Install Portainer on Compute Engine with Docker | Ubuntu | GCP

Prerequisites:

You will need the following items to complete this tutorial.

• A Compute Engine (VM) Instance up and running with Ubuntu 20.04.

• Firewalls Rules - Both Ingress and Egress rules.

• Static IP Address for Compute Engine VM Instance.

• Hostname - Fully-Qualified Domain Name.

• Docker Engine Installation on Ubuntu 20.04 LTS.

• Portainer Business Edition (BE) - License (Get 5 Free Nodes)

• Requirements.

• Required Ports

• Accessing the Web Interface.

What exactly is a Portainer?

• Portainer is a term used to describe a container.

• Portainer is a centralized containerized app service delivery platform. A smart, self-service management interface that allows you to distribute containerized apps from the data center to the edge helps speed container adoption and minimizes time-to-value on Kubernetes and Docker.

• Portainer 2.0, which includes support for Kubernetes clusters, was just released. The program is also compatible with Docker Swarm and Azure ACI systems. This article will keep things simple by managing a local Docker installation with Portainer.

• The program is available in two editions: free and open-source CE and commercial Business.

Portainer Community Edition (CE).

• CE is a strong, open-source toolkit with over 500,000 regular users that helps you to effortlessly construct and manage containers in Docker, Docker Swarm, Kubernetes, and Azure ACI.

• Portainer conceals the complexities of container management behind a simple user interface. Portainer makes deploying apps and resolving bugs so simple that anybody can do it by eliminating the need to use the CLI, create YAML, or understand manifests.

Portainer Business Edition (BE).

• Portainer BE is a robust toolset that lets you effortlessly construct and manage containers in Docker, Docker Swarm, Kubernetes, and Azure ACI. It includes features tailored toward enterprises and bigger organizations like Role-Based Access Control, registry administration, and dedicated support.

Minimum Requirements

Persistent storage.

• The Portainer Server requires persistent storage to save the database and configuration information it needs to work. The installation procedure gives a basic storage setup for your platform. Both Docker and Kubernetes provide local (to the node) storage by default. If cluster-wide persistent storage is necessary, Portainer advocate creating it at the infrastructure level (for example, via NFS).

Ports.

• Certain ports must be available to access the UI and API and for the Portainer Server instance and the Portainer Agents to interact. The Portainer Server listens on port 9443 (or 30779 for Kubernetes with NodePort) for the UI and API and exposes a TCP tunnel server on port 8000. (this second port is optional and only required if using Edge Compute features with Edge Agents). Port 9001 is monitored by the Portainer Agents (or 30778 for Kubernetes with NodePort).

Valid configurations.(As per Portainer Website)

• The table below contains all of the configurations that Portainer have tested, validated, and deemed functional. If a variation is not included, it does not imply that it will not function; it only implies that it has not been tried.

Overview

• The Portainer system comprises two parts: the Portainer Server and the Portainer Agent. Both are lightweight containers that run on your existing containerized infrastructure. Each node in your cluster should have the Portainer Agent installed and configured to report back to the Portainer Server container.

• A single Portainer Server may accept connections from any Portainer Agents, allowing many clusters to be managed from a single centralized interface. The Portainer Server container requires data persistence to do this. Data is sent back to the Portainer Server container via the Portainer Agents, stateless.

Step - 1. Create VPC Firewall Rules for Portainer.

Add Ingress firewall rule.

1. Go to the Firewall rules page in the VPC network section in the Cloud Console.

2. Click Create a firewall rule.

3. On the Create a firewall rule page, enter a name and description.

4. In the Targets menu, select Specified target tags.

5. In the Target tags field, enter portainer-firewall (which is the name that you gave in the Network tags field in the previous section).

6. In the Source IP ranges field, enter 0.0.0.0/0.

7. In the Protocols and ports section, select Specified protocols and ports.

8. Select TCP and enter the port: 80, 443, 8000, 9000, 9001, 9443, 30778, 30779

9. Click Create.

VPC Firewall Rules

Add Egress firewall rule.

1. Go to the Firewall rules page in the VPC network section in the Cloud Console.

2. Click Create a firewall rule.

3. On the Create a firewall rule page, enter a name and description.

4. In the Direction of Traffic, choose Egress.

5. In the Targets menu, select Specified target tags.

6. In the Target tags field, enter portainer-firewall (which is the name that you gave in the Network tags field in the previous section).

