I’m trying to find a video that demonstrated automated container image updates for Kubernetes, similar to Watchtower for Docker. I believe the video was by @geerlingguy@mastodon.social but I can’t seem to find it. The closest functionality that I can find to what I recall from the video is k8s-digester. Some key features that were discussed include:
- Automatically update tagged version number (eg - Image:v1.1.0 -> Image:v1.2.0)
- Automatically update image based on tagged image’s digest for tags like “latest” or “stable”
- Track container updates through modified configuration files
- Ability to manage deploying updates through Git workflows to prevent unwanted updates
- Minimal (if any) downtime
- This may not have been in the video, but I believe it also discussed managing backups and rollback functionality as part of the upgrade process
While this tool may be used in a CI/CD pipeline, its not limited exclusively to Git repositories as it could be used to monitor container registries from various people or organizations. The tool/process may have also incorporated Ansible.
If you don’t know which video I’m referring to, do you have any suggestions on how to achieve this functionality?
EDIT: For anyone stumbling on this thread, the video was Meet Renovate - Your Update Automation Bot for Kubernetes and More! by @technotim@mastodon.social, which discusses the Kubernetes tool Renovate.
Podman’s systemd integration does that out of the box. See: https://feldspaten.org/2022/07/09/On-the-joy-of-podman-and-auto-updates/ (and even easier with Quadlet)
Is this the Quadlet you mentioned? The repo states it was merged into Podman. It seems pretty similar to the podman-auto-update from the article.
I wasn’t aware of this functionality, but I don’t think it provides the functionality I’m looking for. I might have missed it in the documentation, but it doesn’t seem to look for new version tag updates.
For example, Forgejo’s image registry on Codeberg doesn’t have tags like
latest
,stable
, etc. and instead just has semantic versions like1.19.1
,1.19.2
,1.19.3
,1.20.1
, etc. From what I’m seeing, the images wouldn’t auto update unless the tags that omit the bugfix version like1.19
or1.20
are used. However, Podman still wouldn’t update across those minor version updates.Yes it is integrated now.
Indeed it is nicer if the container repo provides major version number tags like 1.19, but I would not recommend updating across major version numbers automatically (or use the :latest tag with auto-updates) as the very definition of these are to signify breaking changes, so autoupdating will not work anyway in most cases.