The Ultimate Guide to Diun: Never Miss a Docker Update!

The Ultimate Guide to Diun: Never Miss a Docker Update!

Hello again, dear readers!

As Docker remains a foundational pillar of our infrastructure, the task of tracking container updates never ceases. In a previous article, we explored the magic of Watchtower for automating updates. However, there's another knight in shining armor when it comes to just being notified of updates: Diun.

Diun stands for Docker Image Update Notifier. Instead of automatically updating your containers (like Watchtower), Diun simply informs you when there's a new image available. For sysadmins who like to take a hands-on approach and inspect updates before applying them, Diun is a godsend.

Why Diun?

  1. Stay Informed: With Diun, you're never caught off-guard. You always know when an update is available, allowing you to schedule maintenance or review changes at your convenience.
  2. Flexible Notifications: Whether you prefer email notifications, chat messages, or even creating tickets in your helpdesk system, Diun can be configured to notify you in a variety of ways.
  3. Cloud Provider Integration: If you store your images on cloud providers like AWS ECR, Google GCR, or Azure ACR, Diun can scan and notify updates from these sources too.

Setting up Diun with Docker Compose

For those using Docker Compose, integrating Diun is a straightforward process. Here's a basic example to get you started:

version: "3"
    image: crazymax/diun:latest
      - /var/run/docker.sock:/var/run/docker.sock
      - ./diun/data:/data # Path to store Diun's data
      - TZ=Your_Time_Zone
      - LOG_LEVEL=info
      - LOG_JSON=false
    restart: always

Replace Your_Time_Zone with your actual timezone for accurate scheduling. This setup will have Diun monitoring your Docker daemon and storing its data in the ./diun/data directory.

Configuring Notifications

Diun offers various notification methods. Here’s how to set up email notifications:

  1. Add the Notification Environment Variables:

In the environment section of the Docker Compose file, add:

      - DIUN_NOTIF_MAIL_SSL=true
      - [email protected]
      - DIUN_NOTIF_MAIL_PASSWORD=your_email_password
      - [email protected]
      - [email protected]

Remember to replace placeholders (,, [email protected], your_email_password, etc.) with your actual details.

  1. Apply the Configuration:

After adding the environment variables, restart your Diun service:

docker-compose up -d

Excluding Specific Containers

Just like with Watchtower, there might be certain containers you want to exclude from Diun's notifications. It's easy to do:

  1. Using Labels:

When running a container you wish to exclude, use:

docker run -d \
  --name your_container_name \
  --label diun.enable=false \

For Docker Compose:

    image: your_image:your_tag
      - diun.enable=false

In conclusion, Diun is an invaluable tool in a sysadmin's Docker toolkit. It bridges the gap between being caught unawares and being bombarded with unscheduled auto-updates. With Diun, you're in control, deciding when and how to update your containers.

Stay tuned for more sysadmin tips and tricks!