22

TL;DR: I want to keep my containers up to date, currently Portainer based compose files updated by renovate. How do you do it?

Status Quo

I'm hosting a few containers on my Unraid Homeserver for personal use, but I don't use the Unraid Webinterface to control them. I'm running Portainer CE in a Container on the host. Within Portainer I use the "Stacks" feature to define my containers. The Stack-files (basically docker-compose files) reside in a private Git(-hub) repository. I configured renovate to create pull requests to the Git repository in case there are new updates for the container images (aka new tagged images).

Issues

Currently I'm not really satisfied with that workflow. These are the issues I have:

  • It's not really automatic. I still have to manually approve the Pull Requests on GitHub, even though I don't test them before applying
  • I once updated a specific container but the database structure of the application changed. I had to manually restore the application data from a backup
  • Some containers I use don't have proper versioning (e.g. only a "latest" image)
  • For some containers renovate doesn't open Pull Requests for updates. I think it's because the images are not in Docker Hub, but on GitHub or other registries.
  • Adding new stacks to Portainer is cumbersome, I have to specify the Git repository, the path of the docker-compose file and credentials everytime.

Wishlist

What I would like to have:

  • Automatic Updates to my containers (bug fixes, new features, security fixes)
    • Updates should apply automatically except if I pin the image tag/version
  • Before updating a container the container should get shutdown and a copy of the application data should be created
  • If the container exits unexpectedly after an update, an automatic rollback should get applied. Notification to me and no further updates for this container until I continue it.
  • Container definitions should be defined in a version controlled code/text, e.g. docker-compose files in a Git repo
  • Solution should be self hosted

Questions

I'm aware of watchtower, but as far as I see it only updates the live-configuration of the system. So no version control or roll-backs. What do you folks think? Are my requirements stupid overkill for a homeserver? How do you keep your container based applications up to date?

you are viewing a single comment's thread
view the rest of the comments
[-] psmt@lemmy.pcft.eu 7 points 1 year ago

It looks like you are trying to reinvent parts of kubernetes.

I would recommend to give it a try, it's easy to spin up with k3s, even on a single node!

Set imagePullPolicy to Always in your deployments (this is more or less k8s version of compose) and latest tag, then every time you restart a deployment, you get the latest version, with auto rollback. Set the tag to a static version and it doesn't update as long as you don't change it.

For gitops, add fluxcd.io and you're set, it doesn't even require a CI workflow.

For the data copy, k8s provides Volume Snapshots https://kubernetes.io/docs/concepts/storage/volume-snapshots/

[-] diecknet@discuss.tchncs.de 2 points 1 year ago* (last edited 1 year ago)

Oh, lol! I mean I was totally aware of Kubernetes existing as an enterprise grade container solution, but didn't really consider that it could fit my needs. Makes so much sense that they have a feature like Volume snapshots. Gonna look into Kubernetes/k3s. Thanks!

this post was submitted on 19 Aug 2023
22 points (92.3% liked)

Selfhosted

39677 readers
199 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS