Hello! I was wondering if running periodically a script to automatically pull new images for all my containers is a good or a bad idea. I’d run it everyday at 5.00AM to avoid interruptions. Any tips?
EDIT: Thanks to everyone for the help! I’ll install Watchtower to manage the updates
I get a summary once a week of all the updates. I then check the release notes and if nothing needs any changes just run the ansible playbook that updates to those releases. I don’t want to get up and first thing in the morning read alert emails because an update failed over night, so i sit down for 10 minutes once a week.
Some apps have breaking changes. If you can restore a complete backup when that occurs, you can recover. Immich is famous for its breaking changes
But from the moment that the script updates and breaks something and the moment he realizes it may be too late for some applications.
For example I host Traccar to track car/vans and in this case some tracks would be lost. Or maybe SyncThing, he may realize days/weeks later that a sync is not working and if he was synching his smartphone pictures with his server and the smartphone is lost/broke/stolen, he may lose days/weeks or even months of pictures.
I wouldn’t trust a script. Use Watchtower or What’s up Docker
That’s why you you bind mount all the important data and back it up with a proper backup solution like borg. And why you also have a monitoring and notification system that alerts you if a service goes down. I will get a telegram message within 15 minutes of a service going down.
I do bind mount data folders of the containers, I do backups, I have a notification system that alerts me if a container is not up, but a container can be up but have problems and, most importantly, I (and I guess a lot of other people) don’t always have time to solve problems. When I a few spare minutes a do a snapshot, I update the containers and if something goes wrong if I have time I troubleshoot it, otherwise I just roll back the snapshot and I’ll have a look at the problem when I’ll have time.
I recommend, reading the release changelogs actively. For most services you can just put the github release page in an RSS reader to get a notification when a new release hits, so you can quickly look for any breaking changes, also this will give you info about new features.
I have been using watchtower for a few years. No problems with auto updates so far, but keep your backup handy.
Depends on how you like to roll. If you enjoy waking up to a service not working then go for it.
But it very much depends on what containers you’re using and what tags you’re pulling.
Why not just let Watchtower do it for you?
Because I was today years old when I found out this beautiful piece of software exist :D
thank you very much!
I use Watchtower and haven’t had any major issues in the two(?) years I’ve been using it. Make sure you use persistent volumes for your containers and make sure you back up those volumes. If anything breaks, you can roll back to before the update.
If you don’t use persistent volumes, you’ll lose data when Watchtower takes down the image and replaces it with the newer one (which doesn’t copy over ephemeral volumes).
I also recommend for database containers to use an image tag that won’t update with breaking changes. Don’t use
postgres:latest, usepostgres:15.2or something like that (whatever the image you’re using the database for recommends).
I’ve been doing it for a few years and haven’t had any issues. The risk/reward decision is yours.
