docker_swarm_service – docker swarm service¶
New in version 2.7.
Requirements¶
The below requirements are needed on the host that executes this module.
Parameters¶
Parameter | Choices/Defaults | Comments |
---|---|---|
api_version
-
|
Default: "auto"
|
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
If the value is not specified in the task, the value of environment variable
DOCKER_API_VERSION will be used instead. If the environment variable is not set, the default value will be used.aliases: docker_api_version |
args
-
|
Default: []
|
List comprised of the command and the arguments to be run inside
the container
|
cacert_path
-
|
Use a CA certificate when performing server verification by providing the path to a CA certificate file.
If the value is not specified in the task and the environment variable
DOCKER_CERT_PATH is set, the file ca.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.aliases: tls_ca_cert |
|
cert_path
-
|
Path to the client's TLS certificate file.
If the value is not specified in the task and the environment variable
DOCKER_CERT_PATH is set, the file cert.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.aliases: tls_client_cert |
|
configs
-
|
Default: []
|
List of dictionaries describing the service configs.
Every item must be a dictionary exposing the keys config_id, config_name, filename, uid (defaults to 0), gid (defaults to 0), mode (defaults to 0444)
Maps docker service --config option.
Requires API version >= 1.30
|
constraints
-
|
Default: []
|
List of the service constraints.
Maps docker service --constraint option.
|
container_labels
dictionary
|
Dictionary of key value pairs.
Maps docker service --container-label option.
|
|
debug
boolean
|
|
Debug mode
|
dns
-
|
Default: []
|
List of custom DNS servers.
Maps docker service --dns option.
Requires API version >= 1.25
|
dns_options
-
|
Default: []
|
List of custom DNS options.
Maps docker service --dns-option option.
Requires API version >= 1.25
|
dns_search
-
|
Default: []
|
List of custom DNS search domains.
Maps docker service --dns-search option.
Requires API version >= 1.25
|
docker_host
-
|
Default: "unix://var/run/docker.sock"
|
The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
If the value is not specified in the task, the value of environment variable
DOCKER_HOST will be used instead. If the environment variable is not set, the default value will be used.aliases: docker_url |
endpoint_mode
string
|
|
Service endpoint mode.
Maps docker service --endpoint-mode option.
|
env
-
|
Default: []
|
List of the service environment variables.
Maps docker service --env option.
|
force_update
boolean
|
|
Force update even if no changes require it.
Maps to docker service update --force option.
Requires API version >= 1.25
|
hostname
-
|
Default: ""
|
Container hostname
Maps docker service --hostname option.
Requires API version >= 1.25
|
image
-
/ required
|
Service image path and tag. Maps docker service IMAGE parameter.
|
|
key_path
-
|
Path to the client's TLS key file.
If the value is not specified in the task and the environment variable
DOCKER_CERT_PATH is set, the file key.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.aliases: tls_client_key |
|
labels
dictionary
|
Dictionary of key value pairs.
Maps docker service --label option.
|
|
limit_cpu
-
|
Default: 0.0
|
Service CPU limit. 0 equals no limit.
Maps docker service --limit-cpu option.
|
limit_memory
-
|
Default: 0
|
Service memory limit (format:
<number>[<unit>] ). Number is a positive integer. Unit can be B (byte), K (kibibyte, 1024B), M (mebibyte), G (gibibyte), T (tebibyte), or P (pebibyte).0 equals no limit.
Omitting the unit defaults to bytes.
Maps docker service --limit-memory option.
|
log_driver
-
|
Default: "json-file"
|
Configure the logging driver for a service
|
log_driver_options
-
|
Default: []
|
Options for service logging driver
|
mode
-
|
Default: "replicated"
|
Service replication mode.
Maps docker service --mode option.
|
mounts
-
|
Default: []
|
List of dictionaries describing the service mounts.
Every item must be a dictionary exposing the keys source, target, type (defaults to 'bind'), readonly (defaults to false)
Maps docker service --mount option.
|
name
-
/ required
|
Service name
|
|
networks
-
|
Default: []
|
List of the service networks names.
Maps docker service --network option.
|
publish
-
|
Default: []
|
List of dictionaries describing the service published ports.
Every item must be a dictionary exposing the keys published_port, target_port, protocol (defaults to 'tcp'), mode <ingress|host>, default to ingress.
Only used with api_version >= 1.25
If API version >= 1.32 and docker python library >= 3.0.0 attribute 'mode' can be set to 'ingress' or 'host' (default 'ingress').
|
replicas
-
|
Default: -1
|
Number of containers instantiated in the service. Valid only if ``mode=='replicated'``.
