• Sunday, November 30, 2025

Docker represents a robust platform designed for running applications within encapsulated containers. This technology allows you to deploy specific software, such as Redis or MongoDB, or even particular versions of software that might not be natively supported by your operating system or may require specialized compilation. The system provides an integrated extension for Docker, facilitating the execution and management of containers based on various Docker images, whether on a local host or remote servers.

This comprehensive guide will walk you through the process of creating, configuring, and managing Docker containers within the control panel environment. Furthermore, you will learn how to effectively control remote Docker hosts directly from the system interface, ensuring a streamlined workflow for your containerized applications.

Understanding Docker: Core Concepts and Setup

Requirements and System Compatibility

Warning: The Docker extension directly downloads images from Docker Hub without any pre-configuration. It is crucial to understand that some Docker containers or the software within them are intended for trusted environments only and may necessitate additional security configurations. Before deploying these downloaded images, it is essential to enhance their security independently. For detailed instructions, always refer to the documentation provided by the container or software vendor. For instance, security guidelines for Redis are available in its official documentation.
  • Docker is supported on the control panel for the following operating systems: CentOS 7, Red Hat Enterprise Linux 7, Debian 10, Debian 11, Debian 12, Ubuntu 18.04, Ubuntu 20.04, Ubuntu 22.04, Ubuntu 24.04, AlmaLinux 8.x, AlmaLinux 9.x, Rocky Linux 8.x, and Virtuozzo 7 with Update 1 Hotfix 1 (7.0.1-686) or later.
  • On Windows systems, you can utilize Docker installed on a remote machine.
  • It is not possible to use Docker within an environment where the control panel itself is deployed in a Docker container.
  • Docker functions exclusively on x64 architectures.
  • Docker containers managed by the control panel cannot be directly migrated or backed up using standard backup features. However, you can back up the data associated with containers (as detailed in the Volume Mapping section below) or download container snapshots.
  • Virtuozzo 7, with Update 1 Hotfix 1 (7.0.1-686) or later, is fully supported. It's important to note that, starting with this update, newly created CentOS 7-based containers have the firewall enabled by default due to enhanced security measures implemented by Virtuozzo. Administrators must manually configure the firewall to ensure that all necessary ports for proper system operation are open.

Essential Prerequisites for Docker Integration

Before you can begin leveraging Docker capabilities, the Docker extension must be installed on your server.

  • As an administrator, you can install the extension directly from the Extensions Catalog within the control panel interface.
  • Alternatively, if you are a user, please contact your hosting provider and request them to install the extension for you.

Upon successful installation, the Docker option will become visible in the main navigation interface, allowing you to proceed with its functionality.

image docker menu

Managing Docker Containers

Discovering and Running Containers

You can access a vast library of images from Docker Hub within the Run Container catalog. This catalog is your gateway to deploying new applications.

To access the catalog:

  • If you have not previously installed any containers, navigate to Docker > Containers, then click Run Container.
  • If you have existing containers installed, go to Docker > Containers, and click the plus icon image plus icon.

To efficiently locate available images, utilize the search box.

image docker catalog

You can specify the image name, the repository, or both to refine your search results.

The following repositories are available for searching:

  • Local repository: This contains images that have already been downloaded and are currently stored on your server with Docker. For more details, refer to the Handling Local Docker Images section later in this guide.
  • Docker Hub: The official public registry for Docker images.

For each application, multiple versions may be available. You have the flexibility to run a specific version by selecting the appropriate tag from the dropdown menu, as illustrated below:

image docker catalog version

To run a container, follow these steps:

  1. Go to Docker > Containers > Run Container.
  2. Use the search box to find your desired images in the catalog. If an image is stored locally, (local) will be indicated next to its version.
  3. To access the image description and comprehensive documentation on Docker Hub, click the more info icon image expand icon. Please note that this option is not applicable to local images.
  4. Click on the image card to proceed.
    • To run a specific version, select the desired image version from the Image version drop-down menu and click Next.
    • To deploy the latest available version of the selected application, simply click Next.

    The system will then create a container and prompt you to specify its initial settings, such as environment variables. After these settings are defined, the container will commence operation. You have the option to cancel the running process by clicking Cancel on the Settings screen. For an in-depth understanding of these settings, please refer to the Advanced Container Settings section later on this page.

  5. Once you have adjusted the settings to your requirements, click Run. The newly created container will then appear in the list within the Containers tab.
image docker container running

It is advisable to review the Console Log to ascertain if the container is running without any issues.

Configuring Container Settings

Note: You do not need to stop a container to modify its settings. When new settings are saved, the system automatically recreates the container with the updated configuration, ensuring minimal downtime.

