Portainer System Architecture

A brief overview of how Portainer works under the hood.

Portainer_Illustrations_Data sheets
portainer features_observability

How Portainer Works

Portainer is a ‘universal’ container management platform. It can be deployed inside any Kubernetes, Docker or Docker Swarm environment and, once deployed, can be used to simplify deployment of containerized apps, triage performance problems and manage platform governance. It can be deployed on-prem, in the cloud, across hybrid cloud and at the edge, giving users visibility across multiple container environments through a single interface.

Portainer is distro-independent and thus does not allow you to create clusters unless you are a Digital Ocean, Linode or Civo customer, in which case you can now create Kubernetes clusters from within the tool 

The Portainer platform consists of the Portainer Server and the Portainer Agent. Both the Server and the Agent run in containers inside your environment. An instance of the Agent must be deployed on every node in the clusters you want to manage and be configured to talk back to the central Server for Portainer to operate. A different, lightweight version of the Portainer Agent is required for edge / IIOT  deployments to communicate back to the server.

For more on deploying the Server and the Agent view our install documentation.

Portainer is accessed through any web browser over HTTPS. Role permission is all controlled via the fully integrated RBAC engine to ensure no one gets access to functionality they shouldn’t have. Portainer CE supports basic RBAC with 2 roles and Portainer Busines Edition supports a richer set of roles.