--- description: Install Docker Universal Control Plane. keywords: - install, ucp menu: main: identifier: ucp_ref_install parent: ucp_ref title: install --- # docker/ucp install Install UCP on this Docker Engine. ## Usage ``` docker run --rm -it \ --name ucp \ -v /var/run/docker.sock:/var/run/docker.sock \ docker/ucp \ install [command options] ``` ## Description The 'install' command will install the UCP controller on the local engine. If you intend to install a multi-node cluster, you must open firewall ports between the engines for the following ports: Ports: 443, 12376, 12379, 12380, 12381, 12382 and 2376 or the '--swarm-port' You can optionally use an externally generated and signed certificate for the UCP controller by specifying '--external-server-cert'. Create a storage volume named 'ucp-controller-server-certs' with ca.pem, cert.pem, and key.pem in the root directory before running the install. A license file can optionally be injected during install by volume mounting the file at '/docker_subscription.lic' in the tool. E.g. `-v /path/to/my/docker_subscription.lic:/docker_subscription.lic` ## Options | Option | Description | |:-----------------------------------------------------------|:--------------------------------------------------------------------------------------------------------| | `--debug`, `-D` | Enable debug. | | `--jsonlog` | Produce json formatted output for easier parsing. | | `--interactive`, `-i` | Enable interactive mode.,You will be prompted to enter all required information. | | `--admin-username` | Specify the UCP admin username [$UCP_ADMIN_USER] | | `--admin-password` | Specify the UCP admin password [$UCP_ADMIN_PASSWORD] | | `--fresh-install` | Destroy any existing state and start fresh. | | `--san` `[--san option --san option]` | Additional Subject Alternative Names for certs (e.g. `--san foo1.bar.com --san foo2.bar.com`). | | `--host-address` | Specify the visible IP for this node. | | `--swarm-port "2376"` | Select what port to run the local Swarm manager on (default: 2376) | | `--controller-port "443"` | Select what port to run the local Controller on (default: 443) | | `--dns` `[--dns option --dns option]` | Set custom DNS servers for the UCP infrastructure containers. | | `--dns-opt` `[--dns-opt option --dns-opt option]` | Set DNS options for the UCP infrastructure containers. | | `--dns-search` `[--dns-search option --dns-search option]` | Set custom DNS search domains for the UCP infrastructure containers. | | `--kv-timeout` | Timeout in milliseconds for the KV store (set higher for a multi-datacenter cluster) | | `--kv-snapshot-count` | Number of changes between KV store snapshots (all controllers must use the same value) (default: 10000) | | `--registry-username` | Specify the username to pull required images with [$REGISTRY_USERNAME] | | `--registry-password` | Specify the password to pull required images with [$REGISTRY_PASSWORD] | | `--swarm-experimental` | Enable experimental Swarm features. Note: Use only for install, not join). | | `--disable-tracking` | Disable anonymous tracking and analytics. | | `--disable-usage` | Disable anonymous usage reporting. | | `--external-server-cert` | Set up UCP with an external CA. | | `--preserve-certs` | Don't (re)generate certs on the host if existing ones are found. | | `--binpack` | Set Swarm scheduler to binpack mode (default spread). | | `--random` | Set Swarm scheduler to random mode (default spread). | | `--pull "missing"` | Specify image pull behavior (`always`, when `missing`, or `never`) (default: "missing") | | `--skip-engine-discovery` | Do not configure engine for clustering |