How are you patching your Windows docker swarm nodes?

Hey all. How are you handling patching your Windows docker swarm servers?

My organization is using Windows virtual machines (VMware/ESXi) running docker swarm as our worker nodes. Our containerized applications can only run in Windows currently, so Linux is not an option. We are running Linux on our manager nodes, however.

I’ve been tasked with keeping these servers patches up to date and I’m curious how others are handling this.



I belive its just to drain the node (Drain a node on the swarm | Docker Documentation)
and do your updates, and after that, set it active again :slight_smile:

Thanks terpz, I should’ve clarified. That is what we are doing currently but we are looking to implement an automated procedure to do so. We have around 40 servers running Docker Swarm on Windows, so patching all of them manually takes a long time.

Do you allready have an automation platform?
Else i belive this task could be handled by using Ansible since its supports both Windows and linux, then you can:

  1. tell manager to drain node
  2. update & reboot node
  3. tell manager to activate node
  4. goto #1