7. In the Destination IP ranges field, enter 0.0.0.0/0.

8. In the Protocols and ports section, select Allow all.

9. Click Create.

Step - 2. Create a Compute Engine VM Instance with Ubuntu 20.04 LTS

Launch a New VM Instance

• Log in to Google cloud console, and click on the navigation menu. Also, scroll down over to the Compute Engine and choose VM instances.

Create an Instance Interface

• Next, click on "create instance" to launch a new virtual machine, type the instance name (For example, portainer-instance), and choose the region you prefer to launch the VM instance. Next, choose the zone and machine family, series (E2), and machine type(e2-standard-2(2 vCPU, 8 GB Memory)).

Attach a Boot Disk.

Compute Engine VM Instance Boot Disk

• Scroll down until you notice the boot disk, click on change the boot disk, then select the operating system to Ubuntu and choose the version to Ubuntu 20.04 LTS and click on "select " to finalize the boot disk.

Assign a Hostname and Network tag

Compute Engine VM Instance Networking Interface

• Scroll down to the bottom and click on the networking, disk, security, and management option to expand and expand the networking options and add a network tag. For example, cpanel-firewall and a hostname (portainer.incapio.org.in).

Compute Engine VM Instance External IP Interface

• Lastly, scroll down to the network interface, and expand the default field to edit network interfaces. Beneath the External IP, click on the drop-down and choose to create an IP address for the virtual machine instance.

• Then scroll down to the bottom of the page and click on create to deploy the virtual machine instance.

Step -3. Install Docker Engine on Ubuntu.

• Navigate to the virtual machine instances interface, and click on the VM instance (portainer-instance) SSH option to launch the secure shell access and type "sudo su -" and hit enter to switch to root user.

• Install from the repository

• Before installing Docker Engine for the first time on a new host computer, you must first configure the Docker repository. Following that, you may install and update Docker from the repository.

• Create the repository.

• Update the apt package index and install packages to enable apt to utilize an HTTPS repository:

~# apt-get update
~# apt-get install \
    ca-certificates \
    curl \
    gnupg \
    lsb-release

• Insert the official GPG key for Docker:

~# curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

• To configure the stable repository, use the following command.

~# echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

• Install Docker Engine.

• Update the apt package index and install the most recent versions of Docker Engine and containerd, or go to the following step to install a particular version:

~# apt-get update

• To install a specific version of Docker Engine, browse the repo for available versions, then choose and install:(As Portainer Business Edition requires a specific Docker engine version(Refer - Valid Configuration above), we have to find the Docker supported version for Portainer Business Edition.)

• List the versions that are accessible in your repository:

~# apt-cache madison docker-ce

• Output:

root@portainer:~# apt-cache madison docker-ce
 docker-ce | 5:20.10.12~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.11~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.10~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.9~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.8~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.7~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.6~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.5~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.4~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.3~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.2~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.1~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:20.10.0~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.15~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.14~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.13~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.12~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.11~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.10~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
 docker-ce | 5:19.03.9~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
root@portainer:~# 

• Install a specified version, for example, using the version string from the second column.

• 5:20.10.6~3-0~ubuntu-focal

• Syntax:

apt-get install docker-ce=<VERSION_STRING> docker-ce-cli=<VERSION_STRING> containerd.io

• Install Docker Enginer Version(20.10.8):

apt-get install docker-ce=5:20.10.8~3-0~ubuntu-focal docker-ce-cli=5:20.10.8~3-0~ubuntu-focal containerd.io

• Output:

root@portainer:~# docker version
Client: Docker Engine - Community
 Version:           20.10.8
 API version:       1.41
 Go version:        go1.16.6
 Git commit:        3967b7d
 Built:             Fri Jul 30 19:54:27 2021
 OS/Arch:           linux/amd64
 Context:           default
 Experimental:      true
Server: Docker Engine - Community
 Engine:
  Version:          20.10.8
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.16.6
  Git commit:       75249d8
  Built:            Fri Jul 30 19:52:33 2021
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.12
  GitCommit:        7b11cfaabd73bb80907dd23182b9347b4245eb5d
 runc:
  Version:          1.0.2
  GitCommit:        v1.0.2-0-g52b36a2
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0
root@portainer:~# 

Step - 4. Install Portainer on Ubuntu using Docker.

