As it turns out, I had keeping my dokku apps up to date completely wrong. The containers that your dokku apps run in are not based on the
ubuntu:trusty Docker image. They're instead based on
ubuntu-debootstrap:14.04. Additionally, currently you can't trust the
progrium/buildstep images from Docker Hub, as they're not updated when the base image is updated (Issues are filed on cedarish and buildstep to make this rebuilding automatic on Docker Hub).
However, you can tell your host machine to rebuild the images itself. The script I'm now running daily to keep all the dokku things up to date is below:
- Lines 8 and 9 pull the latest Ubuntu images from Docker Hub.
- Lines 11-23 update all the dokku plugins I have. This is an optional step, especially to be avoided if you need to vet every change to your environment.
- Lines 26-29 rebuild the cedarish image. Note that this will only do a build if the base image is also new. Docker is good about this.
- Lines 32-25 do the same thing for the buildstep image.
- Line 38 rebuilds and redeploys all of our apps.
- Line 39 waits for 2 minutes, so that the old containers can die peacefully.
- Lines 42 and 43 clean up old containers and images. There's some good discussion on Docker container cleanup methods, I picked what I liked.
- Detect if either
buildstepactually changed in their rebuilds, and exit before line 38 if they did.