Portainer is a web-based container management software that helps maintain Docker and Kubernetes clusters within the eco-system.


We will be going over how to setup Portainer for Docker, Docker Swarm and k8s.


  • For Docker Compose

  • Docker CLI

    • Step by Step Docker Command Line
        1. Portainer will need a volume, portainer_data, to operate from.
        docker volume create portainer_data
        1. Option A - Community Edition
        • We will have docker pull and run the CE portainer.

          docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ce:latest
        1. Option B - Business Edition
        • BE is the premium commercial licensed version that unlocks all components within the enterprise suite.

          docker run -d -p 8000:8000 -p 9443:9443 --name portainer --restart=always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer-ee:latest
        • If you wish to run the BE/EE version of portainer, setup the CE first, register for the BE key / license and then upgrade.

        • Note: Portainer Business Edition requires a license key ahead of time. They may have a freemium option for up to 5 nodes.


  • Step-by-Step Kubernetes Breakdown
      1. Create the namespace portainer using kubectl. Below is the example command.
          kubectl create namespace portainer
      1. Inside of the namespace,$portainer, use kubectl apply with the official manifest.
          kubectl apply -n portainer -f
      1. The default location will be returned from the manifest, located at port 30777.


  • Setup
    • From Portainer, you must obtain the EDGE_ID and EDGE_KEY , both will be used to help organize the {$EDGE_DEVICE} within the hybrid cloud.
    • For network automation within the {$EDGE_DEVICE} we recommend that you use Consul application from Hashicorp.
    • For service automation within the {$EDGE_DEVICE} we recommend that you use Terraform application from Hashicorp.
    • Finally, after establishing the automation, we use Ansible to execute commands to Terraform,Consul and Portainer.
  • Scale
    • 15000 {$EDGE_DEVICE} with a polling frequency of 5 seconds will generate about 7 mbps of network traffic and require 4 CPUs to handle the encryption / tunnel load, according to Portainer.


  • Docker Compose for Portainer.
This is the docker compose we used that includes labels for Traefik.

This is the edge compose for an edge device.


Official Docs on upgrading Portainer.


For Swarm upgrades, we recommend that you snapshot / backup the container, as well as, make sure everything is stable and up-to-date.

It is recommended that you check the current instances of portainer_portainer and portainer_agent.

For Community Edition, the documentation recommends these following commands:

docker pull portainer/portainer-ce:latest
docker service update --image portainer/portainer-ce:latest --publish-add 9443:9443 --force portainer_portainer

After that was successfully upgraded, then move towards upgrading the portainer agent to the latest version with these commands below:

docker pull portainer/agent:latest
docker service update --image portainer/agent:latest --force portainer_agent

Now that the control center has the updated portainer and portainer agent, go ahead and use portainer to update the agent across the swarms. To do this, you can manually update it via the shell

Kubernetes Agent Upgrade

The current method for upgrade Portainer Agent through AWX would be to execute these following commands:

sudo kubectl delete namespace portainer
sudo kubectl apply -n portainer -f

This will delete the existing portainer agent (which would be under the namespace of portainer) and then re-deploy the newer ce2-16.

However these notes are for Portainer Agent 2.16.1 / 11/18/2022. We will update these once there is another major release.