.12.3)
Portainer supports app templates, which are a definition of group of containers that provide the services needed for an application. For example, the WordPress app template is a one-click way to launch a PHP web server container linked to a MySQL container from within Portainer.
LinuxServer.io is a well-known maintainer of Docker images for many popular open-source apps including Plex, Transmission, UniFi, LetsEncrypt, SyncThing and more for ARM and x86. The corresponding Dockerfiles are published on their GitHub repo.
By adding LinuxServer.io templates, Portainer makes using Docker apps accessible to even the hobbyist running containers on their NAS or home server.
Ability to Duplicate/Edit/Recreate Containers (1.14.0)
Don’t you wish you could edit the environment variables associated with a container after you create it, or duplicate containers if you need another instance of that microservice? Portainer 1.14.0 added this capability.
On the Container details page, you can edit the launch parameters, clone the container, or even delete and recreate it. In the Docker CLI, you had to docker commit a container to retain its state, and recreate it with the desired parameters. With the new Portainer release, this is taken care of behind the scenes for you.
Registry Management with Authentication (1.13.0)
Many enterprises who are seriously using Docker in production host their own registries for security reasons, instead of using a public registry such as the Docker Hub or Quay.io. Much like a yum or apt-get mirror, someone, perhaps a bad actor inside your organization, could introduce malicious code into an image on your container registry, compromising any systems that pull that image.
Hosting your own registry gives you a lot more control, such as requiring multiple digital signatures before code can be pushed to the repository, and also paves the way for deeper integration with your CI/CD systems.
With registry management and authentication support, Portainer now allows you to pull from a private registry, deploy and manage those containers like you would those pulled from a public registry.
Other Features of Interest
- Add support for Swarm secrets (1.13.2)
- Display mount point in volumes view (1.13.4)
- Add the ability to connect a container to multiple networks (1.13.4)
- Allow to filter and easily view dangling volume (1.13.5)
- Allow to filter and easily view unused images (1.13.5)
- Add the ability to inspect image layers (1.13.5)
To get the latest copy of Portainer, pull it from the Docker Hub or download the binaries from Github. If you’d like to learn how Portainer can accelerate your containerized apps strategy, contact one of our cloud architects today.
