Skip to content

Python script that updates Docker Swarm services, with optional notifications

License

Notifications You must be signed in to change notification settings

blamebutton/disrupt

Repository files navigation

Disrupt (Docker Swarm Service Updater)

GitHub release GitHub GitHub contributors

Build Status Docker Pulls Discord Widget

Usage

version: '3'

services:
  whoami:
    image: jwilder/whoami
    ports:
      - 8080:8000

  disrupt:
    image: blamebutton/disrupt
    volumes:
      # Mount the Docker socket, this is required for interacting with the Docker API.
      - /var/run/docker.sock:/var/run/docker.sock
    deploy:
      placement:
        constraints:
          # Disrupt needs permission to update services, only managers are allowed to do that.
          - node.role == manager

For more examples, check out the examples folder

Note: Docker Swarm does not support running locally built images, so neither does Disrupt.

Configuration

Configuration of Disrupt is done through environment variables. This is done to make the deployment of Disrupt environment-agnostic.

Below is a list of environment variables available to be configured.

Name Type Options
UPDATE_DELAY Integer default = 300
NOTIFICATION_URL String Any Apprise compatible URL

Notifications

Disrupt uses the Apprise notification library for Python. Check out their documentation for more advanced usages.

Here is a small list of notification providers that Apprise supports:

  • Slack
  • Discord
  • Telegram
  • PushBullet
  • Dbus
  • Mail
  • Custom notifications to a given URL in JSON or XML format

Contributing

Feel free to make a feature request or if you have Python experience; pull requests are welcome too!

Troubleshooting

Could not connect to Docker Engine

Did you mount the Docker socket to the container? Check out the example if you want to know how.

In the special case that you are accessing Docker over TCP, you should place Disrupt in the same network as your TCP socket. Using a Docker socket proxy (like docker-socket-proxy, or sockguard) is recommended for enhanced security in this case. You could then configure the proxy to only allow GET requests for service info, for example. That way, if the Disrupt container gets compromised it can't do any harm to the cluster in the form of modifications/destructive instructions.

Support

If you're having trouble getting Disrupt to work, we have a Discord for support and questions.