community.docker.docker_config module – Manage docker configs.
Note
This module is part of the community.docker collection (version 2.6.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.docker
.
To use it in a playbook, specify: community.docker.docker_config
.
Synopsis
Create and remove Docker configs in a Swarm environment. Similar to
docker config create
anddocker config rm
.Adds to the metadata of new configs ‘ansible_key’, an encrypted hash representation of the data, which is then used in future runs to test if a config has changed. If ‘ansible_key’ is not present, then a config will not be updated unless the force option is set.
Updates to configs are performed by removing the config and creating it again.
Requirements
The below requirements are needed on the host that executes this module.
Docker API >= 1.30
Docker SDK for Python: Please note that the docker-py Python module has been superseded by docker (see here for details). This module does not work with docker-py.
Docker SDK for Python >= 2.6.0
Python >= 2.7
Parameters
Parameter |
Comments |
---|---|
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by Docker SDK for Python and the docker daemon. If the value is not specified in the task, the value of environment variable Default: “auto” |
|
Use a CA certificate when performing server verification by providing the path to a CA certificate file. If the value is not specified in the task and the environment variable |
|
Path to the client’s TLS certificate file. If the value is not specified in the task and the environment variable |
|
Path to the client’s TLS key file. If the value is not specified in the task and the environment variable |
|
The value of the config. Mutually exclusive with data_src. One of data and data_src is required if state=present. |
|
If set to To use binary data, it is better to keep it Base64 encoded and let it be decoded by this option. Choices:
|
|
The file on the target from which to read the config. Mutually exclusive with data. One of data and data_src is required if state=present. |
|
Debug mode Choices:
|
|
The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, If the value is not specified in the task, the value of environment variable Default: “unix://var/run/docker.sock” |
|
Use with state If Choices:
|
|
A map of key:value meta data, where both the key and value are expected to be a string. If new meta data is provided, or existing meta data is modified, the config will be updated by removing it and creating it again. |
|
The name of the config. |
|
If set to Adds a label containing the version number to the managed configs with the name Choices:
|
|
Provide a valid SSL version number. Default value determined by ssl.py module. If the value is not specified in the task, the value of environment variable |
|
Set to Choices:
|
|
Set to Choices:
|
|
The maximum amount of time in seconds to wait on a response from the API. If the value is not specified in the task, the value of environment variable Default: 60 |
|
Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server. Note that if validate_certs is set to If the value is not specified in the task, the value of environment variable Choices:
|
|
When verifying the authenticity of the Docker Host server, provide the expected name of the server. If the value is not specified in the task, the value of environment variable The current default value is |
|
For SSH transports, use the Requires Docker SDK for Python 4.4.0 or newer. Choices:
|
|
Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server. If the value is not specified in the task, the value of environment variable Choices:
|
|
When using rolling_versions, the number of old versions of the config to keep. Extraneous old configs are deleted after the new one is created. Set to Default: 5 |
Notes
Note
Connect to the Docker daemon by providing parameters with each task or by defining environment variables. You can define
DOCKER_HOST
,DOCKER_TLS_HOSTNAME
,DOCKER_API_VERSION
,DOCKER_CERT_PATH
,DOCKER_SSL_VERSION
,DOCKER_TLS
,DOCKER_TLS_VERIFY
andDOCKER_TIMEOUT
. If you are using docker machine, run the script shipped with the product that sets up the environment. It will set these variables for you. See https://docs.docker.com/machine/reference/env/ for more details.When connecting to Docker daemon with TLS, you might need to install additional Python packages. For the Docker SDK for Python, version 2.4 or newer, this can be done by installing
docker[tls]
with ansible.builtin.pip.Note that the Docker SDK for Python only allows to specify the path to the Docker configuration for very few functions. In general, it will use
$HOME/.docker/config.json
if theDOCKER_CONFIG
environment variable is not specified, and use$DOCKER_CONFIG/config.json
otherwise.This module uses the Docker SDK for Python to communicate with the Docker daemon.
Examples
- name: Create config foo (from a file on the control machine)
community.docker.docker_config:
name: foo
# If the file is JSON or binary, Ansible might modify it (because
# it is first decoded and later re-encoded). Base64-encoding the
# file directly after reading it prevents this to happen.
data: "{{ lookup('file', '/path/to/config/file') | b64encode }}"
data_is_b64: true
state: present
- name: Create config foo (from a file on the target machine)
community.docker.docker_config:
name: foo
data_src: /path/to/config/file
state: present
- name: Change the config data
community.docker.docker_config:
name: foo
data: Goodnight everyone!
labels:
bar: baz
one: '1'
state: present
- name: Add a new label
community.docker.docker_config:
name: foo
data: Goodnight everyone!
labels:
bar: baz
one: '1'
# Adding a new label will cause a remove/create of the config
two: '2'
state: present
- name: No change
community.docker.docker_config:
name: foo
data: Goodnight everyone!
labels:
bar: baz
one: '1'
# Even though 'two' is missing, there is no change to the existing config
state: present
- name: Update an existing label
community.docker.docker_config:
name: foo
data: Goodnight everyone!
labels:
bar: monkey # Changing a label will cause a remove/create of the config
one: '1'
state: present
- name: Force the (re-)creation of the config
community.docker.docker_config:
name: foo
data: Goodnight everyone!
force: yes
state: present
- name: Remove config foo
community.docker.docker_config:
name: foo
state: absent
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The ID assigned by Docker to the config object. Returned: success and state is Sample: “hzehrmyjigmcp2gb6nlhmjqcv” |
|
The name of the created config object. Returned: success and state is Sample: “awesome_config” |
Authors
Chris Houseknecht (@chouseknecht)
John Hu (@ushuz)
Collection links
Issue Tracker Repository (Sources) Submit a bug report Request a feature Communication