发表新帖
发表新帖

How to automatically update your docker containers, if base-images are updated

后端 未结
关注
16 567
别那么骄傲
别那么骄傲 2020-12-04 04:17

Say I have a trivial container based on the ubuntu:latest. Now there is a security update and ubuntu:latest is updated in the docker repo .

相关标签:
16条回答
  • 感动是毒
    2020-12-04 05:07

    A 'docker way' would be to use docker hub automated builds. The Repository Links feature will rebuild your container when an upstream container is rebuilt, and the Webhooks feature will send you a notification.

    It looks like the webhooks are limited to HTTP POST calls. You'd need to set up a service to catch them, or maybe use one of the POST to email services out there.

    I haven't looked into it, but the new Docker Universal Control Plane might have a feature for detecting updated containers and re-deploying.

    0 讨论(0)
  • 攒了一身酷
    2020-12-04 05:08

    Here is a simplest way to update docker container automatically

    Put the job via $ crontab -e:

    0 * * * * sh ~/.docker/cron.sh

    Create dir ~/.docker with file cron.sh:

    #!/bin/sh
if grep -Fqe "Image is up to date" << EOF
`docker pull ubuntu:latest`
EOF
then
    echo "no update, just do cleaning"
    docker system prune --force
else
    echo "newest exist, recompose!"
    cd /path/to/your/compose/file
    docker-compose down --volumes
    docker-compose up -d
fi
    0 讨论(0)
  • 温柔的废话
    2020-12-04 05:10

    A simple and great solution is shepherd

    0 讨论(0)
  • 挽巷
    2020-12-04 05:11

    I'm not going into the whole question of whether or not you want unattended updates in production (I think not). I'm just leaving this here for reference in case anybody finds it useful. Update all your docker images to the latest version with the following command in your terminal:

    # docker images | awk '(NR>1) && ($2!~/none/) {print $1":"$2}' | xargs -L1 docker pull

    0 讨论(0)
  • 无人共我
    2020-12-04 05:14

    Dependency management for Docker images is a real problem. I'm part of a team that built a tool, MicroBadger, to help with this by monitoring container images and inspecting metadata. One of its features is to let you set up a notification webhook that gets called when an image you're interested in (e.g. a base image) changes.

    0 讨论(0)
  • 心在旅途
    2020-12-04 05:18

    We use a script which checks if a running container is started with the latest image. We also use upstart init scripts for starting the docker image.

    #!/usr/bin/env bash
set -e
BASE_IMAGE="registry"
REGISTRY="registry.hub.docker.com"
IMAGE="$REGISTRY/$BASE_IMAGE"
CID=$(docker ps | grep $IMAGE | awk '{print $1}')
docker pull $IMAGE

for im in $CID
do
    LATEST=`docker inspect --format "{{.Id}}" $IMAGE`
    RUNNING=`docker inspect --format "{{.Image}}" $im`
    NAME=`docker inspect --format '{{.Name}}' $im | sed "s/\///g"`
    echo "Latest:" $LATEST
    echo "Running:" $RUNNING
    if [ "$RUNNING" != "$LATEST" ];then
        echo "upgrading $NAME"
        stop docker-$NAME
        docker rm -f $NAME
        start docker-$NAME
    else
        echo "$NAME up to date"
    fi
done

    And init looks like 

    docker run -t -i --name $NAME $im /bin/bash
    0 讨论(0)
 看不清?
提交回复
热议问题