Article directory
Preface
This article mainly introduces how to install Portainer locally and combine it with intranet penetration tools to achieve remote access to the management interface from any browser. Portainer is a lightweight container management tool that can manage and monitor Docker containers through a web interface. It provides a visual interface that allows users to more conveniently manage resources such as Docker containers, images, networks, and data volumes.
The advantage of remote access is that you can easily manage remote Docker containers and images without logging in to the remote server for operations. Through Portainer's web interface, you can intuitively view and manage resources such as containers, images, and networks, and you can also start, stop, delete, and other operations on containers. In addition, Portainer also supports multi-user management and RBAC permission control, which can better ensure the security of the system.
Docker graphical tool Portainer local installation, deployment and remote access
1. Deploy Portainer
For the convenience of demonstration, this example uses docker to deploy a Portainer. First, pull the Portainer image.
docker pull portainer/portainer
Then run the container, where: port 9000 is the Portainer web interface we want to access
docker run -p 9000:9000 -p 8000:8000 --name portainer \
--restart=always \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /mydata/portainer/data:/data \
-d portainer/portainer
After starting, we enter thedocker ps command and you can see the container running Portainer. The status Up means it is running normally
2. Access Portainer locally
After the container runs successfully, we access the Linux port 9000 in an external browser and see the Portainer management interface.
For the first login above, you need to set a new login password. After the setting is completed, you can log in to the management interface and see the container list. The local deployment access is successful. Next, install the cpolar intranet penetration tool to achieve remote access.
3. Linux installation cpolar
Portainer was successfully deployed in local Linux and the LAN access was successful. Next, we installed the cpolar intranet penetration tool in Linux and forwarded the http public network address mapped by the local port through cpolar. We can easily achieve remote access without having to do it ourselves. Register a domain name and purchase a cloud server. The following are the steps to install cpolar
cpolar official website address: https://www.cpolar.com
- Use one-click script installation command
curl -L https://www.cpolar.com/static/downloads/install-release-cpolar.sh | sudo bash
- Add services to the system
sudo systemctl enable cpolar
- Start cpolar service
sudo systemctl start cpolar
After cpolar is successfully installed, access Linux port 9200 on an external browser: [http://LAN ip:9200]. Log in using your cpolar account. After logging in, you can see the cpolar web configuration interface, which is connected to the web management interface. Just configure
4. Configure the Portainer public network access address
Click Tunnel Management - Create Tunnel on the left dashboard to create a Portainer cpolar public network address tunnel!
- Tunnel name: The name can be customized. Be careful not to duplicate the existing tunnel name.
- Protocol: Select http
- Local address: 9000 (port for local access)
- Domain name type: Choose a random domain name for free
- Region: Select China
Click创建
After the tunnel is successfully created, click the status on the left - online tunnel list to view the generated public network access address. There are two access methods, one is http and https
5. Remote access to Portainer via public network
Use the cpolar https public network address above and access it from the browser of any device. You can successfully see our Portainer management interface. Such a public network address that can be accessed remotely is created. The public network domain name of cpolar is used. There is no need to purchase a cloud server yourself, you can publish it to the public network for remote access. You may need to log in again if you log in with a new domain name!
6. Fixed Portainer public network address
Since the tunnel created using cpolar above uses a random public network address, it will change randomly within 24 hours, which is not conducive to long-term remote access. Therefore, we can configure a second-level subdomain name for it. This address is a fixed address and will not change randomly [ps: cpolar.cn has been filed]
Note that you need to upgrade the cpolar package to a basic package or above, and the bandwidth corresponding to each package is different. [cpolar.cn has been registered]
Log in to the cpolar official website, click Reserve on the left, select to reserve the second-level subdomain name, set a second-level subdomain name, click Reserve, and copy the reserved second-level subdomain name after the reservation is successful. Level subdomain name
After the reservation is successful, copy the name of the second-level subdomain name that was successfully reserved.
Return to the cpolar web UI management interface, click Tunnel Management - Tunnel List on the left dashboard, find the tunnel you want to configure, and click Edit on the right
Modify the tunnel information and configure the successfully reserved second-level subdomain name into the tunnel.
- Domain name type: Select a second-level subdomain name
- Sub Domain: Fill in the successfully reserved second-level subdomain name
Click更新(Note, click once to update, no need to submit again)
After the update is completed, open the online tunnel list. At this time, you can see that the public network address has changed and the address name has become a fixed second-level subdomain name.
Finally, we use a fixed public network address to access, and we can see that the access is successful. In this way, a fixed and permanent public network address is set, and the Portainer interface can be remotely accessed anytime, anywhere, improving work efficiency!!
