Well, after a while in the container world ive come to realise that keeping all these containers up to date is hard work and time consuming with simple docker compose. I’ve recently learnt that portainer may come to hand here. I believe that feeding the yaml file through portainer allows the latter to take control of updates. Correct?
I have a Truenas Scale machine with a VM running my containers as i find its the easiest approach for secure backps as i replicate the VM to another small sever just in case.
But i have several layers to maintain. I dont like the idea of apps on Truenas as I’m worried i dont have full control of app backup. Is there a simpler way to maintain my containers up to date?
Podman is an alternative to Docker which integrates better with systemd and it also offers a way to automatically update containers.
Unless you forgot
AutoUpdate=registryin the.containerfile for half of them, like I did.But yeah, I switched to Podman over a year ago and I’m not looking back.
And auto rollback to the previous image if a container fails after an update.
Podman and quadlets are the way to go for monoserver services
And doesnt run as root by default ! ( which docker does iirc, but can be turned off )
I actually tried to switch to podman from docket but I have a major hold up. On my docker setup for my arr stack I have gluetun, and basically how I setup gluetun with the rest is setting up ports on gluetun for the services and for the other services I have a depends on, to make sure gluetun is up before the rest. However I tried to look several times how to do this on podman but no luck. Does anyone here has an idea how this works?
I’ve not really got much experience myself with either docker/podman, but I think you’re looking for podman’s [quadlets]?(https://www.redhat.com/en/blog/quadlet-podman)
Since Podman is based around systemd services managing the containers, why not have a look at systemd .service files? I know you can set dependencies in those and so you can say that your other containers can’t start unless gluetun successfully starts first.
Nice thanks for the tip! I will look into it and see if I can do something about it
Yaknow, now that I know its tightly coupled to systemd I especially don’t care about podman. Thank you genuinely for resolving any curiosity about it, however.
It’s not tightly coupled to anything. It just ships with a systemd generator allowing you to manage containers, pods or networks with systemd if you want. And lots of people are noticing the benefits of that arrangement.
That sounds heavy and complicated. Terraform + plain docker is super easy and makes the machines trivial to replace, as well redeploying updating their containers without downtime.
And I don’t have to learn a damn thing about systemd’s nonsense. Nor do I have to learn a single bit of k8s yaml braindamage.
It’s neither. A systemd generator just transforms a simple 15 line container text file to a simple 20 line service text file, and then the container lifecycle and dependencies are managed by systemd like any other system or user service.
bro just run the fucking container.
How ironic.
Short version, add this to your Quadlet file (with whatever your service your gluetun Quadlet starts):
[Unit] Requires=gluetun.service After=gluetun.serviceAn article I found helpful when starting with Quadlets, which can even replace Docker compose. https://mo8it.com/blog/quadlet/
I am not sure yet what are quadlets but I will check. Thanks!
Been using an quadlet podman arr stack for a year or two, pretty damn bulletproof once set up, easier to read, rootless, SELinux enabled, systemd controlled, update with podman auto-update. Worth the time to learn.
podlet can help you hit the ground running. It can create Quadlet files out of Podman commands or even (Docker) Compose files. 90% of the time it works every time ;}, but even the oopses get you most of the way there.
My arr stack is set up in a pod which means they all have their own gluetun network and come up as one, but you can just use Network=container:gluetun in container files.