What to people use and recommend for this? I’ve read a bit about portainer, but I’m still learning - and don’t know what the best solutions are.
Today I have a handful of selfhosted services running on my home machine - mostly installed directly, but a couple running as docker containers. As the scale of my selfhosting has grown, I’ve realized that things would be a lot easier to manage if each service was run as its own container, so that installed services are isolated.
The solution I’m looking for would make it easy (possibly a web UI) for me to monitor, modify, update, and remove containerized services, including networking and storage.
Edit: Also I would only want a FOSS solution.
You must log in or # to comment.
Dockhand is great. I haven’t touched Portainer ever since.
https://github.com/Finsys/dockhandThanks, what have you liked about switching to this from portainer?
I concur with the other user: the logs are much easier to access and organized. The compact feel is much more suited to my preference.
I just recently switched from portainer to dockhand and I really like it. The UI is great and the setup and config wasn’t too complicated. I like that I can put both of my servers into one instance and can update all of my containers from dockhand vs manually. The other thing I like is being able to view the logs for my containers. Idk if it’s a me thing, but whenever I would try to view logs in portainer I would never be able to scroll up as it would update and send me back to the bottom. Again, I could’ve just been doing something wrong, but it always bothered me and I don’t have that issue with dockhand.
Uncheck auto update/refresh in top right corner
Thank you
Looks nice but what kind of license is that?
That looks pretty good. Looks like Portainer is getting replaced this weekend.
I personally like dockge, it’s simple and lightweight and I like the fact that the webui has a good phone interface.
Dockhe is awesome. You can edit the docker-compose files from its interface and it makes managing containers very easy.
deleted by creator
Might take a little bit of effort to do a conversion if you’re locked into explicitly how Docker interacts with OCI containers, but over in the Podman camp you have two options.
- Cockpit with the Podman containers interface: a graphical web-based solution for managing podman containers and the rest of the system.
- Podman Quadlets: a config file-based way to manage Podman containers, volumes, pods, networks with custom SystemD units. Great if you want to version control your deployments.
Other than that, the more usable solutions I’ve tried of graphical Docker container management interfaces would be the ones in Unraid and Proxmox, though those solutions may not be suitable depending on your use case and have their own caveats to be aware of.
Im not locked into docker, but it’s what I have experience with so far, and a lot of services seem to have docker installation as a default option.
Do you think those things make it difficult to switch to podman? What are the differences?
Starting with confirmation of what others have said, yes you can use compose tools with Podman and Podman can hook directly with Docker Compose (the tool), but it really isn’t recommended. Compatibility with compose now is better than it used to be, but there are still edge cases. For a lot of projects that just pre-write a compose file that they expect to cover the general use case of their container, you’re best to take the compose file and write it out to Quadlet unit(s).
Other differences not mentioned can include:
- Podman alongside containers has optional pods, which let you wrap multiple containers together, sharing the same IP internally. Useful for having a service and their sidecar containers (e.g. Valkey, Postgres, Meilisearch, etc.) be bundled under the same IP address and simply reference each other as
localhost,127.0.0.1, or::1. If you utilize pods for certain split-container applications, you may need to remap certain service ports as they can overlap and cause binding failures. - Podman has multiple networking modes. If you use Podman at the system level (rootful) like Docker expects you to, you’re not really going to encounter any quirks with the default networking setup. Per-user Podman (rootless) defaults to using the Pasta backend for networking, which is still very highly performant, but is a bit clunky to configure (if ever actually necessary) and inter-pod communication can be difficult to get right. Alternatively, registering rootless pods with a bridge network makes inter-pod communication easy, but can cause problems if accurate source IPs are needed (e.g. upstream reverse proxies, accurate client IP logging, etc.).
- Because Podman is daemonless, there is also no persistent API socket loaded by default (an intentional security choice). For both rootful and rootless containers, you can enable this manually and mount it to containers that need it. For containers that expect docker.sock explicitly for API manipulation, your mount will need to reflect the name change of the podman.socket to what the container expects.
- Podman by default won’t shorthand container pulls from docker.io by default: a sin I see constantly done in so many compose files. When pulling a container from DockerHub, you need to put the
docker.io/prefix, just as you would but the appropriate prefix with Quay, Github, Gitlab, or any other distributor. - Podman can optionally let you auto-update containers based on the release tag specified for the container.
- Because of Podman’s integration with SystemD, a lot of oddball integrations (external cron jobs, one-shot services, etc.) can be pulled together with extra SystemD units (services, timers, etc.).
- Podman alongside containers has optional pods, which let you wrap multiple containers together, sharing the same IP internally. Useful for having a service and their sidecar containers (e.g. Valkey, Postgres, Meilisearch, etc.) be bundled under the same IP address and simply reference each other as
You can use the same containers with Podman, but docker-compose is not recommended with Podman and you rather use Quadlets which integrate nicely with Systemd.
Docker’s main advantage is just being more well known and hence more supported as a default option.
Even then, I feel that this availability of docker compose files is an illusion, due to their verbosity and limitations inherent to docker. Less granular control of permissions, clunkiness in updating images, and multi container stacks feeling like an afterthought.
In pretty much all other ways podman feels superior. Cockpit provides a basic web gui, but quadlets are the main draw. Way easier to configure, explicitly designed for multi containers, and updating all images is a single command.
Roughly, the different ecosystems from least to most complex are:
Docker/Portainer -> Podman/Cockpit/Quadlets -> Kubernetes
Docker Compose and CLI.
As a tinkerer, I have tried Portainer a couple of times, and another similar thing, but I end up never looking at them, and revert to just jumping into the command line. A bonus of this approach is keeping a copy of all my compose files in a repo.
If OP is being drawn to this because they want to know everything’s running, what they’re really looking for is monitoring - probably Uptime Kuma.
