Container Providers¶
A Container Provider is an integration that allows you to manage container environments (e.g., Docker Swarm, Kubernetes) within the platform. It centralizes configuration, certificates, secrets, and images to simplify deployment and operations.
Note
When a Container Provider is created in Reemo, it is disabled by default and must be explicitly enabled by an instance administrator.
Overview¶
To access your configured providers, navigate to the Admin area and select Container Providers from the menu.
The Container Providers list displays:
Name: identifier chosen by the administrator.
Type: technology used (e.g., SWARM).
Multi-cluster: deployment across one or more clusters.
Visibility: Public or Private.
State: Enabled or Disabled.
Test: connectivity validation button.
List of Container Providers¶
Deployment Architecture¶
Reemo supports two architectures to connect your containers:
Direct mode (Swarm / Kubernetes): Reemo communicates directly with your cluster’s API. This requires your cluster to be reachable from the Reemo infrastructure (via a public IP, a VPN, or strict whitelisting). This mode is covered in the Creating a Container Provider section below.
Appliance mode (Hybrid): A local connector is installed on your network and initiates an outbound connection to Reemo. This is the ideal solution for isolated on-premise environments.
Direct mode architecture¶
Appliance / hybrid mode¶
Comparison: Direct vs. Appliance Mode¶
To help you choose the right architecture for your infrastructure, here is a quick comparison of the two modes:
Feature |
Direct Mode |
Appliance Mode |
|---|---|---|
Network Flow |
Inbound: Reemo Cloud initiates the connection to your cluster. |
Outbound: The local Appliance initiates a secure tunnel to Reemo. |
Security |
Requires an open inbound port (or VPN/IP Whitelisting). |
No inbound ports required. Works behind NAT and strict firewalls. |
Setup Complexity |
Low: Instant connection via API (no local agent needed). |
Medium: Requires the installation of a lightweight Appliance. |
Best For… |
Public Cloud (AWS, GCP, Azure) or internal lab environments. |
Secure On-premise infrastructures, DMZ, or high-security networks. |
Tip
If your IT policy strictly forbids any inbound traffic from the internet, the Appliance Mode is the recommended (and often only) choice to ensure full connectivity without compromising security.
Visibility: Public or Private¶
A Container Provider can be defined with two visibility modes:
Public: automatically accessible by all organizations, without additional configuration.
Private: reserved for specific organizations. You must explicitly associate it from the relevant organization’s menu. For more information, see Associating a private provider.
This distinction makes it easy to share global resources (Public) or reserve specific environments for certain organizations (Private).
Multi-Clustering¶
Multi-clustering allows multiple clusters to be linked to a single Container Provider, enabling workload distribution or redundancy according to various deployment scenarios.
This mechanism provides better resilience and scalability for container environments, depending on the chosen strategy.
Two operating modes are available:
Mode |
Description |
|---|---|
Active / Active |
All clusters are active simultaneously. Container deployments are distributed randomly among the available clusters. This mode increases global capacity and improves load balancing across multiple environments. |
Active / Passive |
A main cluster (Master) is defined and used by default for all deployments. The other clusters are considered secondary (fallback) clusters. If the main cluster becomes unavailable, the system automatically switches to a secondary cluster to ensure service continuity. |
Note
The Active/Passive mode is particularly suited for production environments requiring a high level of availability and control. The Active/Active mode, on the other hand, is ideal for load scaling scenarios.
Thanks to this feature, administrators can build fault-tolerant and highly scalable container architectures while simplifying centralized management via a single Container Provider.
For more information on multi-cluster configuration, see Cluster Configurations.
Creating a Container Provider¶
Click New provider > Direct provider.
Fill out the provider details by referring to the Configuration Fields section below.
Configure your endpoints by referring to the Cluster Configurations section below.
Save your provider.
Container Provider creation form¶
Configuration Fields¶
Name: provider name.
Type: choose SWARM or KUBERNETES.
Visibility: Public or Private.
Multi-cluster deployment: enable or disable multi-cluster management (Active/Passive or Active/Active mode).
Comments: administrative notes.
