Docker Community Forums

Share and learn in the Docker community.

Updating containers while installing images from docker hub


(Awaylable) #1

Hi, the last days I started with docker containers in virtual machines.

Now I installed docker on my Odroid ARM board with Ubuntu 18.04, so the most images from docker hub doesn’t work (such as openvpn, guacamole).
If I search for the same images for ARM/RPI, I can find them sometimes, but last push is often about one or two years ago.
It’s probably no good idea to use them without updates. Exec in the container and apt-get doesn’t work, because it’s not in the images.

Is there a way to install updates while downloading the image and creating the container?

Thanks!


(David Maze) #2

Rebuild the image. You may need to explicitly docker pull its base image to make sure it’s up-to-date. (IIRC the base images like ubuntu:18.04 are routinely rebuilt with updates, but not re-tagged, so if you have an ubuntu:18.04 from a week ago and build an image FROM ubuntu:18.04, it’s not going to have a just-released update in it.)


(Awaylable) #3

Thanks for the fast reply. But Ubuntu is not the docker image. It’s just the OS of the host.
I meant apps like OpenVPN for ARM: https://hub.docker.com/r/giggio/openvpn-arm/
It shows in docker hub “Last pushed: a year ago”. So I think their is no newer version to pull directly.


(Awaylable) #4

After a lot of troubleshooting and searching, I found a solution for OpenVPN for ARM (https://hub.docker.com/r/giggio/openvpn-arm/).
Created a new image from the container, after the update and editing a file. Completely rebuilding with the files from github worked also for me. I just tried both ways, because at the beginning I didn’t knew why the container always stopped after restarting the container. The reason was the config file.
@dmaze Sorry, this was probably what you meant with the rebuild. :see_no_evil:

It’s not that nice like pulling an updated image. But better than using an outdated version from 2016.

If someone wants to try, this are the steps.

Start the bash of the running openvpn-container. In this case the name of the container is "openvpn-container".

$ sudo docker exec -it openvpn-container /bin/bash

Check the version of openvpn

 # openvpn --version
 OpenVPN 2.3.12

Update repository
 # apk update

Upgrade the packages
 # apk upgrade

Check the version again.

 # openvpn --version
 OpenVPN 2.4.6

Now you need to change the openvpn.conf, or the container will not start after the upgrade.

 # vi /etc/openvpn/openvpn.conf

The following lines needs some Quotes:

 push block-outside-dns
 push dhcp-option DNS 8.8.8.8
 push dhcp-option DNS 8.8.4.4

It should look like this. 

 push "block-outside-dns"
 push "dhcp-option DNS 8.8.8.8"
 push "dhcp-option DNS 8.8.4.4"

Save the file and leave the container session.

 # exit

Create the new image, I just used the version in the new image name.

 $ sudo docker commit openvpn-container openvpn246

Now you can stop the old container and "docker run" with the new image, but old volume.

$ sudo docker stop openvpn-ct
$ OVPN_DATA="ovpn-data"
$ sudo docker run -v $OVPN_DATA:/etc/openvpn -d --name openvpn-container-246 -p 1194:1194/udp --cap-add=NET_ADMIN openvpn246

If someone has a better solution for all that outdated images on docker hub, just tell me :slight_smile:


(David Maze) #5

You know the specific image you started from and the set of commands you needed to run to update it, which is enough information to write a Dockerfile:

FROM giggio/openvpn-arm:latest
RUN apk update
RUN apk upgrade
RUN sed -i.bak -e 's/push \(.*\)/push "\1"/' /etc/openvpn/openvpn.conf

Now you can run:

# Get the most recent upstream image
docker pull giggio/openvpn-arm
# Rebuild, forcing Docker to re-run the "update" step
docker build -t openvpn246 --no-cache .

The Docker Hub page you reference also links to a GitHub repository, and so you could fork it and edit the Dockerfile in your fork, rebuilding from a base ARM Alpine image. (I note that it declares VOLUME ["/etc/openvpn"] which will cause trouble for you; you may be forced to fork it and rebuild from scratch, maybe removing this declaration.)