"Tiaki" – Hawaiian for guardian
Like a guardian over your containers, Tiaki watches your infrastructure around the clock – detects updates, scans for vulnerabilities, and keeps everything secure.
Keep Your Containers
Safe & Updated
Automated container update detection, vulnerability scanning, and one-click deployments across all your Docker hosts and Kubernetes clusters.
Everything You Need to Manage Containers
Everything you need to replace Watchtower — powerful features designed to keep your Docker infrastructure secure, updated, and running smoothly.
Multi-Host Management
Monitor and manage Docker containers across multiple VMs and Kubernetes clusters from a single dashboard.
Automatic Update Detection
Continuously scan for new container image versions and get notified when updates are available.
Vulnerability Scanning
Integrated CVE scanning with severity levels (Critical/High/Medium/Low) to keep your containers secure.
Smart Update Policies
Define auto-approve rules with version bump limits (patch/minor/major) for different container patterns.
One-Click Deployments
Approve and deploy updates instantly with built-in rollback capability for peace of mind.
Complete Audit Trail
Track all changes, deployments, and rollbacks with comprehensive audit logging and history.
How It Works
Three simple steps to automated container management
Automatic Discovery
Tiaki agents continuously scan your Docker hosts and Kubernetes clusters for running containers and available updates.
Smart Notifications
Get notified about available updates with CVE vulnerability reports and release notes. Set policies to auto-approve safe updates.
Deploy with Confidence
Review and deploy updates with one click. Built-in rollback ensures you can revert changes instantly if needed.
Stay Ahead of Vulnerabilities
Tiaki integrates CVE vulnerability scanning to help you identify and patch security issues before they become problems. Get detailed reports with severity levels and actionable insights.
Real-time CVE Detection
Automatically scan container images for known vulnerabilities with severity ratings
Detailed Reports
View comprehensive vulnerability reports with links to CVE databases and mitigation steps
Secure by Default
All agent communication is encrypted and authenticated with API keys
Up and running in minutes
Tiaki runs entirely on your own infrastructure via Docker. No cloud account needed.
Download the configuration files
Clone the repo or download the compose file directly into a new folder.
git clone https://github.com/tiaki-dev/tiaki.git
cd tiakiCreate your .env file
Copy the example and set a secret admin token.
cp .env.example .env
# Generate a secure token:
openssl rand -hex 32
# Paste the output as ADMIN_TOKEN in your .envStart Tiaki
Spin up the database and web UI with a single command.
docker compose up -dThen open http://localhost:3001 and log in with your ADMIN_TOKEN.
Connect an agent
Go to Agents in the UI, create a new agent, copy the API key, add it to .env, then start the agent.
docker compose --profile agent up -d agentThe agent will start scanning your running containers immediately.
Frequently Asked Questions
Everything you need to know about Tiaki and how it compares to Watchtower.
Ready to get started?
Tiaki is free and open source. Self-host it on your own infrastructure in minutes — no cloud account required.
MIT licensed · Self-hosted · No vendor lock-in