How to Install Portainer for Docker Management on RHEL 9

November 17, 2025
Linux
Comment off

Portainer is a lightweight, web-based Docker management UI that makes container management accessible without needing the Docker CLI. It provides a graphical interface for managing containers, images, volumes, networks, Docker Compose stacks, and container registries. Portainer Community Edition (CE) is open-source and supports Docker standalone, Docker Swarm, and Kubernetes environments. It is particularly valuable for teams where not all members are comfortable with CLI-based container management, or for quick visual inspection of container status, logs, and resource usage. This guide covers deploying Portainer CE on RHEL 9 as a Docker container with persistent storage, configuring TLS, and a tour of its key management features.

Prerequisites

Docker Engine installed on RHEL 9

Step 1 — Deploy Portainer CE

# Create a volume for Portainer's data
docker volume create portainer_data

# Deploy Portainer CE (listens on port 9443 for HTTPS)
docker run -d 
    --name portainer 
    --restart=always 
    -p 9000:9000 
    -p 9443:9443 
    -v /var/run/docker.sock:/var/run/docker.sock 
    -v portainer_data:/data 
    portainer/portainer-ce:latest

docker ps | grep portainer

Step 2 — Initial Setup

# Open the firewall for Portainer
firewall-cmd --permanent --add-port=9443/tcp
firewall-cmd --reload

# Access Portainer at: https://your-server-ip:9443
# On first access:
# 1. Create an admin password (min 12 characters)
# 2. Select "Get Started" to manage the local Docker environment

Step 3 — Key Portainer Features

# What you can do in the Portainer UI:

# Containers:
# - View all containers (running, stopped, unhealthy)
# - Start, stop, restart, remove containers
# - View real-time logs (equivalent to docker logs -f)
# - Open a console inside a running container (docker exec -it)
# - View resource stats (CPU, memory, network I/O)

# Images:
# - Pull new images from registries
# - Build images from a Dockerfile
# - Remove unused images

# Stacks (Docker Compose):
# - Deploy Compose stacks directly from the UI
# - Paste compose.yaml content or link to a Git repository
# - Update/redeploy stacks with one click

# Volumes/Networks:
# - Browse volume contents
# - Create/remove volumes and networks

Step 4 — Deploy a Stack via Portainer UI

# In the Portainer web interface:
# 1. Navigate to Stacks → Add Stack
# 2. Name: myapp
# 3. Paste your compose.yaml content in the editor
# 4. Set environment variables in the UI (equivalent to .env file)
# 5. Click "Deploy the stack"
#
# Portainer runs:
# docker compose up -d
# transparently behind the scenes

Step 5 — Restrict Portainer Access (Security)

# Portainer has access to the Docker socket — equivalent to root access
# Restrict port 9443 to admin IPs only
firewall-cmd --permanent --remove-port=9443/tcp
firewall-cmd --permanent --add-rich-rule='rule family=ipv4 source address=10.0.0.0/8 port port=9443 protocol=tcp accept'
firewall-cmd --reload

# Or place Portainer behind Nginx with additional auth:
# Only allow connections via VPN or trusted IP ranges

Conclusion

Portainer CE on RHEL 9 provides a zero-configuration Docker management interface accessible through any web browser. The Docker socket mount (/var/run/docker.sock:/var/run/docker.sock) gives Portainer full control over Docker — treat access to port 9443 with the same caution as SSH root access. Portainer Business Edition adds role-based access control (RBAC), Git-based deployment, and enterprise support for teams requiring multi-user environments with different permission levels.

Next steps: How to Install Docker Engine on RHEL 9, How to Deploy Applications with Docker Compose on RHEL 9, and How to Install Podman on RHEL 9.