To edit the settings of an existing container, navigate to the Containers tab and click the settings icon image settings icon adjacent to the container you wish to modify.

image container settings

Limiting Memory Usage

By default, Docker containers are configured to use an unlimited amount of RAM. To establish a memory usage limit, simply select the Memory limit checkbox and input the desired limit value in megabytes (MB) into the corresponding field. This helps in resource management and preventing a single container from consuming excessive memory.

Note: At present, CPU and Disk usage cannot be directly limited for Docker containers through this interface. Docker containers are considered administrator-level objects and are therefore not governed by subscription-level cgroup limits for CPU, RAM, or Disk usage.

Automatic Start Configuration

If the Automatic start after system reboot option is not enabled, any websites relying on this container might become inaccessible following a system reboot. In such cases, you would be required to manually start the container to restore service.

Port Mapping Management

Typically, Automatic port mapping is enabled by default, which maps the container's internal port to a randomly assigned port on the host system (e.g., 32768). This provides a quick way to get your container running without manual configuration.

To manually adjust the port on the host system, deselect Automatic port mapping and then specify an alternative external port in the Manual mapping field. If the Manual mapping option does not appear after deselecting automatic mapping, it indicates that the container is not designed to expose any ports.

When manual mapping is employed, Docker, by default, binds to the specified port only on the host system's localhost interface (127.0.0.1). This configuration ensures that the port remains inaccessible from the internet, safeguarding the application within the container from external attacks. To allow Docker to bind to the specified port on all network interfaces of the host system, deselect Make the port inaccessible from the Internet. Be aware that enabling this option will make the application inside the container publicly accessible from the internet, reachable via the specified port on any of the host system's IP addresses.

Warning: Docker generally assumes that authentication is handled by the application itself. However, this is not always the case (for instance, while MySQL/MariaDB typically requires authentication, Redis might not by default). Exposing an application within a container to the internet without proper authentication and security measures can make it vulnerable to malicious actors and potential attacks. Always ensure adequate security is in place.

Volume Mapping for Persistent Storage

Docker volumes are essentially directories on your server that are mounted to a Docker container. This mechanism provides a robust solution for persistent storage that can be easily accessed and managed from your host system. Importantly, data stored in Docker volumes is not deleted when you stop or remove a container, ensuring data longevity.

Warning: Data stored within Docker volumes will not be included in standard system backups. To prevent any data loss, it is imperative to back up any critical data stored in a volume using a third-party backup tool or process.

For more comprehensive information regarding data management in containers, please consult the official Docker documentation.

To establish a volume mapping, you need to specify the following details:

  • In the Host field, provide the absolute path to the directory on your server that you intend to mount within the container.
  • In the Container field, enter the absolute path to a directory inside the container where the host directory will be mounted.

To map additional directories, simply click Add one more.

Setting Environment Variables

Environment variables are utilized by the application running inside a container to configure its behavior. You may find it necessary to add new variables or modify existing ones to suit your application's needs. The system allows you to add as many environment variables as required to ensure your application functions correctly.

Performing Operations on Running Containers

You have a range of actions you can perform on your Docker containers:

  • To pause, resume, or restart a container, use the Stop, Start, or Restart actions, respectively. In these scenarios, the container will be recreated using its current settings.

    Note: If you have not configured data persistence using mounted volumes (refer to the Volume Mapping section above), any data generated or modified within the container that is not in a mounted volume will be lost upon stopping or restarting.

  • Click the arrow image down arrow next to a container to view its operational logs and current resource consumption metrics.
  • To modify container settings, such as environment variables or volume mapping, click the settings icon image settings icon next to the container you wish to edit.
  • Rename a container by accessing its settings and modifying the Container name field.

Click the more options icon image more icon next to the container to access additional functionalities, including:

  • Recreating a container, allowing you to use the same image or a different version (Recreate).
  • Creating a new image based on the container's current state and your custom settings (Save as Image).
  • Downloading a snapshot of the container for backup or migration purposes (Download Snapshot).
  • Completely removing a container from your system (Remove).

Recreating Containers for Updates and Changes

The primary reason for recreating a container is typically to update the application within it to a newer version. However, you are not limited to newer versions; you can rebuild a container using any application version available in the catalog, providing flexibility for rollbacks or testing.

Crucially, custom settings applied to your container are automatically preserved during the recreation process. To ensure the persistence of data used by the application inside a container, it is vital to configure volume mapping before initiating a container recreation. Volume mapping allows you to maintain access to directories utilized within a container, thereby safeguarding your data (refer to the Volume Mapping section in container settings for detailed information).

To recreate a container, follow these steps:

  1. Navigate to Docker and click the more options icon image more icon next to the container you intend to recreate.
  2. Select Recreate from the container settings menu. You will then be prompted to specify the desired image version and whether to utilize default environment variables for the new instance.

