Security settings introduced in Portainer 1.24.1

Hi Portainer Fans...

As you would have no doubt already seen, we recently released Portainer 1.24.1 to address some security concerns raised by an external security professional. Full Credit to Iain Smart for reporting the findings (https://twitter.com/smarticu5).

Let me explain the changes, shown below, and why.

IPv6 Support in Portainer

One of the feature requests we have been putting off for far too long is to add support for IPv6 inside Portainer. We had no real reason for delaying adding this functionality other than a lack of knowledge on our part on how IPv6 worked, and knowing which elements Docker supported for it (and which bits of Docker didnt work well with it).

Finally, this all came to a head, and after some gentle encouragement from our user community, we got cracking and figured out how to make this work.

Docker on Windows Platforms with Portainer – Known Issues

UPDATE as of 29th May, 2020

We have just updated our Windows 10 testing environments to Windows build 2004 (now GA) and Docker Desktop 2.3.0.3, and have re-run the failing tests below using Portainer 1.24.0 with the following results:

Issue 1: Continues as its unrelated to Windows Build or Docker Version
Issue 2: RESOLVED when using WSL2 back-end, but still fails when using HyperV back-end
Issue 3: Continues
Issue 4: Continues

So, in summary, Docker on Windows 10 is now far more reliable when using Linux Containers and WSL2. No known issues at all with this.

Read more 2 Comments

Deploying Portainer on a Windows 2016 or 2019 Swarm Cluster

By popular demand, i will quickly show you the process to get Portainer and the Portainer Agent running in a Docker Swarm environment atop Windows Server 2016 or 2019.

Deploying Portainer and the Portainer Agent to manage a Windows 2016 (1803) or Windows 2019 (1903) Swarm cluster is easy !

This procedure ONLY works if you are running Docker EE 19.03.5 or later, so if you are not, update before continuing.

How does the edge agent work

Now that the edge agent has been released, let me give a brief overview of how it works. Note that deep technical documentation will be made available in the agent repo on github in due course.

In standard deployments, the central Portainer instance and any endpoints it manages are assumed to be on the same network, that is, Portainer and the agents are able to seamlessly communicate to one another.

Read more 1 Comment

Portainer Edge Agent

With the adoption of containers continuing to accelerate, we are seeing deployments of the Docker engine extending beyond the server. Containers are making an appearance in everything from storage devices and Ethernet switches, though to IOT monitoring/control equipment.

Read more 4 Comments

docker.service settings

This week we received an interesting support request, and i thought i might be useful to share..

The user was stating that on their docker deployment, Portainer was unable to connect to /var/run/docker.sock regardless of correctly configuring the CLI command.

Portainer Support Policy

Hi there Portainer community.

As the uptake of Portainer continues to grow, we are faced with having to manage a  commensurate increase in the number of support requests coming in via our official Github page (https://github.com/portainer/portainer).

Being a free and opensource product, means we are heavily reliant on our community to provide "how to" support to our community, however there are times whereby the Portainer team will get involved to investigate reported bugs, or security vulnerabilities.

Using the Portainer Agent

Rather than connecting Portainer to your Docker hosts via the Daemon over TCP, we recommend using the Portainer agent..

To deploy the agent, you have a few options depending on your Docker configuration… let me walk you through these now..

Read more 4 Comments