We can usually use one or more servers as Docker hosts and use containers to run some open source tool services. And often we do not know when this application has an updated version, recently discovered an open source tool that can check whether the image of the container running on the host has been updated and can send update notifications by integrating multiple channels, this tool is DIUN (Docker Image Update Notifier).
Introduction to DUIN
DUIN is a command line tool written in GO language that can be run locally or through containers (https://hub.docker.com/r/crazymax/diun) to receive a notification when the monitored container image is updated in the corresponding registry (Registry) corresponding notification.
DUIN supports multiple monitoring configurations (Providers):
- Docker - analyzes images of running containers on Docker hosts and checks for updates
- Podman - similar to Docker, requires Podman to be started as a service
- Kubernetes - Analyze Pods in a Kubernetes cluster and check the images used by pods
- Swarm - Analyze the images used by services in a Swarm cluster
- Nomad - Similar to Docker, analyzes the images used by the Nomad engine to run
- Dockerfile - Analyze the images referenced in the Dockerfile
- File - yaml-formatted configuration file that directly configures the image information to be checked
DUIN supports integration with multiple notification channels such as Discord, Slack, Matrix, Telegram and Webhook.
DUIN Usage Example
Here is a demonstration of using Docker Compose on a Docker host to run the DUIN service and integrate with Slack to send notifications to the appropriate channel.
docker-compose.yml
:
|
|
In the environment variables above
DIUN_WATCH_SCHEDULE=0 */6 * * *
Specifies to do a check every 6 hoursDIUN_PROVIDERS_DOCKER=true
specifies that the Docker Provider is used and therefore needs to be bound to/var/run/docker.sock:/var/run/docker.sock
DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true
specifies to check the images of all containers running in the current Docker environment by default, if the value is set tofalse
, the tagdiun.enable=true
needs to be added when running containers that need to be checked for imagesDIUN_NOTIF_SLACK_WEBHOOKURL=
specifies the channel to which notifications are sent to Slack when updates are discovered. The configured value simply adds anIncoming Webhook
application to one of Slack’s channels
Start more configurations, see documentation.
Start the container, which can be accessed for notification testing.
In Slack, notifications will be received.
After that, when DIUN finds that a new image is published to the image repository, we will receive the corresponding notification and we can choose whether to upgrade the application or not.
When we use fixed-label images for our applications, we can specify the corresponding labels to check, such as
The above regular specifies the tags to be checked.
Summary
This article recommends an open source container image update notification tool, and also demonstrates the integration based on Docker+Slack, please refer to its documentation for more information on how to use it.