Utilizing Remote Docker Environments

Setting Up and Controlling Remote Docker Hosts

By default, the system leverages Docker installed as a local service. However, for more flexible deployments, you have the option to integrate and use one or more Docker services deployed externally to the system. It is important to note that you can only actively use one remote Docker service at any given time. The currently active server is always indicated in the Environments tab of the Docker settings page within the control panel.

Configuring Remote Services

To use a remote server with Docker as an external host within the system, you must configure that remote server as outlined in the official Docker documentation, particularly regarding secure connections using HTTPS.

Managing Remote Services

The system allows you to establish and manage secure connections between a local server running the Docker extension and a remote node hosting a Docker service. These steps are applicable for both Linux and Windows environments where the control panel is installed.

These initial configuration steps must be performed on the remote host machine:

  1. Create the /etc/docker/daemon.json configuration file for Docker with the following content: 
    {
  "hosts": ["tcp://0.0.0.0:2376", "unix:///var/run/docker.sock"],
  "tls": true,
  "tlsverify": true,
  "tlscacert": "/root/ca.pem",
  "tlscert": "/root/server-cert.pem",
  "tlskey": "/root/server-key.pem"
}
  2. Prepare the necessary .pem files for secure communication. You can use the following example commands. Remember to replace the IP address on line 4 with the actual IP address of your remote node, and execute each command sequentially: 
    openssl genrsa -aes256 -out ca-key.pem 4096
openssl req -new -x509 -days 365 -key ca-key.pem -sha256 -out ca.pem
openssl genrsa -out server-key.pem 4096
openssl req -subj "/CN=192.0.2.1" -new -key server-key.pem -out server.csr
openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out server-cert.pem
openssl genrsa -out key.pem 4096
openssl req -subj '/CN=client' -new -key key.pem -out client.csr
openssl x509 -req -days 365 -sha256 -in client.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out cert.pem
chmod 0400 ca-key.pem server-key.pem key.pem
chmod 0444 ca.pem server-cert.pem cert.pem
  3. Execute the following commands to modify the current Docker service, ensuring it starts automatically after host configuration changes: 
    cp /lib/systemd/system/docker.service /etc/systemd/system/
sed -i 's/\ -H\ fd:\/\///g' /etc/systemd/system/docker.service
systemctl daemon-reload
systemctl restart docker
  4. Save the outputs of the following files from your remote host onto your local machine. These will be used by the client to establish a remote connection: 
    cat key.pem
cat cert.pem
cat ca.pem

Once the remote host is configured, proceed to configure the Docker remote host on your local server:

  1. Go to Docker > Environments.
  2. Click Add Server image plus icon and provide the necessary settings for the remote server hosting Docker.
  3. To immediately begin using this Docker service within the control panel, ensure that Set active remains selected.
image docker add remote node

The link to this Docker environment will subsequently appear in your Navigation Pane.

To switch between different Docker services:

  1. Navigate to Docker > Environments.
  2. From the list of available servers, select the Docker node you wish to activate and click Set Active.

Alternatively, you can designate a Docker node as active directly while editing its settings.

image remote docker hosts

Working with Docker Images

Creating Custom Docker Images

Should you make modifications to a running container and wish to preserve these changes as a new, reusable image, the Save as Image command is invaluable. This function effectively creates a snapshot of your container, which then appears as a new, custom image in your image catalog. This allows you to generate images pre-configured with your specific settings, including environment variables, ensuring consistency across deployments.

To create an image from one of your existing containers:

Go to Docker > Containers, click the more options icon image more icon next to the target container, and then click Save as Image. In the Save <container name> as Image side panel, you will need to specify the following:

  • Image name: A descriptive name for your new custom image.
  • Optional Tag: You can specify a version for your image here. By default, if no tag is provided, the version will be set to "latest".

The newly created image will then be listed in the Images tab and will be clearly marked as a Local image.

Handling Local Docker Images

Local images are Docker images that are stored directly on your local disk, eliminating the need to download them from an online image catalog each time you want to use them. These images offer faster deployment and can be customized to your specific needs.

An image becomes local under the following circumstances:

  • When you select any version (tag) of an image, and the download process begins. Even if you subsequently run a container or cancel the operation on the Settings screen, the downloaded image is saved locally.
  • If you upload an image to Docker within the control panel interface via the Upload image option in the Docker Images tab.
  • When you create a custom image directly from an existing container (as described in the Creating Custom Docker Images section).
  • If you have built an image using the command line interface.

To download an alternative version of an image from the online catalog, click the Pull icon image pull icon, choose the desired version from the drop-down menu, and then click Pull.

