Updating Docker Containers with Ouroboros

Updating Docker Containers with Ouroboros

Ouroboros is an automation engine that updates running Docker containers with the latest image from a specified contaner registry.

The updated containers will preserve all parameters and tags as the previously run container.

docker-compose.ymldocker-compose.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
version: '3'
services:
ouroboros:
container_name: ouroboros
hostname: ouroboros
image: pyouroboros/ouroboros
environment:
- CLEANUP=true
- INTERVAL=300
- LOG_LEVEL=info
- SELF_UPDATE=true
- IGNORE=mongo influxdb postgres mariadb
- TZ=America/Chicago
restart: unless-stopped
volumes:
- /var/run/docker.sock:/var/run/docker.sock

Benefits

Updating containers enables :

  • quick and easy patching of security vulnerabilities
  • quick update running applications
  • customization of images to suit business needs

Getting Started with Ouroboros

Scenario

In this post we have built a simple site visit counter , that saves unique page visits in Redis under the key visits.

The visits key contains the browser user agent and the ip .

The visits counter can be reset by going to the /reset route of the application.

Architecture

The application architecure is as shown below.

graph LR
  subgraph docker
    subgraph app
    logic-->keys
    end
    subgraph redis
    keys-.->db
    end
    subgraph ouroboros
    update-->notify
    update-.->logic
    end
end
subgraph webhook
  notify-.->message
  message
end

Configuration

Slack

We’ll be using Slack to manage notifications. Anytime a container is updated we’ll receive a notification in a specified channel.

In this case we’ll configure an incoming webhook. To do so create a free workspace, or use an existing workspace.

Use this link to create a webhook.

Create Webhook

Next assign a workspace channel that will be receiving the messages.

Assign a channel

You’ll get a webhook channel in the format https://hooks.slack.com/service/<TOKENA>/<TOKENB>/<TOKENC> .

Webhook URL

That’s it.

You can add an icon if you need to

Ouroboros

As we’ll be running Ourboros as a Docker container we’ll pass all the environment variables in an ouroboros.env file.

Possible Env variables can be found here

ouroboros.envview raw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# Auto Update Ourbororos see -> https://github.com/pyouroboros/ouroboros/wiki/Usage#self-update
SELF_UPDATE=true

# Update the Application only works like Ignore
#MONITOR="arthurkenotieno/site-counter-app"

# Set Update interval seconds
INTERVAL=180

# Ignore Redis
IGNORE="redis"

# Remove old images after update
CLEANUP=true

# Use the latest tag
LATEST=true

# If pulling from a secure repository :
#REPO_USER=myusername
#REPO_PASS=mypass

# Send notitifcations to Slack
# See Apprise options -> https://github.com/caronc/apprise
# Slack -> https://github.com/caronc/apprise/wiki/Notify_slack
# Create an Incoming webhook -> https://my.slack.com/services/new/incoming-webhook/
##NOTIFIERS="slack://{TOKENA}/{TOKENB}/{TOKENC}/#{CHANNEL}"

Deploying

In this sample we’ll be using docker-compose to deploy our service therefore we wrote a docker-compose.yml to deploy our application, and bring up Ouroboros with our desired configurations.

docker-compose.ymlview raw
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
version: '2.1'

services:
site-counter-app:
container_name: sitecounter
image: arthurkenotieno/site-counter-app
environment:
NODE_ENV: production
REDIS_URL: redis://cache
ports:
- 3080:3080
depends_on:
- redis

redis:
image: redis:latest
container_name: redisdb
ports:
- 6379:6379

ouroboros:
container_name: ouroboros
image: pyouroboros/ouroboros
env_file: ./ouroboros.env
volumes:
- /var/run/docker.sock:/var/run/docker.sock

For multiple sockets/hosts set a space separated list of DOCKER_SOCKETS in your environment file. Learn More

Learn how to push your images to Docker registry using Bitbucket pipelines.

Every update will push a notification to Slack, you can disable startup notifcations by setting SKIP_STARTUP_NOTIFICATIONS in the environment file to True.

Notifications

Katacoda

Here’s an interactive tutorial to get you up and running with Ouroboros :

Katacoda scenario

References

Comments

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now

×