/Containers

Updating Docker Containers with Ouroboros

Ouroboros is an automation engine that updates running Docker containers with the latest image from a specified contaner registry.

The updated containers will preserve all parameters and tags as the previously run container.


version: '3'
services:
  ouroboros:
    container_name: ouroboros
    hostname: ouroboros
    image: pyouroboros/ouroboros
    environment:
      - CLEANUP=true
      - INTERVAL=300
      - LOG_LEVEL=info
      - SELF_UPDATE=true
      - IGNORE=mongo influxdb postgres mariadb
      - TZ=America/Chicago
    restart: unless-stopped
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

Benefits

Updating containers enables :

  • quick and easy patching of security vulnerabilities
  • quick update running applications
  • customization of images to suit business needs

Getting Started with Ouroboros

Scenario

In this post we have built a simple site visit counter , that saves unique page visits in Redis under the key visits.

The visits key contains the browser user agent and the ip .

The visits counter can be reset by going to the /reset route of the application.

Architecture

The application architecure is as shown below.

webhook
docker
app
redis
ouroboros
message
notify
update
logic
db
keys

Configuration

Slack

We’ll be using Slack to manage notifications. Anytime a container is updated we’ll receive a notification in a specified channel.

In this case we’ll configure an incoming webhook. To do so create a free workspace, or use an existing workspace.

Use this link to create a webhook.

Create incoming webhook

Next assign a workspace channel that will be receiving the messages.

Add channel

You’ll get a webhook channel in the format https://hooks.slack.com/service/<TOKENA>/<TOKENB>/<TOKENC> .

Webhook URL

That’s it.

You can add an icon if you need to

Ouroboros

As we’ll be running Ourboros as a Docker container we’ll pass all the environment variables in an ouroboros.env file.

Possible Env variables can be found here

# Auto Update Ourbororos see -> https://github.com/pyouroboros/ouroboros/wiki/Usage#self-update
SELF_UPDATE=true

# Update the Application only works like Ignore
#MONITOR="arthurkenotieno/site-counter-app"

# Set Update interval seconds
INTERVAL=180

# Ignore Redis
IGNORE="redis"

# Remove old images after update
CLEANUP=true

# Use the latest tag
LATEST=true

# If pulling from a secure repository :
#REPO_USER=myusername
#REPO_PASS=mypass

# Send notitifcations to Slack
# See Apprise options -> https://github.com/caronc/apprise
# Slack -> https://github.com/caronc/apprise/wiki/Notify_slack
# Create an Incoming webhook -> https://my.slack.com/services/new/incoming-webhook/
##NOTIFIERS="slack://{TOKENA}/{TOKENB}/{TOKENC}/#{CHANNEL}"

Deploying

In this sample we’ll be using docker-compose to deploy our service therefore we wrote a docker-compose.yml to deploy our application, and bring up Ouroboros with our desired configurations.

version: '2.1'

services:
  site-counter-app:
    container_name: sitecounter
    image: arthurkenotieno/site-counter-app
    environment:
      NODE_ENV: production
      REDIS_URL: redis://cache
    ports:
      - 3080:3080
    depends_on:
      - redis

  redis:
    image: redis:latest
    container_name: redisdb
    ports:
      - 6379:6379

  ouroboros:
    container_name: ouroboros
    image: pyouroboros/ouroboros
    env_file: ./ouroboros.env
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

For multiple sockets/hosts set a space separated list of DOCKER_SOCKETS in your environment file. Learn More

Learn how to push your images to Docker registry using Bitbucket pipelines .

Every update will push a notification to Slack, you can disable startup notifcations by setting SKIP_STARTUP_NOTIFICATIONS in the environment file to True.

Slack Notifications

Katacoda

Here’s an interactive tutorial to get you up and running with Ouroboros :

Katacoda scenario

References

Arthur

Arthur

Arthur Kennedy Otieno is a Backend and Firmware Engineer based in Nairobi, Kenya.

Read More