If Docker already has at least one downloaded version belonging to a group of image versions, that image will be identified as a Local image in the catalog. The system also conveniently displays how many local images are available for a particular product.

image docker local images

To inspect and manage your local images, including removing outdated versions:

  1. Navigate to Docker > Images.
  2. Utilize the Search bar to quickly locate a specific local image.
  3. To view all local images associated with a particular product, click the link located beneath the product name. This will display all local images' tags and the disk space they currently occupy.
image remove outdated images
  1. Select the specific image(s) you wish to remove and click Remove.

Integrating Docker with Web Services

Configuring Nginx as a Proxy for Docker Containers

Many Docker containers expose specific ports to enable access to the applications running within them. When integrating a Dockerized application with your website, it can be inconvenient for users to constantly specify a non-standard port in the URL. To enhance user experience and simplify access, you can configure Nginx to proxy requests from your domains to these internal container ports, allowing domains to utilize standard web ports (such as 80 or 443) without explicit port specification in the URL.

Requirements for Nginx Proxying:

  • Nginx must be actively running on your server.
  • You must manually map the internal port of your Docker container to a specific port on the host system (e.g., 32768).

To manually map the port inside a container, follow these steps:

  1. Go to Docker > Containers and click the settings icon image settings icon next to the container you intend to configure.
  2. Disable Automatic port mapping.
  3. Manually map the internal port of the container to a specific port on your system (for example, 32768). You have the option to make this mapped port inaccessible from the internet for added security.

Once the container port is mapped, you can set up Nginx to proxy requests from your domains to this host port, enabling domains to use a standard Nginx port (e.g., 80). To achieve this, you need to add a proxy rule within the domain settings.

To add an Nginx proxy rule in the domain settings:

Go to Websites & Domains > [your domain] > Docker Proxy Rules > Add Rule and specify the following parameters:

  • URL: Define the URL of the website that will be utilizing an application running in a Docker container. This can be either the main website URL or a specific path within it.
  • Container: Select the Docker container that hosts the application you want to proxy.
  • Port: Choose one of the port mappings that you previously specified in the container settings (an internal container port mapped to a host system port). Nginx will then proxy incoming requests to this designated host system port.
image docker nginx rule

Proxy rules are seamlessly integrated into the web server configuration, typically found in the website’s Nginx configuration file (e.g., nginx.conf located in /var/www/vhosts/system/$domain/conf/):

#extension docker begin
location ~ ^/.* {
    proxy_pass http://0.0.0.0:9080;
    proxy_set_header Host             $host;
    proxy_set_header X-Real-IP        $remote_addr;
    proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
}
#extension docker end

These proxy rules are designed to function effectively even on servers situated behind Network Address Translation (NAT).

Note: Docker containers connected to a website via Proxy Rules typically do not contribute to the subscription’s reported disk space usage. An exception occurs if a website directory is mounted to a Docker container as a volume; in this specific scenario, all files located within that container will be accounted for in the website’s disk space usage calculation.

Deploying Applications Using Docker Compose

The system provides robust support for deploying applications defined by Docker Compose YAML files. You can deploy these configurations through an online text editor, by uploading a file from your local storage, or by selecting a Docker Compose file already present within a website's home directory. Standard operations on Docker Compose stacks are fully supported, including up (which encompasses pull and force-recreate), stop, and down. Furthermore, you retain the flexibility to modify and update your deployed stacks after their initial creation.

Note: This section is specifically for deploying Docker Compose YAML files and does not support the deployment of Dockerfiles or other application-specific build files.

To deploy a Docker Compose file:

  1. Navigate to Docker > Stacks > Add Stack.
  2. Provide a project name for your stack and then choose one of the following methods for deploying your Docker Compose file:
    • Editor: Directly define or paste the content of your Docker Compose file into the provided text editor.
    • Upload: Upload a Docker Compose file from your local storage.
    • Webspace: Select a Docker Compose file that is already stored within a domain's Home directory. For this option, you will first choose the domain where the file is located, and then browse to the specific Compose file location.

You have the capability to declare and build custom containers as part of your Docker Compose deployment. Any artifacts generated during the build process will be conveniently placed inside the respective website's Home directory.

For more detailed information regarding the Docker Compose file format and its capabilities, please refer to the official Docker documentation.

Enhancing Docker Management with Portainer

Portainer is an intuitive container management software designed to simplify the deployment and administration of containers and stacks. It provides a user-friendly interface for viewing container statuses and logs, creating and managing users and teams, securing your Docker environments, and much more.

To install Portainer, go to Docker > Install Portainer. Once the installation is complete, you can access and manage your Portainer containers directly within the Docker interface by navigating to Docker > Go to Portainer.

Note: Portainer integration is currently offered as a beta feature.

For additional information and comprehensive guides on using Portainer, please consult the official Portainer documentation.

Back