Skip to content

qdm12/deunhealth

Repository files navigation

DeUnhealth

Restart your unhealthy containers safely

Build status

dockeri.co

Last release Last Docker tag Last release size GitHub last release date Commits since release

Latest size

GitHub last commit GitHub commit activity GitHub closed PRs GitHub issues GitHub closed issues

Lines of code Code size GitHub repo size Go version

MIT Visitors count

Features

  • Restart unhealthy containers marked with deunhealth.restart.on.unhealthy=true label
  • Receive Docker events as stream instead of polling periodically
  • Doesn't need network for security purposes
  • Compatible with amd64, 386, arm64, arm32v7, arm32v6, ppc64le, s390x and riscv64 CPU architectures
  • Docker image tags and sizes

Setup

  1. Use the following command:

    docker run -d --network none -v /var/run/docker.sock:/var/run/docker.sock qmcgaw/deunhealth

    You can also use docker-compose.yml with:

    docker-compose up -d
  2. Set labels on containers:

    • To restart containers if they go unhealthy, use the label deunhealth.restart.on.unhealthy=true
  3. You can update the image with docker pull qmcgaw/deunhealth:latest or use one of the tags available. ⚠️ You might want to use tagged images since latest will likely break compatibility until we reach a v1.0.0 release.

Options

Environment variable Flag Default Possible values Description
DOCKER_HOST --docker-host Default Docker socket location Docker host value Docker host value such as unix:///var/run/docker.sock or tcp://socket-proxy:2375
LOG_LEVEL --log-level info debug, info, warning, error Logging level
HEALTH_SERVER_ADDRESS --health-server-address 127.0.0.1:9999 Valid address Internal health http server listening address. Nothing to do with restarting unhealthy containers.
TZ N/A America/Montreal string Timezone

Safety

  • The application doesn't need network to reduce the attack surface
  • Since Docker is written in Go, the program is also written in Go and uses the official Docker Go API
  • The Docker container is based on scratch to reduce the attack surface and only contains the static binary
  • The container has to run as root unfortunately 😢

Development

VSCode and Docker

Please refer to the corresponding readme.

Locally

  1. Install Go, Docker and Git

  2. Install Go dependencies with

    go mod download
  3. Install golangci-lint

  4. You might want to use an editor such as Visual Studio Code with the Go extension.

Commands available

# Build the binary
go build cmd/app/main.go
# Test the code
go test ./...
# Lint the code
golangci-lint run
# Build the Docker image
docker build -t qmcgaw/deunhealth .

See Contributing for more information on how to contribute to this repository.

TODOs

  1. Trigger mechanism such that a container restart triggers other restarts
  2. Inject pre-build binary doing a DNS lookup to containers labeled for it and that do not have a healthcheck built in (useful for scratch based images without healthcheck especially)
  3. Integration tests in Go instead of shell script