- Open Source
A brief overview of how Portainer works under the hood.
The Kubernetes compatible API, which is part of both Porrtainer CE and Portainer BE, allows Portainer to be used as the security conduit between third-party developer tools and clusters. It enables developers to use any tool they like whilst having their access permissions managed by Portainer.
Portainer is tested against Docker on Windows, Docker on Linux/AMD64, Docker on Linux/ARM64, Kubernetes on Linux, and Azure ACI. It is validated against the current version of Docker/Kubernetes at the time of each release as well as being validated on the two prior major versions.
For more detailed information on the platform architecture visit our documentation site.
Portainer is a ‘universal’ container management platform. It can be deployed inside any Kubernetes, Docker or Docker Swarm environment and, once deployed, can be used to simplify deployment of containerized apps, triage performance problems and manage platform governance. It can be deployed on-prem, in the cloud, across hybrid cloud and at the edge, giving users visibility across multiple container environments through a single interface.
Portainer is distro-independent and thus does not allow you to create clusters unless you are a Digital Ocean, Linode or Civo customer, in which case you can now create Kubernetes clusters from within the tool.
The Portainer platform consists of the Portainer Server and the Portainer Agent. Both the Server and the Agent run in containers inside your environment. An instance of the Agent must be deployed on every node in the clusters you want to manage and be configured to talk back to the central Server for Portainer to operate. A different, lightweight version of the Portainer Agent is required for edge / IIOT deployments to communicate back to the server.
For more on deploying the Server and the Agent view our install documentation.
Portainer is accessed through any web browser over HTTPS. Role permission is all controlled via the fully integrated RBAC engine (within Portainer Business), to ensure no one gets access to functionality they shouldn’t have.