The Hoof & Paw
DocsCategoriesTagsView the current conditions from the WolfspyreLabs WeatherstationToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeToggle Dark/Light/Auto modeBack to homepage

Keeping Containers Updated

3 minutes to read Wolf Noble   Tech   Automation CICD Docker Gitlab Maintenance Registry

Getting automatic deployments going has been one of the goals as I’ve been gettign this site put together,

Watchtower seemed like it would TOTALLY do the needful… The implementation is fairly straightforward:

Docker-compose.yml

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16

# blog.wolfspyre.io compose file
# v 0.1 06/06/22 wn
version: '2.2'
services:
  blog:
    image: gitlab.wolfspyre.io:5009/wolfspyrelabs/docs/blog:latest
    restart: always
    labels:
      - "com.docker.compose.project=blog"
    container_name: 'blog.wolfspyre.io'
    hostname: 'blog'
    ports:
     - '80:80'
     - '443:443'
    environment:
      WPLFACE: 'blog'
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21

# docs.wolfspyre.io compose file
# v 0.2 08/02/22 wn
version: '3'
services:
  watchtower:
    image: containrrr/watchtower
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
  blog:
    image: gitlab.wolfspyre.io:5009/wolfspyrelabs/docs/blog:latest
    restart: always
    labels:
      - "com.docker.compose.project=blog"
    container_name: 'blog.wolfspyre.io'
    hostname: 'blog'
    ports:
     - '80:80'
     - '443:443'
    environment:
      WPLFACE: 'blog'

Now that we’ve updated our compose file with the Watchtower container we’ll jus start it up:

1
2
3
4
5

watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Watchtower 1.4.0"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Using no notifications"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Only checking containers in scope 'wplblog'"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Scheduling first run: 2022-08-02 23:01:52 +0000 UTC"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Note that the first check will be performed in 1 minute, 29 seconds"

Oh this is so badass, Right?

1
2
3
4
5
6

watchtower_1  | time="2022-08-02T23:00:21Z" level=info msg="Watchtower 1.4.0"
watchtower_1  | time="2022-08-02T23:00:21Z" level=info msg="Using no notifications"
watchtower_1  | time="2022-08-02T23:00:21Z" level=info msg="Only checking containers in scope 'wpldocs'"
watchtower_1  | time="2022-08-02T23:00:21Z" level=info msg="Scheduling first run: 2022-08-02 22:57:20 +0000 UTC"
watchtower_1  | time="2022-08-02T23:00:21Z" level=info msg="Note that the first check will be performed in 59 seconds"
...

… But then….

1
2

watchtower_1  | time="2022-08-02T23:01:22Z" level=info msg="Unable to update container '/docs.wolfspyre.io': Error response from daemon: Head 'https://gitlab.wolfspyre.io:5009/v2/wolfspyrelabs/docs/docs/manifests/latest': denied: access forbidden. Proceeding to next."
watchtower_1  | time="2022-08-02T23:01:22Z" level=info msg="Session done" Failed=0 Scanned=2 Updated=0 notify=no

1
2

watchtower_1  | time="2022-08-02T23:01:53Z" level=info msg="Unable to update container '/blog.wolfspyre.io': Error response from daemon: Head 'https://gitlab.wolfspyre.io:5009/v2/wolfspyrelabs/docs/blog/manifests/latest': denied: access forbidden. Proceeding to next."
watchtower_1  | time="2022-08-02T23:01:53Z" level=info msg="Session done" Failed=0 Scanned=2 Updated=0 notify=no

Well…… shit.

Okay…. this has to be a thing…

1
2
3
4
5

watchtower_1  | time="2022-08-02T22:56:20Z" level=info msg="Watchtower 1.4.0"
watchtower_1  | time="2022-08-02T22:56:20Z" level=info msg="Using no notifications"
watchtower_1  | time="2022-08-02T22:56:20Z" level=info msg="Only checking containers in scope 'wpldocs'"
watchtower_1  | time="2022-08-02T22:56:20Z" level=info msg="Scheduling first run: 2022-08-02 22:57:20 +0000 UTC"
watchtower_1  | time="2022-08-02T22:56:20Z" level=info msg="Note that the first check will be performed in 59 seconds"

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19


watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Watchtower 1.4.0"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Using no notifications"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Only checking containers in scope 'wplblog'"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Scheduling first run: 2022-08-02 23:01:52 +0000 UTC"
watchtower_1  | time="2022-08-02T23:00:22Z" level=info msg="Note that the first check will be performed in 1 minute, 29 seconds"
...
watchtower_1  | time="2022-08-02T23:01:55Z" level=info msg="Found new gitlab.wolfspyre.io:5009/wolfspyrelabs/docs/blog:latest image (7aa5fd6f0062)"
watchtower_1  | time="2022-08-02T23:01:55Z" level=info msg="Stopping /blog.wolfspyre.io (3f9b5a8468b7) with SIGTERM"
blog.wolfspyre.io | 2022/08/02 23:01:55 [notice] 1#1: signal 15 (SIGTERM) received, exiting
blog.wolfspyre.io exited with code 137
blog.wolfspyre.io exited with code 137
watchtower_1  | time="2022-08-02T23:02:06Z" level=info msg="Creating /blog.wolfspyre.io"
watchtower_1  | time="2022-08-02T23:02:07Z" level=info msg="Session done" Failed=0 Scanned=2 Updated=1 notify=no
blog.wolfspyre.io | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
blog.wolfspyre.io | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
blog.wolfspyre.io | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
blog.wolfspyre.io | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
blog.wolfspyre.io | /docker-entrypoint.sh: Configuration complete; ready for start up

TLDR it Ain’t much ;)

Maintenance

Running the cleanup process on-demand

This tip on Gitlab’s administration page for the registry describes how to ad-hoc run the registry cleanup process.