watchtower is a go application and is built with go commands. The following commands assume that you are at the root level of your repo.
```bash
go get ./... # analyzes and retrieves package dependencies
go build # compiles and packages an executable binary, watchtower
go test # runs tests
./watchtower # runs the application (outside of a container)
go get -u github.com/Masterminds/glide # installs glide for vendoring
glide install # retrieves package dependencies
go build # compiles and packages an executable binary, watchtower
go test # runs tests
./watchtower # runs the application (outside of a container)
```
### Building the docker image
watchtower is packaged and distributed as a docker image. A [golang-builder](https://github.com/CenturyLinkLabs/golang-builder) is used to package the go code and its
dependencies as a minimally-sized application. The application binary is then layered into to a minimal docker image (see `Dockerfile`), so that the entire image is <10MB.
See `circle.yml` for further details.The following commands assume that you are at the root level of your repo (i.e. `watchtower/`).
```bash
docker pull centurylink/golang-builder:latest # download the builder
docker run -v $(pwd):/src centurylink/golang-builder:latest # build the minimal binary
docker build -t <yourfork>/watchtower:latest . # build the docker image
docker run -v /var/run/docker.sock:/var/run/docker.sock <yourfork>/watchtower # run the application (inside of a container)
[](https://imagelayers.io/?images=centurylink/watchtower:latest 'Get your own badge on imagelayers.io')
[](https://microbadger.com/images/v2tec/watchtower "Get your own image badge on microbadger.com")
A process for watching your Docker containers and automatically restarting them whenever their base image is refreshed.
@ -19,14 +17,14 @@ For example, let's say you were running watchtower along with an instance of *ce
$ docker ps
CONTAINER ID IMAGE STATUS PORTS NAMES
967848166a45 centurylink/wetty-cli Up 10 minutes 0.0.0.0:8080->3000/tcp wetty
6cc4d2a9d1a5 centurylink/watchtower Up 15 minutes watchtower
6cc4d2a9d1a5 v2tec/watchtower Up 15 minutes watchtower
```
Every few mintutes watchtower will pull the latest *centurylink/wetty-cli* image and compare it to the one that was used to run the "wetty" container. If it sees that the image has changed it will stop/remove the "wetty" container and then restart it using the new image and the same `docker run` options that were used to start the container initially (in this case, that would include the `-p 8080:3000` port mapping).
## Usage
Watchtower is itself packaged as a Docker container so installation is a simple as pulling the `centurylink/watchtower` image.
Watchtower is itself packaged as a Docker container so installation is as simple as pulling the `v2tec/watchtower` image.
Since the watchtower code needs to interact with the Docker API in order to monitor the running containers, you need to mount */var/run/docker.sock* into the container with the -v flag when you run it.
@ -36,7 +34,7 @@ Run the `watchtower` container with the following command:
docker run -d \
--name watchtower \
-v /var/run/docker.sock:/var/run/docker.sock \
centurylink/watchtower
v2tec/watchtower
```
If pulling images from private Docker registries, supply registry authentication credentials with the environment variables `REPO_USER` and `REPO_PASS`
@ -58,7 +56,7 @@ By default, watchtower will monitor all containers running within the Docker dae
docker run -d \
--name watchtower \
-v /var/run/docker.sock:/var/run/docker.sock \
centurylink/watchtower nginx redis
v2tec/watchtower nginx redis
```
In the example above, watchtower will only monitor the containers named "nginx" and "redis" for updates -- all of the other running containers will be ignored.
@ -70,11 +68,12 @@ When no arguments are specified, watchtower will monitor all running containers.
Any of the options described below can be passed to the watchtower process by setting them after the image name in the `docker run` string:
```
docker run --rm centurylink/watchtower --help
docker run --rm v2tec/watchtower --help
```
* `--host, -h` Docker daemon socket to connect to. Defaults to "unix:///var/run/docker.sock" but can be pointed at a remote Docker host by specifying a TCP endpoint as "tcp://hostname:port". The host value can also be provided by setting the `DOCKER_HOST` environment variable.
* `--interval, -i` Poll interval (in seconds). This value controls how frequently watchtower will poll for new images. Defaults to 300 seconds (5 minutes).
* `--schedule, -s` [Cron expression](https://godoc.org/github.com/robfig/cron#hdr-CRON_Expression_Format) which defines when and how often to check for new images. Either `--interval` or the schedule expression could be defined, but not both.
* `--no-pull` Do not pull new images. When this flag is specified, watchtower will not attempt to pull new images from the registry. Instead it will only monitor the local image cache for changes. Use this option if you are building new images directly on the Docker host without pushing them to a registry.
* `--cleanup` Remove old images after updating. When this flag is specified, watchtower will remove the old image after restarting a container with a new image. Use this option to prevent the accumulation of orphaned images on your system as containers are updated.
* `--tlsverify` Use TLS when connecting to the Docker socket and verify the server's certificate.
@ -112,7 +111,7 @@ By default, watchtower is set-up to monitor the local Docker daemon (the same da
Note in both of the examples above that it is unnecessary to mount the */var/run/docker.sock* into the watchtower container.
@ -139,9 +138,9 @@ docker run -d \
--name watchtower \
-e DOCKER_HOST=$DOCKER_HOST \
-v $DOCKER_CERT_PATH:/etc/ssl/docker \
centurylink/watchtower --tlsverify
v2tec/watchtower --tlsverify
```
## Updating Watchtower
If watchtower is monitoring the same Docker daemon under which the watchtower container itself is running (i.e. if you volume-mounted */var/run/docker.sock* into the watchtower container) then it has the ability to update itself. If a new version of the *centurylink/watchtower* image is pushed to the Docker Hub, your watchtower will pull down the new image and restart itself automatically.
If watchtower is monitoring the same Docker daemon under which the watchtower container itself is running (i.e. if you volume-mounted */var/run/docker.sock* into the watchtower container) then it has the ability to update itself. If a new version of the *v2tec/watchtower* image is pushed to the Docker Hub, your watchtower will pull down the new image and restart itself automatically.
Fabrizio Steiner
8 years ago
committed by