Introduction
A container-based solution for automating Docker container base image updates. With watchtower you can update the running version of your containerised app simply by pushing a new image to the Docker Hub or your own image registry. Watchtower will pull down your new image, gracefully shut down your existing container and restart it with the same options that were used when it was deployed initially.
The Docker Compose File
---
version: "3.8"
services:
watchtower:
image: containrrr/watchtower:latest
container_name: watchtower
hostname: watchtower
restart: unless-stopped
security_opt:
- no-new-privileges:true
environment:
- TZ=Europe/Stockholm
- WATCHTOWER_SCHEDULE=0 0 2 * * *
- WATCHTOWER_CLEANUP=true
- WATCHTOWER_INCLUDE_RESTARTING=true
- WATCHTOWER_INCLUDE_STOPPED=true
- WATCHTOWER_LABEL_ENABLE=true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /etc/localtime:/etc/localtime:ro
labels:
- com.centurylinklabs.watchtower.enable=truedocker-compose.yml
This Docker Compose file defines a single service named “watchtower”. The service is built from the “containrrr/watchtower:latest” Docker image, which is the latest version available. The container name is set to “watchtower” as well.
The “restart” section ensures that the container will always be restarted if it exits (unless manually stopped). This is useful for ensuring that the service is always available, especially if it crashes or is shut down unexpectedly.
The “security_opt” section prevents your container processes from gaining additional privileges. This is an important security consideration.
The “volumes” section includes the Docker daemon (docker.sock) this is the UNIX socket that Docker daemon is listening to. It's the main entry point for Docker API. Watchtower needs this access in order to function as intended.
The "labels" section allows the Watchtower service to keep this container update automatically.
Running Watchtower with Docker Compose
To run Watchtower with Docker Compose, first, make sure you have Docker and Docker Compose installed on your machine. Then, create a new directory for your project and save the above Docker Compose file as “docker-compose.yml” in that directory.
Next, run the following command from the same directory:
docker compose up -dConclusion
In this article, we explored how to set up and run the Watchtower software using Docker Compose. We looked at the different sections of the Docker Compose file and explained how they work together to create a functional Watchtower service. By running Watchtower with Docker Compose, you can easily deploy and manage the tool on your own server, without having to worry about dependencies or configuration.
