When updating websites or services that are running in Docker, I usually end up restarting the conainer after the OCI image has been updated, which can lead to temporary downtime from 30 seconds to 5 minutes depending on how big the container is. What could be worse, if the update fails and you need to troubleshoot, leading to longer downtime that can last up to 30 minutes, an hour, or a whole day if the problem is large. I've really never looked into alternative solutions when rolling out updates to my own websites and services.
Recently, I've looked into docker-rollout plugin, which helps with this process. When you update an image, you can run the rollout command. This will boot up the new container next to the old one(still running), then remove the old one if the new one passes the healthcheck.
This comes with one issue, which is fixed ports. We all know that you can't run more than one container that are using the port such as 80. So a proxy container should always run next to the main container and be used instead, Caddy for example should do well.
For example, this can be the compose file:
services:
gateway:
image: caddy:alpine
ports:
- "80:80"
command: caddy reverse-proxy --from :3000 --to web:3000
web:
image: my_image
healthcheck:
test: curl -f http://localhost:3000 || exit 1
When the my_image image updates, we can use the rollout command next.
docker rollout -t 30 web
==> Scaling 'web' to '2' instances
[+] up 2/2
✔ Container 01-web-1 Running 0.0s
✔ Container 01-web-2 Started 0.3s
==> Waiting for new containers to be healthy (timeout: 30 seconds)
==> Stopping and removing old containers
03588999be50992c79ee531f5de3b04ac515bdf371d594663604fd396439ac73
03588999be50992c79ee531f5de3b04ac515bdf371d594663604fd396439ac73