Running the UniFi controller in an nspawn container

Kevin Carter -

The UniFi controller is an essential part of the Ubiquiti Networks UniFi platform. Getting this controller installed allows you access to metrics, analytics, and features you'd not have otherwise.

I've been on a Ubiquiti Networks tear recently and have been replacing my home gear with theirs and I have to say it's quite nice. The newest addition is an 24 port UniFi switch which is building to my existing 8 port UniFi switch.

This switch will be replacing my old TP-Link (TL-SG108).

Getting Started

After installing the switch, and then reading the manual that came with it, I discovered that I should be running the UniFi controller on a dedicated piece of hardware. Being that I don't want to do run the controller on a dedicated machine, I figured I'd give running it in a container a try. If you've not read my write up on nspawn I'd recommend giving that a read for insight into the basic configuration I'll be running this container within.

Provisioning the container

  • Create a rootfs for the container. machinectl clone xenial-base unifi

  • Generate a unit file for the new container config.

cat > /etc/systemd/nspawn/unifi.nspawn <<EOF
[Exec]
Boot=on

[Network]
VirtualEthernet=yes
Bridge=br0
EOF

  • Reload the systemd daemon. systemctl daemon-reload

  • Ensure the container is started at system boot (optional) systemctl enable systemd-nspawn@unifi

  • Start the new container. machinectl start unifi

Installing the UniFi controller

The basic steps can be found here. I'm installing the latest stable UniFi Version 5.

First thing to do is access the container.

machinectl shell root@unifi -- /bin/bash

Now install the unifi controller.

echo unifi > /etc/hostname
echo "deb http://www.ubnt.com/downloads/unifi/debian stable ubiquiti" | tee -a /etc/apt/sources.list.d/100-ubnt.list
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50
apt-get update
apt-get -y install unifi

After everything is finished, log-out of the container, and restart it.

machinectl poweroff unifi
machinectl start unifi

This should finalize the installation by setting the hostname correctly and giving the system a clean start.

Setting up UniFi in the container

Get the IP address of the container and paste it into a browser. You can retrieve the IP address of the container by simply querying it's status.

machinectl status unifi 
unifi
           Since: Mon 2017-04-24 00:06:55 CDT; 11min ago
          Leader: 9334 (systemd)
         Service: systemd-nspawn; class container
            Root: /var/lib/machines/unifi
           Iface: br0
         Address: 172.16.24.215
...

With the IP in hand paste this into the browser with port 8080 attached. This will bring you to the UniFi setup wizard and redirect you to port 8443. Note you will need to accept the self signed certificate to continue.

Once you've made it through the setup screens, you can access all of the UniFi features from your containerized controller.