How to disable docker updater addon when using portainer

  • Hi,

    I really like using portainer to manager docker but there is also the updater add-on installed as prerequisite. What I do not want to have is automatic pruning of my images that have no attached container (which is the case for alpine/git docker image for example). How can I disable the cronjob or the related shell scripts permanently? I mean I can edit all that by hand (via crontab -e or simply with an editor) but will it survive the next updater add-on "update"?

    Jan

  • I did not use the addon portainer and I do not know the details or the requirements. However I can suggest you install the portainer container with this SSH command:

    Code
    docker run --name=9000-portainer \
      --restart unless-stopped \
      -v /var/run/docker.sock:/var/run/docker.sock \
      -v /storage/.config/dockers/portainer/data:/data \
      -p 9000:9000 \
      -d portainer/portainer-ce

    and the updater watchtower container with this SSH command:

    Code
    docker run -d \
    --name watchtower-updater \
    -v /var/run/docker.sock:/var/run/docker.sock \
    containrrr/watchtower --run-once

    The watchtocher container is configured to run manually (is always stopped) and only once, and of course it never deletes any docker images. I have been using this for a long time without any problem.

    Obviously you must delete the portainer and updater addons so that there are no conflicts with this alternative.

  • Updater only automatically deletes orphaned images, such as the ones that lost their tag because a newer image was downloaded for that tag. It doesn't auto delete non orphaned images even if they are not attached to a container.

    libreelec-addon-repo/docker.linuxserver.updater at master · linuxserver/libreelec-addon-repo
    Contribute to linuxserver/libreelec-addon-repo development by creating an account on GitHub.
    github.com

    The prune button in the addon settings however does remove all images not attached to a container, but that is a manual operation, not automated.

    libreelec-addon-repo/settings.xml at master · linuxserver/libreelec-addon-repo
    Contribute to linuxserver/libreelec-addon-repo development by creating an account on GitHub.
    github.com

    In other words, updater's cron operation uses "docker image prune -f" whereas the manual button uses "docker image prune -af" with the "a" being the critical flag.

  • Automatic image update for docker containers is a very bad idea:

    • there are containers that may have incompatibilities with others and whose update must be executed in a certain order, and even stop some while updating another (example: my wireguard server must start after pihole)
    • updating a docker image can lead to an interruption of the streaming service (vpn, tv, video, ...)
    • updating a docker image always creates a risky situation that should not be left to an automatic timer
  • Automatic image update for docker containers is a very bad idea:

    • there are containers that may have incompatibilities with others and whose update must be executed in a certain order, and even stop some while updating another (example: my wireguard server must start after pihole)
    • updating a docker image can lead to an interruption of the streaming service (vpn, tv, video, ...)
    • updating a docker image always creates a risky situation that should not be left to an automatic timer

    It doesn't auto recreate containers. It only updates the image so none of those concerns are applicable here.

  • I just realized the mention of watchtower above. So I should clarify my previous post. The updater addon that is referenced in the thread title doesn't auto recreate containers. So it's fine.

    Watchtower however is often used to auto recreate containers based on image updates and that is indeed a bad idea. Never recreate containers when not paying attention.