Tags: comma-separated keywords used to filter the portal display via the CONTAINER_PROVIDERS_TAGS variable.
Official: indicates a Reemo-managed provider. This setting can only be modified by a Reemo administrator.
Use for workspace services: reserves this provider exclusively for deploying video conferencing services (Jitsi). It cannot be used to launch user containers (RBI, Bastion, etc.).
Virtual: indicates the provider is not linked to real infrastructure (no underlying Swarm or Kubernetes cluster). This mode is used for deploying file servers.
Cluster Configurations¶
You can deploy containers on a simple cluster or by using a multi-cluster configuration. A multi-cluster configuration allows you to create containers on multiple clusters instead of just one. This can be useful if, for example, you have a cluster in one datacenter and another in a remote datacenter, but you want to deploy containers on both depending on the deployment strategy.
Simple cluster: Deploys containers only on this cluster.
Multi-cluster Active/Passive: Deploys containers only on the designated primary cluster, using the other clusters as a fallback if necessary.
Multi-cluster Active/Active: Deploys containers randomly across multiple clusters.
URL: API access point of the cluster. It can be an internal address or a public DNS name. In the latter case, an Ansible installation of the infrastructure will be required.
Server Name (SNI): optional field corresponding to the Common Name of the provider environment SSL certificate.
Cert Auth: enables certificate-based authentication, if required.
- Certificate:
Use an Existing Certificate: allows selecting an existing certificate from the Certificates module.
Specify a certificate: allows manually entering the KEY, CERT, and CA contents.
Example of a SWARM cluster configuration¶
Add Cluster: allows adding a new cluster to the provider (option available only if multi-cluster mode is enabled).
Master cluster: field visible only when Active/Passive multi-cluster mode is enabled. It defines the main (master) cluster used for deployments. Other clusters will be considered secondary (fallback) and used only if the main cluster is unavailable.
Cluster name: internal identifier of the cluster (displayed only if multi-cluster mode is enabled).
URL: API access point of the cluster. It can be an internal address or a public DNS name. In the latter case, an Ansible installation of the infrastructure will be required.
Server Name (SNI): optional field corresponding to the Common Name of the provider environment SSL certificate.
Cert Auth: enables certificate-based authentication, if required.
- Certificate:
Use an Existing Certificate: allows selecting an existing certificate from the Certificates module.
Specify a certificate: allows manually entering the KEY, CERT, and CA contents.
Remove the Cluster: removes the cluster (option available only if multi-cluster mode is enabled and at least 2 clusters are configured).
Example of a SWARM cluster configuration in multi-cluster mode¶
Add Cluster: allows adding a new cluster to the provider (option available only if multi-cluster mode is enabled).
Cluster name: internal identifier of the cluster (displayed only if multi-cluster mode is enabled).
URL: API access point of the cluster. It can be an internal address or a public DNS name. In the latter case, an Ansible installation of the infrastructure will be required.
Server Name (SNI): optional field corresponding to the Common Name of the provider environment SSL certificate.
NAMESPACE: namespace used for deployments (only applicable for Kubernetes).
Cert Auth: enables certificate-based authentication, if required.
- Certificate:
Use an Existing Certificate: allows selecting an existing certificate from the Certificates module.
Specify a certificate: allows manually entering the KEY, CERT, and CA contents.
Remove the Cluster: removes the cluster (option available only if multi-cluster mode is enabled and at least 2 clusters are configured).
Example of a KUBERNETES cluster configuration in multi-cluster mode¶
See also¶
Managing Provider Resources: to manage nodes, secrets, and images.
Associating a Private Provider with an Organization: for assignment to organizations.
appliance-provisioning: for hybrid deployment.
Summary¶
The Container Providers module offers:
Centralized configuration.
Management of nodes, images, and secrets.
Reuse of certificates for authentication and security.
Multi-cluster deployment support.
Public Container Providers are visible to all organizations.
Private Container Providers require explicit association.
Appliance mode support for secure hybrid on-premise deployments via WebSocket.
This simplifies administration and strengthens consistency across container environments.