# Deploy Portainer via docker swarm

## Installation Guide

1. Copy the portainer stack on the master node

```bash
curl -L https://downloads.portainer.io/portainer-ee-agent-stack.yml -o portainer-agent-stack.yml
```

2\. Modify the <mark style="color:green;">`portainer-agent-stack.yml`</mark> file with the community edition & remove versions

```bash
# By default
  portainer:
    image: portainer/portainer-ee:<version>
	
# Modify to:
  portainer:
    image: portainer/portainer-ce
```

{% hint style="info" %}
**Note:**

If you have already deployed this it will deploy the EE Database edition that is not compatible with CE

* You will have to delete the portainer data:

#### By Default:

```bash
/var/lib/docker/volumes/portainer_data
```

To avoid this issue modify the volume to be in <mark style="color:purple;">`current working directory`</mark> in <mark style="color:green;">`portainer-agent-stack.yml`</mark>

```yaml
volumes:
      - ./portainer_data:/data
```

{% endhint %}

3\. Deploy the stack

```bash
docker stack deploy -c portainer-agent-stack.yml portainer
```

{% hint style="info" %}
By Default this will install the portainer agent on all the subnodes and should be available on port <mark style="color:orange;">`9000`</mark>
{% endhint %}

4\. Secure with SSL

* Create overlay network

```bash
docker network create --driver overlay portainer
```

* Generate Certificate

```bash
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:4096 -keyout portainer.key -out portainer.crt
```

* Create Secrets for Key and CRT

```bash
# Syntax:
# docker secret create <secret_name> <file_name>
docker secret create portainer.cer portainer.crt
docker secret create portainer.key portainer.key
```

* Modify Swarm file

Example:

```yaml
version: '3.2'

services:
  agent:
    image: portainer/agent
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - /var/lib/docker/volumes:/var/lib/docker/volumes
    networks:
      - agent_network
    deploy:
      mode: global
      placement:
        constraints: [node.platform.os == linux]

  portainer:
    image: portainer/portainer-ce
    command: -H tcp://tasks.agent:9001 --tlsskipverify --ssl --sslcert /run/secrets/portainer.cer --sslkey /run/secrets/portainer.key
    ports:
      - "9000:9000"
      - "8000:8000"
    volumes:
      - portainer_data:/data
    networks:
      - agent_network
    deploy:
      mode: replicated
      replicas: 1
      placement:
        constraints: [node.role == manager]
    secrets:
      - portainer.cer
      - portainer.key

networks:
  agent_network:
    driver: overlay
    attachable: true
  portainer:
    external: true

volumes:
  portainer_data:

secrets:
  portainer.cer:
    external: true
  portainer.key:
    external: true
```

* Run deployment again

```bash
docker stack deploy -c portainer-agent-stack.yml portainer
```

## Resources:

* [Official Portainer installation guide](https://docs.portainer.io/v/be-2.12/start/install/server/swarm)
* [Secure Portainer with SSL](https://documentation.portainer.io/v2.0-be/deploy/ssl/)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.arkannis.net/containerization/docker-swarm/deploy-portainer-via-docker-swarm.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.