4.0 KiB
4.0 KiB
Phase 6: Multi-Host Docker Management with Portainer
Overview
Goal: Unified container management dashboard for Unraid Docker.
| Component | Role |
|---|---|
| Portainer CE | Management hub (runs on Unraid) |
| Unraid Docker | Local host via Unix socket |
Note: MikroTik RouterOS containers cannot be managed via Portainer - see Limitation section.
Phase 6.1: Unraid Server Setup ✅ COMPLETED
Goal: Install and configure the Portainer controller.
Tasks
- Install Portainer CE container via Docker CLI
- Configure container settings:
- Network Type: Bridge
- Port Mapping: Container 9000 → Host 9002 (changed due to Authentik conflict)
- Port Mapping: Container 9443 → Host 9444
- Path Mappings:
- Host
/var/run/docker.sock→ Container/var/run/docker.sock - Host
/mnt/user/appdata/portainer→ Container/data
- Host
- Add Unraid labels (
net.unraid.docker.managed,net.unraid.docker.icon) - Add Tailscale labels (
tailscale.expose,tailscale.host,tailscale.port) - Start container
- Initialize Portainer via web UI
Container Configuration
docker run -d \
--name=portainer \
--restart=unless-stopped \
-p 9002:9000 \
-p 9444:9443 \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /mnt/user/appdata/portainer:/data \
--label 'net.unraid.docker.managed=dockerman' \
--label 'net.unraid.docker.icon=https://raw.githubusercontent.com/lllllllillllllillll/Dashboard-Icons/main/png/portainer.png' \
--label 'net.unraid.docker.webui=http://100.100.208.70:9002' \
--label 'tailscale.expose=true' \
--label 'tailscale.host=100.100.208.70' \
--label 'tailscale.port=9002' \
portainer/portainer-ce:latest
Access URLs
- LAN:
http://192.168.31.2:9002 - Tailscale:
http://100.100.208.70:9002 - HTTPS LAN:
https://192.168.31.2:9444 - HTTPS Tailscale:
https://100.100.208.70:9444
Verification
- Portainer container running
- Portainer UI accessible
- Local Unraid environment connected
Phase 6.2 & 6.3: MikroTik Integration ❌ NOT FEASIBLE
MikroTik Limitation
MikroTik RouterOS does not use Docker. It has its own proprietary container runtime that:
- Does NOT have a Docker daemon
- Does NOT expose
/var/run/docker.sock - Does NOT support Docker API
- Can ONLY be managed via RouterOS CLI/API
What Was Attempted
- Created veth interface (
veth-socatat 172.17.0.5) - Added bridge port to
docker-bridge - Created mount for
/var/run/docker.sock - Deployed
alpine/socatcontainer - Added firewall and NAT rules
Why It Failed
socat[2] E connect(, AF=1 "/var/run/docker.sock", 22): No such file or directory
The socket doesn't exist because MikroTik's container system is not Docker-based.
Cleanup Performed
All MikroTik changes were reverted:
- Removed socat container
- Removed veth-socat interface
- Removed docker_sock mount
- Removed firewall/NAT rules
MikroTik Container Management Alternatives
Since Portainer cannot connect to MikroTik, use these methods instead:
1. RouterOS CLI (SSH)
# From Unraid
ssh -i /root/.ssh/mikrotik_key -p 2222 unraid@192.168.31.1
# List containers
/container/print
# Start/stop containers
/container/start 0
/container/stop 0
# View logs
/log/print where topics~"container"
2. WinBox/WebFig
Access MikroTik web interface at http://192.168.31.1 to manage containers via GUI.
3. RouterOS REST API
MikroTik RouterOS 7+ has a REST API that can be used for automation:
GET https://192.168.31.1/rest/container
Current Status Summary
| Component | Status | Access |
|---|---|---|
| Portainer (Unraid) | ✅ Running | http://100.100.208.70:9002 |
| Unraid Docker | ✅ Connected | Via Portainer |
| MikroTik Containers | ⚠️ Separate | Via RouterOS CLI |
Rollback Plan
If Portainer issues occur:
docker stop portainer && docker rm portainer
Related Documents
- 00-CURRENT-STATE.md - Infrastructure overview