Great question! Looking at your docker-compose.yml, you're already using Docker Swarm mode (thanks to the deploy sections), so we've got a few solid, production-friendly options to set up auto-deployment when your image gets updated. Let's walk through each one:

Option 1: Use Watchtower (Simplest "Set It and Forget It" Approach) #

Watchtower is a dedicated tool that monitors your running containers, checks for new image versions, and automatically pulls and restarts containers with the updated image. It's perfect if you want minimal setup.

Add this watchtower service to your existing docker-compose.yml:

services:
  # ... your existing daggr, visualizer, redis services ...
  watchtower:
    image: containrrr/watchtower
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock"
    # Check for updates every 5 minutes (300 seconds), clean up old images, and only monitor your specific services
    command: --interval 300 --cleanup daggr visualizer redis
    deploy:
      placement:
        constraints: [node.role == manager]

Key Parameter Breakdown: #

• --interval 300: Checks for new images every 5 minutes (adjust the number to change frequency)
• --cleanup: Deletes old, unused images after updating to save disk space
• daggr visualizer redis: Tells Watchtower only to monitor these specific services (avoids updating every container on your node)

Once you deploy this with docker stack deploy -c docker-compose.yml <stack-name>, Watchtower will handle the rest. It even detects when an image with the same tag (like stable) gets updated (it checks the image's SHA hash, not just the tag name).

Option 2: Docker Swarm Rolling Updates + Webhook/CI Trigger (More Control) #

If you want full control over the update process (like rollback policies, staggered updates), you can leverage Swarm's built-in update configuration and trigger updates via a webhook or CI/CD pipeline when a new image is pushed.

Step 1: Update Your Service's Deploy Configuration #

First, add an update_config section to the services you want to auto-update (e.g., daggr):

daggr:
  image: "docker.pvt.com/test/daggr:stable"
  hostname: '{{.Node.Hostname}}'
  deploy:
    mode: global
    resources:
      limits:
        cpus: "2"
        memory: 50M
    restart_policy:
      condition: on-failure
    # Add this update config for controlled rolling updates
    update_config:
      parallelism: 1          # Update one container at a time
      delay: 10s              # Wait 10 seconds between updating containers
      failure_action: rollback # Roll back to the previous version if an update fails
      monitor: 60s            # Monitor the updated container for 60 seconds before proceeding
      max_failure_ratio: 0.1  # Allow up to 10% of containers to fail during update
  # ... your existing ports, networks config ...

Step 2: Trigger Updates Automatically #

When a new image is pushed to your registry, you can trigger a Swarm service update via:

• Registry Webhook: Most container registries (like Docker Hub, AWS ECR, or your private registry) let you set up a webhook that sends a POST request when an image is pushed. You can use a simple endpoint (e.g., a small Node.js or Python service) on your Swarm manager that runs this command when it receives the webhook:

  docker service update --image docker.pvt.com/test/daggr:stable daggr
  

• CI/CD Pipeline: If you're using GitHub Actions, GitLab CI, or similar, you can add a step to your pipeline that connects to your Swarm manager (via SSH or Docker context) and runs the same docker service update command after your image is built and pushed.

This approach gives you full visibility into updates, and Swarm will handle rolling back if something goes wrong.

Option 3: CI/CD Trigger for Non-Swarm Docker Compose (If You're Not Using Swarm) #

If you weren't using Swarm mode (though your config shows you are), you could set up a CI/CD pipeline to run these commands on your server whenever a new image is pushed:

docker-compose pull daggr
docker-compose up -d daggr

Important Notes #

• Image Tags: Using a tag like stable works, but for more precision, consider using semantic versioning (e.g., v1.2.3) or SHA hashes. Watchtower and Swarm will still detect updates even with static tags by checking the image's underlying SHA.
• Security: If using webhooks, make sure to authenticate requests (e.g., with a secret token) to prevent unauthorized updates. If using CI/CD, restrict access to your Swarm manager or Docker host.

内容的提问来源于stack exchange，提问作者ealeon