How to Use Watchtower to Automatically Update Your Docker Containers

Posted on by Thijs

Keeping Docker containers up to date is essential for ensuring security, efficiency, and stability. Manually updating containers can be tedious, especially if you’re running multiple containers across different environments. Enter Watchtower, a handy tool that automatically monitors and updates your running Docker containers whenever a new image is published.

In this blog post, we’ll cover how to set up and run Watchtower in your Docker environment for seamless container updates.

What is Watchtower?

Watchtower is an open-source tool that periodically checks Docker Hub (or your private image registry) for new versions of the images you are using. When a new version is detected, Watchtower will gracefully stop your container and restart it using the latest image.

Why Use Watchtower?

  1. Automation: No more manual intervention to pull and run updated images.
  2. Security: Ensures you always have the latest security patches.
  3. Simplicity: Easy to set up and manage with a few lines of configuration.

Prerequisites

  • You should have Docker installed on your system.
  • Ensure your containers are running in Docker.

Step-by-Step Guide to Set Up Watchtower

Step 1: Pull the Watchtower Image

First, you need to pull the Watchtower image from Docker Hub:

docker pull containrrr/watchtower

Step 2: Run Watchtower

Now, run Watchtower with a simple docker run command. Here’s the most basic configuration:

docker run -d \
  --name watchtower \
  -v /var/run/docker.sock:/var/run/docker.sock \
  containrrr/watchtower
  • Explanation:
  • -d: Runs the container in detached mode.
  • --name watchtower: Assigns the name “watchtower” to the container.
  • -v /var/run/docker.sock:/var/run/docker.sock: Mounts the Docker socket, allowing Watchtower to manage your containers.

Step 3: Customize Watchtower Settings

Watchtower comes with a variety of flags to customize how it operates. Below are some common options:

  1. Set a Check Interval By default, Watchtower checks for updates every 24 hours. You can change this by using the --interval flag:
   docker run -d \
     --name watchtower \
     -v /var/run/docker.sock:/var/run/docker.sock \
     containrrr/watchtower \
     --interval 300
  • --interval 300: Check for updates every 300 seconds (5 minutes).
  1. Monitor Specific Containers If you only want to update certain containers, specify their names:
   docker run -d \
     --name watchtower \
     -v /var/run/docker.sock:/var/run/docker.sock \
     containrrr/watchtower \
     container_name_1 container_name_2

Replace container_name_1 and container_name_2 with the names of the containers you wish to monitor.

  1. Use Notification Options Watchtower can send notifications when an update occurs. For example, to set up email notifications, you need to configure SMTP settings. Here’s a basic example using environment variables:
   docker run -d \
     --name watchtower \
     -v /var/run/docker.sock:/var/run/docker.sock \
     -e WATCHTOWER_NOTIFICATIONS=email \
     -e WATCHTOWER_NOTIFICATION_EMAIL_FROM=your_email@example.com \
     -e WATCHTOWER_NOTIFICATION_EMAIL_TO=recipient_email@example.com \
     -e WATCHTOWER_NOTIFICATION_EMAIL_SERVER=smtp.example.com \
     -e WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT=587 \
     -e WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER=your_smtp_user \
     -e WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD=your_smtp_password \
     containrrr/watchtower

Adjust the above settings to match your email provider’s SMTP details.

Step 4: Verify That Watchtower is Running

You can check if Watchtower is running properly by viewing the logs:

docker logs watchtower

The logs will show information about which containers Watchtower is monitoring and any updates it has performed.

Best Practices for Using Watchtower

  1. Back Up Your Data: Always have backups of critical data. Automatic updates can occasionally cause unexpected behavior.
  2. Test Updates in Staging: Before deploying updates in production, consider testing them in a staging environment.
  3. Monitor Watchtower Logs: Regularly check the logs to ensure Watchtower is functioning correctly and not causing any disruptions.

Example compose file

---
services:
  watchtower:
    image: containrrr/watchtower
    environment:
      - TZ=Europe/Amsterdam
      - WATCHTOWER_CLEANUP=true
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: unless-stopped

Conclusion

Watchtower is a powerful tool for automating Docker container updates, helping you maintain a secure and up-to-date environment. With just a few commands, you can ensure your containers are always running the latest versions, saving you time and hassle.

Try setting up Watchtower in your environment and experience the benefits of automated container management!

I hope this guide helps you get started with Watchtower. Let me know if you have any questions or run into any issues!

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts