- Cockpit: GUI administration for Linux - Thu, May 25 2023
- Install and configure Traefik on Docker - Mon, May 8 2023
- Traefik: Reverse proxy for Docker - Thu, Apr 20 2023
This article is based on Portainer (v2.17.0) running in Docker Desktop (v4.16.2)
Single GUI for all Docker container environments.
One of Portainer's main selling points is that it provides you with a single pane of glass for all your container environments. Your containers may be sitting on-prem or in the cloud, on Docker Swarm or in a plain Docker environment. Portainer allows you to view them all from one application. You can move from environment to environment, make changes, and monitor the state of your estate without having to hop from one admin user interface (UI) to another.
For example, as you can see in the screenshot below, Portainer allows you to connect to Kubernetes, Nomad, and Azure, in addition to the other Docker environments.
Listing possible Portainer environments
As a plus, you do not have to worry about the nuances of the underlying platforms, provided you can connect to them via Portainer.
You can back up and restore the state of Portainer, as shown in the screenshot below, so your single pane does not have to be reconstructed from scratch every time you want to set up GUI-based administration.
Backing up Portainer
Portainer vs. Docker Desktop
Docker Desktop has a pesky limitation. You cannot start a fresh container without visiting the command line. With Portainer, though, you can perform all the common container management tasks from the GUI. It allows you to specify more advanced configuration options as you work with your containers and related resources. For example, from the container creation screen, you can specify whether to always pull newer versions of images and select a registry to search for images.
Configuring a container during creation
You also get fine-grained control over environment variables, network specifics, the restart policy, and enabled capabilities. Check out some of the configurable options in the screenshot below to get a feel for the power Portainer makes available to you.
Setting advanced container options
You can also take deep dives into the state of running containers, monitor resource usage, and regulate resource consumption by containers without having to leave the Portainer interface. The best part is that you can do all this without having to know the underlying commands. From the screenshot below, you can see some of the common actions Portainer allows you to perform. For example, you can create, list, start, restart, stop, and inspect containers.
Viewing the list of available containers
Portainer for Kubernetes
In addition to handling Docker containers, Portainer allows you to manage your Kubernetes environment. For example, you can set up Portainer to allow your developer team to manage their application containers on their own. You can create applications, assign resources to them, and manage scaling and the rollout of updates from Portainer.
One difference between Portainer for Kubernetes and Portainer for Docker is the built-in kubectl shell. The shell allows you to drop down to the terminal and get more hands-on. You still do not have to memorize all the kubectl commands, but you can go beyond the limitations of the GUI if you so desire. Portainer still provides novice-friendly means of managing Kubernetes resources, such as helm charts and volumes. Take a look at the shell in the screenshot below.
Using Portainers built in kubectl shell
Built-in access control and logging
Kubernetes does not come natively with access control. Portainer, on the other hand, does. Managing your containers with Portainer gives you automatic role-based access control (RBAC). You can create users and teams and assign roles to them, effectively restricting the management of specific resources to specific users and teams. You get added security through identity and access management that works seamlessly with the underlying container platform.
Creating a user
Portainer also gives you access to a log of activities performed as you manage your estate, allowing you to trace changes to when they occurred if troubleshooting is needed. You get to know who performed an action on your containers, which is useful in the event of an audit.
Built-in GitOps Integration
GitOps has been trending in the DevOps world for the past few years—and for good reason. Git provides simplified collaboration and code versioning. The ability to trigger actions in your container environment due to changes in your Git repository opens up additional avenues for automation. With Portainer, you can hook container management into your CI/CD pipeline with built-in GitOps integration using Stacks.
For example, you can build and deploy a new image any time there are changes in the repository hosting your manifests or Compose files. The screenshot below is a snippet of what Portainer provides for GitOps configuration options in a Docker-based environment.
Setting up Portainer for GitOps for Docker
Portainer limitations
With all its goodness, Portainer has a few downsides.
For example, even though Portainer has tried to make container management as painless as possible, seasoned administrators will have to pass through extra hoops to perform day-to-day administration. If you know the right commands, it is always going to be more straightforward to type in a full command than to move from page to page, looking for the right GUI option to alter. This is more of an issue when working with Docker than with Kubernetes.
For the highly skilled engineer, getting access to only what Portainer allows instead of to the whole underlying platform can be a curse instead of a blessing. Portainer is not the way to go if you are seriously looking to master all the details of Docker.
The fact that Portainer sits on top of other platforms and abstracts away their complexities means you have to deal with Portainer's limitations as well as the limitations and bugs of the underlying platform. Some of the bugs are only present due to the presence of multiple layers. For example, there is a known issue that occurs when Portainer is used with Docker from Synology. Take Portainer out of the way, and this issue disappears.
Subscribe to 4sysops newsletter!
Conclusion
Portainer has established itself as one of the most complete GUI-based container management dashboards. If you are new to the container space or a seasoned pro looking for a simpler way to manage Docker containers or your Kubernetes environment, Portainer is worth a look.
Very informative post, particularly for people who are new to docker. Thank you for sharing.