If set to -1, and service is not present, service replicas will be set to 1.
If set to -1, and service is present, service replicas will be unchanged.
Maps docker service --replicas option.
|
reserve_cpu
-
|
Default: 0.0
|
Service CPU reservation. 0 equals no reservation.
Maps docker service --reserve-cpu option.
|
reserve_memory
-
|
Default: 0
|
Service memory reservation (format:
<number>[<unit>] ). Number is a positive integer. Unit can be B (byte), K (kibibyte, 1024B), M (mebibyte), G (gibibyte), T (tebibyte), or P (pebibyte).0 equals no reservation.
Omitting the unit defaults to bytes.
Maps docker service --reserve-memory option.
|
restart_policy
-
|
|
Restart condition of the service.
Maps docker service --restart-condition option.
|
restart_policy_attempts
-
|
Default: 0
|
Maximum number of service restarts.
Maps docker service --restart-max-attempts option.
|
restart_policy_delay
-
|
Default: 0
|
Delay between restarts.
Maps docker service --restart-delay option.
|
restart_policy_window
-
|
Default: 0
|
Restart policy evaluation window.
Maps docker service --restart-window option.
|
secrets
-
|
Default: []
|
List of dictionaries describing the service secrets.
Every item must be a dictionary exposing the keys secret_id, secret_name, filename, uid (defaults to 0), gid (defaults to 0), mode (defaults to 0444)
Maps docker service --secret option.
Requires API version >= 1.25
|
ssl_version
-
|
Provide a valid SSL version number. Default value determined by ssl.py module.
If the value is not specified in the task, the value of environment variable
DOCKER_SSL_VERSION will be used instead. |
|
state
-
/ required
|
|
Service state.
|
timeout
-
|
Default: 60
|
The maximum amount of time in seconds to wait on a response from the API.
If the value is not specified in the task, the value of environment variable
DOCKER_TIMEOUT will be used instead. If the environment variable is not set, the default value will be used. |
tls
boolean
|
|
Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
If the value is not specified in the task, the value of environment variable
DOCKER_TLS will be used instead. If the environment variable is not set, the default value will be used. |
tls_hostname
-
|
Default: "localhost"
|
When verifying the authenticity of the Docker Host server, provide the expected name of the server.
If the value is not specified in the task, the value of environment variable
DOCKER_TLS_HOSTNAME will be used instead. If the environment variable is not set, the default value will be used. |
tls_verify
boolean
|
|
Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
If the value is not specified in the task, the value of environment variable
DOCKER_TLS_VERIFY will be used instead. If the environment variable is not set, the default value will be used. |
tty
boolean
|
|
Allocate a pseudo-TTY
Maps docker service --tty option.
Requires API version >= 1.25
|
update_delay
-
|
Default: 10
|
Rolling update delay
Maps docker service --update-delay option
|
update_failure_action
-
|
|
Action to take in case of container failure
Maps to docker service --update-failure-action option
|
update_max_failure_ratio
-
|
Default: 0.0
|
Fraction of tasks that may fail during an update before the failure action is invoked
Maps to docker service --update-max-failure-ratio
|
update_monitor
-
|
Default: 5000000000
|
Time to monitor updated tasks for failures, in nanoseconds.
Maps to docker service --update-monitor option
|
update_order
-
|
|
Specifies the order of operations when rolling out an updated task.
Maps to docker service --update-order
Requires API version >= 1.29
|
update_parallelism
-
|
Default: 1
|
Rolling update parallelism
Maps docker service --update-parallelism option
|
user
-
|
Default: "root"
|
username or UID.
If set to
null the image provided value (or the one already set for the service) will be used |
Notes¶
Note
- Connect to the Docker daemon by providing parameters with each task or by defining environment variables. You can define DOCKER_HOST, DOCKER_TLS_HOSTNAME, DOCKER_API_VERSION, DOCKER_CERT_PATH, DOCKER_SSL_VERSION, DOCKER_TLS, DOCKER_TLS_VERIFY and DOCKER_TIMEOUT. If you are using docker machine, run the script shipped with the product that sets up the environment. It will set these variables for you. See https://docker-py.readthedocs.io/en/stable/machine/ for more details.
