Update and Cleanup

containrrr/watchtower is a service that monitors Docker images for updates, automatically applying them to running containers.

Automatic image updates + cleanup

Run a watchtower container with access to docker.sock, enabling the service to manage Docker:

    image: containrrr/watchtower:latest
    # Automatic cleanup (removes older image pulls from wasting disk space):
      - /var/run/docker.sock:/var/run/docker.sock

The image tag used for a container is monitored for updates (eg: :latest, :edge, :13)

The automatic update support is only for updates to that specific image tag.

  • Your container will not update to a new major version tag (unless using :latest).
  • Omit the minor or patch portion of the semver tag to receive updates for the omitted portion (eg: 13 will represent the latest minor + patch release of v13).

Updating only specific containers

By default the watchtower service will check every 24 hours for new image updates to pull, based on currently running containers (not restricted to only those running within your compose.yaml).

Images eligible for updates can configured with a custom command that provides a list of container names, or via other supported options (eg: labels). This configuration is detailed in the watchtower docs.

Manual cleanup

watchtower also supports running on-demand with docker run or compose.yaml via the --run-once option.

You can alternatively invoke cleanup of Docker storage directly with:

If you omit the --all option, this will instead only remove "dangling" content (eg: Orphaned images).