Deployment:

• To begin, build the volume on which Portainer Server will keep its database:

docker volume create portainer_data

• Then, go ahead and download and install the Portainer Server container:

docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ee:latest

• Output:

root@portainer:~# docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v po
rtainer_data:/data portainer/portainer-ee:latest
Unable to find image 'portainer/portainer-ee:latest' locally
latest: Pulling from portainer/portainer-ee
7721cab3d696: Pull complete 
0645e7e2a110: Pull complete 
3ce11b94aaa3: Pull complete 
Digest: sha256:0dcf19ddc8a844ca1868aac48e3985e3a562f91da40c93558a5c7a21d24d5148
Status: Downloaded newer image for portainer/portainer-ee:latest
cf69d1e3a366bae590c92016d0cb0c6c6d69bbd6943655d8e9fb3a4cb4564df9
root@portainer:~# 

• Note: Portainer generates and uses a self-signed SSL certificate by default to protect port 9443. Alternatively, once the installation is complete, we may upload our own SSL certificate using the Portainer UI.

• The Portainer Server is now up and running. You may use "docker ps" to see if the Portainer Server container has started.

• Output:

root@portainer:~# docker ps
CONTAINER ID   IMAGE                           COMMAND        CREATED         STATUS          PORTS                                           
                                                 NAMES
cf69d1e3a366   portainer/portainer-ee:latest   "/portainer"   5 minutes ago   Up 32 seconds   0.0.0.0:8000->8000/tcp, :::8000->8000/tcp, 0.0.0
.0:9443->9443/tcp, :::9443->9443/tcp, 9000/tcp   portainer
root@portainer:~# 

Signing in.

• After the installation is complete, you can access your Portainer Server instance by opening a web browser and visiting to:

• Syntax:

https://vm-instance-external-IP:9443
or
https://yourhostname:9443

• Output:

https://35.225.93.59:9443 
or
https://portainer.incapio.org.in:9443 

Step - 5. Accessing the Web Interface and Initial Set Up.

Initial configuration

• After you've deployed the Portainer Server and went to the instance's URL, you're ready to begin the basic setup.

Making the first user.

• Your initial user will be an administrator. The username is set to admin by default, but you can change it if you wish. 

Portainer Initial Setup

Insert your license key.

• You will then be prompted to enter your license key. You should have received this when you signed up for Business Edition or the free trial.

• Paste the license key you were given into the box and click the Submit button.

Portainer Business Edition License Registration

Using Portainer to connect to your environment.

• The Environment Wizard will immediately run when the admin account has been created. The wizard will assist you in getting started with Portainer.

• The installation procedure automatically identifies and configures your local environment. Click Add Environments to add other environments to manage with this Portainer instance. Otherwise, use the Get Started button to begin using Portainer!.

Conclusion:

Here are some recommended configuration.(As per the Portainer Website)

• On Docker Standalone, you can use your own SSL certificate.

• During installation, use the "—sslcert" and "—sslkey" parameters.

• Upload your certificate (with the chain) and key to the Portainer server, then start Portainer with them referenced. The following command assumes your certificates are in /path/to/your/certs and have the filenames portainer.crt and portainer.key, and bind-mounts the directory to /certs in the Portainer container:

docker run -d -p 9443:9443 -p 8000:8000 \
    --name portainer --restart always \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v portainer_data:/data \
    -v /path/to/your/certs:/certs \
    portainer/portainer-ee:latest --sslcert /certs/portainer.crt --sslkey /certs/portainer.key

Enabling HTTP port.

• If you need to keep HTTP port 9000 open for special purposes, include the following in your docker run command:

-p 9000:9000 

• Syntax

docker run -d -p 9000:9000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ee:latest

Frequently Asked Questions

How to add apps to Portainer?

• Although Portainer supports anonymous DockerHub access, you may need to connect to DockerHub in some scenarios (for instance, private images).

• Select Registries from the menu, click Add registry and choose DockerHub as the registry provider.

How do I upgrade the Portainer?

• You must verify that you have the most recent version of the image locally after removing the previous version of Portainer. You may accomplish this with the docker pull command.

• Finally, install the latest version of Portainer.

How do I put app templates in Portainer?

• Set up Application templates.

• Open Portainer.

• Navigate to the Settings menu.

• For Portainer v2. Enter the URL for the App Templates: https://raw.githubusercontent.com/technorabilia/portainer-templates/main/lsio/templates/templates-2.0.json

• Click on "Save settings"

• You should see the templates if you go to App Templates.

How to link containers in Portainer?

• Select Environments from the menu, then click Add environment. Make sure the Agent option is chosen in the Environment type.

• Select the right operating system for the new environment in the Information section, then click the Kubernetes through the load balancer tab. Copy the command and run it on the Kubernetes cluster's control node.