- When connecting to Docker daemon with TLS, you might need to install additional Python packages. For the Docker SDK for Python, version 2.4 or newer, this can be done by installing
docker[tls]
with pip. - Note that the Docker SDK for Python only allows to specify the path to the Docker configuration for very few functions. In general, it will use
$HOME/docker/config.json
if theDOCKER_CONFIG
environment variable is not specified, and use$DOCKER_CONFIG/config.json
otherwise.
Examples¶
- name: define myservice
docker_swarm_service:
name: myservice
image: "alpine"
args:
- "sleep"
- "3600"
mounts:
- source: /tmp/
target: /remote_tmp/
type: bind
env:
- "ENVVAR1=envvar1"
log_driver: fluentd
log_driver_options:
fluentd-address: "127.0.0.1:24224"
fluentd-async-connect: true
tag: "{{.Name}}/{{.ID}}"
restart_policy: any
restart_policy_attempts: 5
restart_policy_window: 30
register: dss_out1
- name: change myservice.env
docker_swarm_service:
name: myservice
image: "alpine"
args:
- "sleep"
- "7200"
mounts:
- source: /tmp/
target: /remote_tmp/
type: bind
env:
- "ENVVAR1=envvar1"
restart_policy: any
restart_policy_attempts: 5
restart_policy_window: 30
register: dss_out2
- name: test for changed myservice facts
fail:
msg: unchanged service
when: "{{ dss_out1 == dss_out2 }}"
- name: change myservice.image
docker_swarm_service:
name: myservice
image: "alpine:edge"
args:
- "sleep"
- "7200"
mounts:
- source: /tmp/
target: /remote_tmp/
type: bind
env:
- "ENVVAR1=envvar1"
restart_policy: any
restart_policy_attempts: 5
restart_policy_window: 30
register: dss_out3
- name: test for changed myservice facts
fail:
msg: unchanged service
when: "{{ dss_out2 == dss_out3 }}"
- name: remove mount
docker_swarm_service:
name: myservice
image: "alpine:edge"
args:
- "sleep"
- "7200"
env:
- "ENVVAR1=envvar1"
restart_policy: any
restart_policy_attempts: 5
restart_policy_window: 30
register: dss_out4
- name: test for changed myservice facts
fail:
msg: unchanged service
when: "{{ dss_out3 == dss_out4 }}"
- name: keep service as it is
docker_swarm_service:
name: myservice
image: "alpine:edge"
args:
- "sleep"
- "7200"
env:
- "ENVVAR1=envvar1"
restart_policy: any
restart_policy_attempts: 5
restart_policy_window: 30
register: dss_out5
- name: test for changed service facts
fail:
msg: changed service
when: "{{ dss_out5 != dss_out5 }}"
- name: remove myservice
docker_swarm_service:
name: myservice
state: absent
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
changes
list
|
always |
List of changed service attributes if a service has been altered, [] otherwhise
Sample:
['container_labels', 'replicas']
|
rebuilt
boolean
|
always |
True if the service has been recreated (removed and created)
Sample:
True
|
swarm_service
dictionary
|
always |
Dictionary of variables representing the current state of the service. Matches the module parameters format.
Note that facts are not part of registered vars but accessible directly.
Note that before Ansible 2.7.9, the return variable was documented as
ansible_swarm_service , while the module actually returned a variable called ansible_docker_service . The variable was renamed to swarm_service in both code and documentation for Ansible 2.7.9 and Ansible 2.8.0. In Ansible 2.7.x, the old name ansible_docker_service can still be used.Sample:
{ "args": [ "sleep", "3600" ], "constraints": [], "container_labels": {}, "endpoint_mode": "vip", "env": [ "ENVVAR1=envvar1" ], "force_update": False, "image": "alpine", "labels": {}, "limit_cpu": 0.0, "limit_memory": 0, "log_driver": "json-file", "log_driver_options": {}, "mode": "replicated", "mounts": [ { "source": "/tmp/", "target": "/remote_tmp/", "type": "bind" } ], "secrets": [], "configs": [], "networks": [], "publish": [], "replicas": 1, "reserve_cpu": 0.0, "reserve_memory": 0, "restart_policy": "any", "restart_policy_attempts": 5, "restart_policy_delay": 0, "restart_policy_window": 30, "update_delay": 10, "update_parallelism": 1, "update_failure_action": "continue", "update_monitor": 5000000000 "update_max_failure_ratio": 0, "update_order": "stop-first" }
|
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Dario Zanzico (@dariko), Jason Witkowski (@jwitko)
Hint
If you notice any issues in this documentation you can edit this document to improve it.