Indeed, I’d agree, it is the way I do it
This is the way I figured I’d go down at first, but I’m also curious if there’s a popular solution I could manage remotely in a browser without having to ssh, for example
In your shoes (and, in fact, in mine) I’d try to move away from interactive tools and into file-driven ones.
Personally I use nixos, run WUD (what’s up docker) to be notified of available updates, and manually test/update the containers once in a while (every couple weeks or so?)
There are a bazillion other solutions (from stuff like ansible/chef/puppet, to docker-compose, to kubernetes, to… a hand-written bash script) - the idea is to setup stuff via files that you can version, reference and write comments in rather than using some gui for interactive steps that you’ll forget to document in some wiki.
Monitoring is a whole different beast than configuring: you’ll be probably better off using something that does just that instead of some all-in-one solution. Try looking into something like beszel before going for the full prometheus/graphana stack.
I recently moved from docker compose to podman quadlets. Took a bit of effort, but fully foss, and for me it’s set and forget. Have about 30 containers across about 12 services. Have them set to auto update and it all runs through systemd.
This is the direction I’m headed. Goodbye docker. Quadlets everywhere. Im in the process of converting docker run scripts currently. Any tips or gotchas you can share that you learned?
Permissions were a pain to get right for my volumes and data I migrated. Other than that, It’s really not that complicated, it was just a case of covering my compose files to systemd service files and starting the update timer.
I’d absolutely recommend Kubernetes (k3s/rke2) or podman quadlets. Quadlets are a lot easier to get started with, but are still very flexible.
I’d recommend against using portainer. I tried it quite recently and I did not like it at all. A lot of features are paywalled, and was overall just a frustrating experience. I’ve heard it was a lot better some years ago.
I’ll second podman quadlets. Good security, full integration with systemd, pods allow applications to easily share a namespace, and you can manage graphically through Cockpit if you really want to.
Do you have an example of quadlets you defined that share a namespace?
It’s a function of a “pod” within podman.
I wrote the podman examples for AudioMuseAI using a pod: https://github.com/NeptuneHub/AudioMuse-AI/tree/main/deployment/podman-quadlets
And I have an example *arr suite on my GitHub page: https://github.com/K3CAN/podman-arr-quadlets
systemd integration would be nice
Podman pods (or quadlets) managed by ansible.
Dockge - https://github.com/louislam/dockge
Docker compose with webui and upgrade button.
I’ll second Dockge. It works alongside Docker containers and doesn’t try to shove configs into nonstandard locations and whatnot. Plus if you have multiple Docker instances, you can install Dockge on each of them and link them all together. Very handy.
Thanks, I’ll look into this
try NixOS
all your containers and other services will be managed through one re-usable file
if your server is >= 8GB then proxmox gives a nice interface builtin. i use it to make nixos lxc containers in which i run my containers. which does actually make sense
deleted by creator
you will have to spend a lot of time learning the Nix language
I’d say you shouldn’t use any system (be it nixos, ansible or even bash scripts) if you are not willing to learn it.
That said, I too find pre-made modules less useful that I initially thought when I got into nixos: unless you want to do very basic stuff, a lot of times it’s easier to just generate whatever scripts/configuration files you need directly (using one of the trivial builders in lib or writing a custom derivation) rather than learning how the corresponding nixos module works.
One could say nixos modules make easy things slightly easier, and hard things much harder (this is adapted - possibly imprecisely - from a quote on ORMs, I think by Joel Spolsky).
Those modules usually have .settings option, which maps to the config file
I’ve read a bit about portainer, but I’m still learning
I started with Portainer, and I still use it. It checks all the boxes for me. I would be remiss if I didn’t mention there are other such platforms to manage Docker containers with such as Podman, Dockage, etc. Like I said, I started with Portainer, and I know how to drive that bus, so I stuck with it.
I personally have switched over to Komodo after using portainer for years. Never looking back, I love it. Works perfectly and can do GUI, compose files, and repos for docker. I also have multiple machines running stuff and it let’s me fiddle with everything in one UI.
Ooo that looks nice, I’m using portainer right now, how was the migration?
Honestly, not entirely certain I did it right, but it was super easy. I literally spun up Komodo, spun down Portainer without shutting any of the other containers/stacks down, then added the same stacks back through the GUI option into Komodo with the same exact compose/title/env options. It literally just recognized that the containers that were already running on my server were the correct ones and “added” them back to the stack in Komodo. I vaguely remember reading that there is a more “correct” way to do it, but I only read about it after the fact.
Cool! What makes you prefer this to portainer?
I like the fact that there isn’t a distinction between the community edition and the business edition. Its all the same thing for Komodo, whereas I felt like Portainer had a bunc hof random things locked away behind the “Business Edition” and that just rubbed me the wrong way. If I’m self hosting something, I feel like I should be able to access all portions of it.
The GUI is a little different but once you’re used to it, I feel like it makes more sense for the most part. It has a nice way to connect other machines, so I can monitor all of the different machines in my network that are hosting things. I also wanted to mess around with some of the automation features, but I haven’t had as much time to dick around with that as I would like. I also wanted to start doing stuff from a personal Forgejo, and it was super easy to integrate. (No idea how easy it is on Portainer, as I had already jumped ship at that point)
Portainer had a bunc hof random things locked away
Sounds like a Hassel
I edited my missing line break but I’m leaving this. Its too good.
I was using CLI exclusively for a year or so, but recently added DockMon and it’s helped with updates and at-a-glance management.
If you want robust (and a ton to learn) go with k3s for a lightweight Kubernetes deployment and FluxCD.
If you want simpler go with docker-compose and doco-cd.
With a GitOps workflow you define it all in files in a bit repo then the server automatically deploys and updates. IMHO its much easier to maintain long term than click ops.
