Watchtower
Watchtower is a container-based solution for automating Docker container base image updates.
With watchtower you can update the running version of your containerized app simply by pushing a new image to the Docker Hub or your own image registry. Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially. Run the watchtower container with the following command:
$ docker run -d \
--name watchtower \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower
Usage⚑
Exclude image from being pruned⚑
Add to the dockerfile:
LABEL com.centurylinklabs.watchtower.enable=false
Monitorization⚑
To make sure that watchtower is working as expected you can use the next alerts:
groups:
- name: watchtower
rules:
- alert: WatchtowerError
expr: |
count_over_time({container="watchtower"} |= `` | logfmt level | level=`error` [15m]) > 0
for: 0m
labels:
severity: warning
annotations:
summary: "Error in watchtower logs {{ $labels.container }} at {{ $labels.hostname}}"
- alert: WatchtowerNotRunningError
expr: |
(sum by(hostname) (count_over_time({job="systemd-journal"} [1h]))
unless
sum by(hostname) (count_over_time({unit="watchtower.service"} [1d]))) > 0
for: 0m
labels:
severity: warning
annotations:
summary: "Watchtower has not shown any logs in {{ $labels.hostname}} in the last day"