Watchtower
root@memoriae-152:~# docker run --rm containrrr/watchtower -h
Watchtower automatically updates running Docker containers whenever a new image is released.
More information available at https://github.com/containrrr/watchtower/.
Usage:
watchtower [flags]
Flags:
-a, --api-version string api version to use by docker client (default "1.25")
-c, --cleanup remove previously used images after updating
-d, --debug enable debug mode with verbose logging
--enable-lifecycle-hooks Enable the execution of commands triggered by pre- and post-update lifecycle hooks
-h, --help help for watchtower
-H, --host string daemon socket to connect to (default "unix:///var/run/docker.sock")
--http-api-metrics Runs Watchtower with the Prometheus metrics API enabled
--http-api-token string Sets an authentication token to HTTP API requests.
--http-api-update Runs Watchtower in HTTP API mode, so that image updates must to be triggered by a request
--include-restarting Will also include restarting containers
-S, --include-stopped Will also include created and exited containers
-i, --interval int poll interval (in seconds) (default 86400)
-e, --label-enable watch containers where the com.centurylinklabs.watchtower.enable label is true
-m, --monitor-only Will only monitor for new images, not update the containers
--no-color Disable ANSI color escape codes in log output
--no-pull do not pull any new images
--no-restart do not restart any containers
--no-startup-message Prevents watchtower from sending a startup message
--notification-email-delay int Delay before sending notifications, expressed in seconds
--notification-email-from string Address to send notification emails from
--notification-email-server string SMTP server to send notification emails through
--notification-email-server-password string SMTP server password for sending notifications
--notification-email-server-port int SMTP server port to send notification emails through (default 25)
--notification-email-server-tls-skip-verify Controls whether watchtower verifies the SMTP server's certificate chain and host name.
Should only be used for testing.
--notification-email-server-user string SMTP server user for sending notifications
--notification-email-subjecttag string Subject prefix tag for notifications via mail
--notification-email-to string Address to send notification emails to
--notification-gotify-tls-skip-verify Controls whether watchtower verifies the Gotify server's certificate chain and host name.
Should only be used for testing.
--notification-gotify-token string The Gotify Application required to query the Gotify API
--notification-gotify-url string The Gotify URL to send notifications to
--notification-msteams-data The MSTeams notifier will try to extract log entry fields as MSTeams message facts
--notification-msteams-hook string The MSTeams WebHook URL to send notifications to
--notification-slack-channel string A string which overrides the webhook's default channel. Example: #my-custom-channel
--notification-slack-hook-url string The Slack Hook URL to send notifications to
--notification-slack-icon-emoji string An emoji code string to use in place of the default icon
--notification-slack-icon-url string An icon image URL string to use in place of the default icon
--notification-slack-identifier string A string which will be used to identify the messages coming from this watchtower instance (default "watchtower")
--notification-template string The shoutrrr text/template for the messages
--notification-url stringArray The shoutrrr URL to send notifications to
-n, --notifications strings notification types to send (valid: email, slack, msteams, gotify, shoutrrr)
--notifications-level string The log level used for sending notifications. Possible values: panic, fatal, error, warn, info or debug (default "info")
--remove-volumes remove attached volumes before updating
--revive-stopped Will also start stopped containers that were updated, if include-stopped is active
--rolling-restart Restart containers one at a time
-R, --run-once Run once now and exit
-s, --schedule string the cron expression which defines when to update
--scope string Defines a monitoring scope for the Watchtower instance.
-t, --stop-timeout duration timeout before a container is forcefully stopped (default 10s)
-v, --tlsverify use TLS and verify the remote
--trace enable trace mode with very verbose logging - caution, exposes credentials
--warn-on-head-failure string When to warn about HEAD pull requests failing. Possible values: always, auto or never
自动清除废旧镜像
# 标签为none的镜像
docker run -d \
--name watchtower \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower -c
选择性自动更新
假设我们只想要更新固定的容器,我们可以把容器名称追加到启动命令后面
docker run -d \
--name watchtower \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower -c \
nginx redis
#也可以通过变量的方式调用容器名称列表 $(cat ~/.watchtower.list)
设置自动更新的检查频率
docker run -d \
--name watchtower \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower -c \
nginx redis \
--interval 3600
#如每天凌晨 2 点检查一次更新:
docker run -d \
--name watchtower \
--restart unless-stopped \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower -c \
--schedule "0 2 * * * *"
手动更新
docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
containrrr/watchtower -cR \
user nginx