在宿主机上执行docker login命令,宿主机home/.docker目录下生成config.json文件
docker login 42.xx.xx.38:9001
下面yaml文件实现了用watchtower容器监控mysql容器是否有镜像更新,并启用了lifecycle hooks,在mysql容器重启前执行/root/sh/pre-update.sh脚本,在mysql容器重启后执行/root/sh/post-update.sh脚本。
version: "3.4"
services:
mysql:
container_name: mysql
image: 42.xx.xx.38:8082/baas/mysql:latest
ports:
- 3306:3306
environment:
MYSQL_ROOT_PASSWORD: may@8888
volumes:
- /csw/watchtower/sh/:/root/sh/
- /etc/localtime:/etc/localtime:ro
- /csw/watchtower/log/:/log/
privileged: true
labels:
com.centurylinklabs.watchtower.enable: true
com.centurylinklabs.watchtower.lifecycle.pre-check: "/root/sh/pre-check.sh"
com.centurylinklabs.watchtower.lifecycle.pre-update: "/root/sh/pre-update.sh"
com.centurylinklabs.watchtower.lifecycle.post-update: "/root/sh/post-update.sh"
com.centurylinklabs.watchtower.lifecycle.post-check: "/root/sh/post-check.sh"
watchtower:
container_name: watchtower
image: containrrr/watchtower:v1.3.0
environment:
DOCKER_CONFIG: /config # 可选项,不配置默认为/目录
WATCHTOWER_LABEL_ENABLE: true # 是否启用label筛选
WATCHTOWER_CLEANUP: true # 是否删除旧的镜像
WATCHTOWER_REMOVE_VOLUMES: true # 是否删除attached volumes
WATCHTOWER_LIFECYCLE_HOOKS: true # 是否使用生命周期控制执行脚本
WATCHTOWER_POLL_INTERVAL: 10 # 镜像检测时间间隔
WATCHTOWER_DEBUG: true # 是否启用debug模式
privileged: true # 设置容器root权限
volumes:
- /var/run/docker.sock:/var/run/docker.sock # 宿主机docker.sock文件挂载
- /root/.docker/config.json:/config/config.json # 镜像仓库认证文件
- /etc/localtime:/etc/localtime:ro # 时间设置
command: ['mysql'] # 指定要检测的容器名
docker-compose -f docker-compose.yaml up -d