docker/ucp install

Estimated reading time: 3 minutes

These are the docs for UCP version 1.1

To select a different version, use the selector below.

Install UCP on this Docker Engine.


docker run --rm -it \
  --name ucp \
  -v /var/run/docker.sock:/var/run/docker.sock \
  docker/ucp \
  install [command options]


The ‘install’ command will install the UCP controller on the local engine. If you intend to install a multi-node cluster, you must open firewall ports between the engines for the following ports:

Ports: 443, 12376, 12379, 12380, 12381, 12382 and 2376 or the ‘–swarm-port’

You can optionally use an externally generated and signed certificate for the UCP controller by specifying ‘–external-server-cert’. Create a storage volume named ‘ucp-controller-server-certs’ with ca.pem, cert.pem, and key.pem in the root directory before running the install.

A license file can optionally be injected during install by volume mounting the file at ‘/docker_subscription.lic’ in the tool. E.g. -v /path/to/my/docker_subscription.lic:/docker_subscription.lic


--debug, -DEnable debug.
--jsonlogProduce json formatted output for easier parsing.
--interactive, -iEnable interactive mode.,You will be prompted to enter all required information.
--admin-usernameSpecify the UCP admin username [$UCP_ADMIN_USER]
--admin-passwordSpecify the UCP admin password [$UCP_ADMIN_PASSWORD]
--fresh-installDestroy any existing state and start fresh.
--san [--san option --san option]Additional Subject Alternative Names for certs (e.g. --san --san
--host-addressSpecify the visible IP for this node.
--swarm-port "2376"Select what port to run the local Swarm manager on (default: 2376)
--controller-port "443"Select what port to run the local Controller on (default: 443)
--dns [--dns option --dns option]Set custom DNS servers for the UCP infrastructure containers.
--dns-opt [--dns-opt option --dns-opt option]Set DNS options for the UCP infrastructure containers.
--dns-search [--dns-search option --dns-search option]Set custom DNS search domains for the UCP infrastructure containers.
--kv-timeoutTimeout in milliseconds for the KV store (set higher for a multi-datacenter cluster)
--kv-snapshot-countNumber of changes between KV store snapshots (all controllers must use the same value) (default: 10000)
--registry-usernameSpecify the username to pull required images with [$REGISTRY_USERNAME]
--registry-passwordSpecify the password to pull required images with [$REGISTRY_PASSWORD]
--swarm-experimentalEnable experimental Swarm features. Note: Use only for install, not join).
--disable-trackingDisable anonymous tracking and analytics.
--disable-usageDisable anonymous usage reporting.
--external-server-certSet up UCP with an external CA.
--preserve-certsDon’t (re)generate certs on the host if existing ones are found.
--binpackSet Swarm scheduler to binpack mode (default spread).
--randomSet Swarm scheduler to random mode (default spread).
--pull "missing"Specify image pull behavior (always, when missing, or never) (default: “missing”)
--skip-engine-discoveryDo not configure engine for clustering
install, ucp