Install UCP for productionEstimated reading time: 5 minutes
Docker Universal Control Plane (UCP) is a containerized application that you can install on-premise or on a cloud infrastructure.
Step 1: Validate the system requirements
The first step to installing UCP is ensuring that your infrastructure has all of the requirements UCP needs to run. Also, you need to ensure that all nodes, physical and virtual, are running the same version of Docker Enterprise.
Step 2: Install Docker Enterprise on all nodes
UCP is a containerized application that requires the commercially supported Docker Engine to run.
Install Docker Enterprise on each host that you plan to manage with UCP. View the supported platforms and click on your platform to get platform-specific instructions for installing Docker Enterprise.
Make sure you install the same Docker Enterprise version on all the nodes. Also,
if you’re creating virtual machine templates with Docker Enterprise already
installed, make sure the
/etc/docker/key.json file is not included in the
virtual machine image. When provisioning the virtual machine, restart the Docker
daemon to generate a new
Step 3: Customize named volumes
Skip this step if you want to use the defaults provided by UCP.
Docker UCP uses named volumes to persist data. If you want to customize the drivers used to manage these volumes, you can create the volumes before installing UCP. When you install UCP, the installer will notice that the volumes already exist, and it will start using them. Learn about the named volumes used by UCP.
If these volumes don’t exist, they’ll be automatically created when installing UCP.
Step 4: Install UCP
To install UCP, you use the
docker/ucp image, which has commands to install
and manage UCP.
Make sure you follow the UCP System requirements for opening networking ports. Ensure that your hardware or software firewalls are open appropriately or disabled.
To install UCP:
Use ssh to log in to the host where you want to install UCP.
Run the following command:
# Pull the latest version of UCP docker image pull docker/ucp:3.2.3 # Install UCP docker container run --rm -it --name ucp \ -v /var/run/docker.sock:/var/run/docker.sock \ docker/ucp:3.2.3 install \ --host-address <node-ip-address> \ --interactive
This runs the install command in interactive mode, so that you’re prompted for any necessary configuration values. To find what other options are available in the install command, including how to install UCP on a system with SELinux enabled, check the reference documentation.
Custom Container Networking Interface (CNI) plugins
UCP will install Project Calico for container-to-container communication for Kubernetes. A platform operator may choose to install an alternative CNI plugin, such as Weave or Flannel. Please see Install an unmanaged CNI plugin.
Step 5: License your installation
Now that UCP is installed, you need to license it. To use UCP, you are required to have a Docker Enterprise subscription, or you can test the platform with a free trial license.
Go to Docker Hub to get a free trial license.
In your browser, navigate to the UCP web UI, log in with your administrator credentials and upload your license. Navigate to the Admin Settings page and in the left pane, click License.
Click Upload License and navigate to your license (.lic) file. When you’re finished selecting the license, UCP updates with the new settings.
Step 6: Join manager nodes
Skip this step if you don’t want UCP to be highly available.
To make your Docker swarm and UCP fault-tolerant and highly available, you can join more manager nodes to it. Manager nodes are the nodes in the swarm that perform the orchestration and swarm management tasks, and dispatch tasks for worker nodes to execute.
To join manager nodes to the swarm,
In the UCP web UI, navigate to the Nodes page, and click the Add Node button to add a new node.
In the Add Node page, check Add node as a manager to turn this node into a manager and replicate UCP for high-availability.
If you want to customize the network and port where the new node listens for swarm management traffic, click Use a custom listen address. Enter the IP address and port for the node to listen for inbound cluster management traffic. The format is
ip:port. The default is
If you want to customize the network and port that the new node advertises to other swarm members for API access, click Use a custom advertise address and enter the IP address and port. By default, this is also the outbound address used by the new node to contact UCP. The joining node should be able to contact itself at this address. The format is
Click the copy icon to copy the
docker swarm joincommand that nodes use to join the swarm.
For each manager node that you want to join to the swarm, log in using ssh and run the join command that you copied. After the join command completes, the node appears on the Nodes page in the UCP web UI.
Step 7: Join worker nodes
Skip this step if you don’t want to add more nodes to run and scale your apps.
To add more computational resources to your swarm, you can join worker nodes. These nodes execute tasks assigned to them by the manager nodes. Follow the same steps as before, but don’t check the Add node as a manager option.