Updating Docker Containers With Ouroboros
Ouroboros is an automation engine that updates running Docker containers with the latest image from a specified contaner registry.
The updated containers will preserve all parameters and tags as the previously run container.
version: '3'
services:
ouroboros:
container_name: ouroboros
hostname: ouroboros
image: pyouroboros/ouroboros
environment:
- CLEANUP=true
- INTERVAL=300
- LOG_LEVEL=info
- SELF_UPDATE=true
- IGNORE=mongo influxdb postgres mariadb
- TZ=America/Chicago
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock
Ouroboros is no longer maintained, see more
Benefits
Updating containers enables :
- quick and easy patching of security vulnerabilities
- quick update running applications
- customization of images to suit business needs
Getting Started with Ouroboros
Scenario
In this post we have built a simple site visit counter , that saves unique page visits in Redis under the key visits.
The visits key contains the browser user agent and the ip .
The visits counter can be reset by going to the /reset route of the application.
Architecture
The application architecure is as shown below.
Configuration
Slack
We’ll be using Slack to manage notifications. Anytime a container is updated we’ll receive a notification in a specified channel.
In this case we’ll configure an incoming webhook. To do so create a free workspace, or use an existing workspace.
Use this link to create a webhook.
Next assign a workspace channel that will be receiving the messages.
You’ll get a webhook channel in the format https://hooks.slack.com/service/<TOKENA>/<TOKENB>/<TOKENC> .
That’s it.
You can add an icon if you need to.
Ouroboros
As we’ll be running Ourboros as a Docker container we’ll pass all the environment variables in an ouroboros.env file.
Possible Env variables can be found here
| # Auto Update Ourbororos see -> https://github.com/pyouroboros/ouroboros/wiki/Usage#self-update | |
| SELF_UPDATE=true | |
| # Update the Application only works like Ignore | |
| #MONITOR="arthurkenotieno/site-counter-app" | |
| # Set Update interval seconds | |
| INTERVAL=180 | |
| # Ignore Redis | |
| IGNORE="redis" | |
| # Remove old images after update | |
| CLEANUP=true | |
| # Use the latest tag | |
| LATEST=true | |
| # If pulling from a secure repository : | |
| #REPO_USER=myusername | |
| #REPO_PASS=mypass | |
| # Send notitifcations to Slack | |
| # See Apprise options -> https://github.com/caronc/apprise | |
| # Slack -> https://github.com/caronc/apprise/wiki/Notify_slack | |
| # Create an Incoming webhook -> https://my.slack.com/services/new/incoming-webhook/ | |
| ##NOTIFIERS="slack://{TOKENA}/{TOKENB}/{TOKENC}/#{CHANNEL}" |
Deploying
In this sample we’ll be using docker-compose to deploy our service therefore we wrote a docker-compose.yml to deploy our application, and bring up Ouroboros with our desired configurations.
| version: '2.1' | |
| services: | |
| site-counter-app: | |
| container_name: sitecounter | |
| image: arthurkenotieno/site-counter-app | |
| environment: | |
| NODE_ENV: production | |
| REDIS_URL: redis://cache | |
| ports: | |
| - 3080:3080 | |
| depends_on: | |
| - redis | |
| redis: | |
| image: redis:latest | |
| container_name: redisdb | |
| ports: | |
| - 6379:6379 | |
| ouroboros: | |
| container_name: ouroboros | |
| image: pyouroboros/ouroboros | |
| env_file: ./ouroboros.env | |
| volumes: | |
| - /var/run/docker.sock:/var/run/docker.sock |
For multiple sockets/hosts set a space separated list of DOCKER_SOCKETS in your environment file. Learn More
Learn how to push your images to Docker registry {% post_link devops-with-bitbucket-pipelines ‘using Bitbucket pipelines’ %}.
Every update will push a notification to Slack, you can disable startup notifcations by setting SKIP_STARTUP_NOTIFICATIONS in the environment file to True.
Katacoda
Here’s an interactive tutorial to get you up and running with Ouroboros :
References
-
Use this example application hosted on github
-
Refer to Ouroboros wiki