docker

Deploying Portainer on Proxmox VE with an LXC Container

Decker

2 min read
Deploying Portainer on Proxmox VE with an LXC Container
Photo by Ian Taylor / Unsplash

Deploying Portainer on Proxmox VE with an LXC Container

by [Your Name], May 10, 2025

Managing Docker environments via the command line can be powerful—but having a sleek, web-based GUI takes it to the next level. Portainer is a lightweight management UI that lets you easily administer your containers, images, networks, and volumes. In this guide, we’ll walk through deploying Portainer inside an LXC container on Proxmox VE, from template download all the way to securing your installation.

Prerequisites

  • A Proxmox VE host (any recent version, e.g., 7.x or 8.x)
  • Access to the Proxmox web UI and CLI
  • Internet connectivity for the LXC container
  • Basic familiarity with Linux command-line and Docker

1. Download an LXC Template

  1. Log in to the Proxmox web interface.
  2. Navigate to Storage → select your template storage (e.g., local or local-lvm) → Content.
  3. Click Templates, search for Debian 12 (bookworm) or Ubuntu 22.04 LTS, and hit Download.

2. Create the LXC Container

  1. Select your Proxmox node in the left pane and click Create CT.
  2. General
    • Hostname: portainer
    • Root Password: choose a secure one
  3. Template: pick the Debian/Ubuntu template downloaded above.
  4. Root Disk: 4–8 GB (default is fine).
  5. CPU & Memory: 1 vCPU, 512 MiB RAM (adjust as needed).
  6. Network:
    • Interface eth0 bridged to vmbr0 (or your bridge).
    • Use DHCP or assign a static IP.
  7. Click Finish to create.

3. Install Docker in the LXC

Open a console to your new container (via web UI or pct enter <CTID>) and run:

apt update && apt upgrade -y
apt install -y \
  apt-transport-https \
  ca-certificates \
  curl \
  gnupg \
  lsb-release

# Add Docker’s official GPG key and repo
curl -fsSL https://download.docker.com/linux/$(. /etc/os-release; echo "$ID")/gpg \
  | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] \
  https://download.docker.com/linux/$(. /etc/os-release; echo "$ID") \
  $(lsb_release -cs) stable" \
  | tee /etc/apt/sources.list.d/docker.list > /dev/null

# Install Docker Engine
apt update
apt install -y docker-ce docker-ce-cli containerd.io

# Enable and start Docker
systemctl enable docker
systemctl start docker
docker --version

4. Launch Portainer

With Docker up and running, set up Portainer:

# Create a persistent volume
docker volume create portainer_data

# Run Portainer CE
docker run -d \
  --name portainer \
  --restart=always \
  -p 9000:9000 \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v portainer_data:/data \
  portainer/portainer-ce:latest

# Verify
docker ps

5. Initial Configuration

  1. In your browser, go to http://<CONTAINER_IP>:9000/.
  2. Create an admin user (e.g., admin + strong password).
  3. Environment Setup: choose Local to connect to the Docker socket.
  4. You’re in—welcome to Portainer’s dashboard!

6. Post-Install Recommendations

  • Secure with SSL: front Portainer with Nginx or Traefik and Let’s Encrypt.
  • Backups: schedule snapshots of portainer_data (e.g., via a cron job or Proxmox backup hooks).
  • Resource Scaling: monitor CPU/RAM and adjust LXC limits in Proxmox as your workload grows.
  • Image Scanning: integrate security scanners (e.g., Anchore or Aqua) to vet your Docker images.

Conclusion

By deploying Portainer inside an LXC on Proxmox, you combine Proxmox’s lightweight virtualization with Docker’s containerization and Portainer’s intuitive GUI—giving you a robust yet flexible platform for hosting and managing your container workloads. Happy containerizing!

Read more