Using Portainer on QNAP

technology english

QNAP supports containers using its own Container Station, which is great to get some containers up and running fairly quick, but ...

That is why some people, like me, want to use another Docker GUI for managing the containers, one is Portainer. Using the Container Station, Portainer is quite simple to be installed, but I struggled getting Portainer talking to QNAPs docker implementation. After I have figured it out, it was straight forward, but for everyone else struggling - let me help out.

Create Portainer Container

I assume that QNAPs Container Station is already installed and running, otherwise activate it in the App Store.

  1. Hit the Create button on the left menu and search for portainer.
  2. Hit Create once again on the portainer/portainer image found.
  3. Using the Advanced Settings define a shared folder. Mount a volume from host and define the mount point /data for it. This makes your configurations persistent.
  4. Also adjust the network settings. If you keep them default, portainer is available via http://NASIP:9000

Prepare Container Station as Portainer Endpoint

Portainer needs to talk to the Container Station docker implementation, this is done using TLS via specific port on your NAS IP. We need to make some adjustments in the background to make this work and export the certificates.

  1. In the Container Station open Preferences > Docker Certificate
  2. Download the certificate to your PC by clicking the Download button
  3. Use an appropriate tool to unzip it.
  4. Upload the files to your NAS. Use the File Station or any available share
  5. Login to the NAS via SSH using the admin user
  6. Create the directory by execute mkdir -pv ~/.docker
  7. Copy the files from the share/folder to this directory cp /yourfolderwithfiles/ ~/.docker/
  8. After this execute export DOCKER_HOST=tcp:// DOCKER_TLS_VERIFY=1

This is also described on the Docker Certificate site, slightly different but you should get the idea and the process.

Add the Container Station as an endpoint to Portainer

Adding the Container Station as an endpoint took some time to figure out, but it is easier then I thought at the end. First time logging in to Portainer you need to create an admin user. After that Portainer needs an endpoint to connect to.

  1. Choose Docker environment or Remote Docker
  2. Define a name
  3. The endpoint URL is the one from the EXPORT command, like with the port included
  4. Keep the public IP empty
  5. Turn on TLS and choose TLS with server and client certificate
  6. Now we need the certificates stored on the computer to be uploaded. Choose the files as stated below
    • TLS CA certificate == ca.pem
    • TLS certificate == cert.pem
    • TLS key == key.pem
  7. Click Add endpoint

portainer configuration

Happy Portainer!

Riley Porter got in contact with me and wrote the following very useful additional information

Hello Herbert,

I have been using portainer for awhile now. It works so much better than container station. However, something that has really bothered me was accessing additional network interfaces via the docker images.

I have TS-1277 that has 4 network interfaces. However for some reason portainer (docker) only shows up 1 interface. I have figured out how to add the other interfaces to show up as networks in portainer.

ssh to your qnap nas and enter this command. Replace IoT with whatever you want there. Also if you run ifconfig you can see what your interface names (ethx) and substitute as necessary.

docker network create IoT --driver qnet --ipam-driver qnet --ipam-opt iface=eth0

I have a few things going on, on this network. I have my own DHCP server serving out IP's so I dont need to specify a network range. Also, not super important but I am able to get VLAN's working on this interface as well.

So I am just leaving this here if anyone else gets stuck on how to add additional networks to specific interfaces.

Previous Post Next Post