community.docker.docker_swarm module – Manage Swarm cluster
Note
This module is part of the community.docker collection (version 3.13.1).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.docker
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.docker.docker_swarm
.
Synopsis
Create a new Swarm cluster.
Add/Remove nodes or managers to an existing cluster.
Requirements
The below requirements are needed on the host that executes this module.
Docker API >= 1.25
Docker SDK for Python: Please note that the docker-py Python module has been superseded by docker (see here for details). Note that both modules should *not* be installed at the same time. Also note that when both modules are installed and one of them is uninstalled, the other might no longer function and a reinstall of it is required.
Docker SDK for Python >= 1.10.0
Parameters
Parameter |
Comments |
---|---|
Externally reachable address advertised to other nodes. This can either be an address/port combination in the form If the port number is omitted, the port number from the listen address is used. If Only used when swarm is initialised or joined. Because of this it’s not considered for idempotency checking. |
|
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by Docker SDK for Python and the docker daemon. If the value is not specified in the task, the value of environment variable Default: |
|
If set, generate a key and use it to lock data stored on the managers. Docker default value is community.docker.docker_swarm_info can be used to retrieve the unlock key. Choices:
|
|
An integer whose purpose is to force swarm to generate a new signing CA certificate and key, if none have been specified. Docker default value is Requires API version >= 1.30. |
|
Use a CA certificate when performing server verification by providing the path to a CA certificate file. If the value is not specified in the task and the environment variable This option was called |
|
Path to the client’s TLS certificate file. If the value is not specified in the task and the environment variable |
|
Path to the client’s TLS key file. If the value is not specified in the task and the environment variable |
|
Address or interface to use for data path traffic. This can either be an address in the form Only used when swarm is initialised or joined. Because of this it is not considered for idempotency checking. Requires API version >= 1.30. |
|
Port to use for data path traffic. This needs to be a port number like Only used when swarm is initialised. Because of this it is not considered for idempotency checking. Requires API version >= 1.40. |
|
Debug mode Choices:
|
|
Default address pool in CIDR format. Only used when swarm is initialised. Because of this it’s not considered for idempotency checking. Requires API version >= 1.39. |
|
The delay (in nanoseconds) for an agent to send a heartbeat to the dispatcher. Docker default value is 5 seconds, which corresponds to a value of |
|
The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, If the value is not specified in the task, the value of environment variable Default: |
|
Amount of ticks (in seconds) needed without a leader to trigger a new election. Docker default value is |
|
Use with state Use with state Choices:
|
|
Amount of ticks (in seconds) between each heartbeat. Docker default value is |
|
Swarm token used to join a swarm cluster. Used with If this value is specified, the corresponding value in the return values will be censored by Ansible. This is a side-effect of this value not being logged. |
|
Number of snapshots to keep beyond the current snapshot. Docker default value is |
|
User-defined key/value metadata. Label operations in this module apply to the docker swarm cluster. Use community.docker.docker_node module to add/modify/remove swarm node labels. Requires API version >= 1.32. |
|
Listen address used for inter-manager communication. This can either be an address/port combination in the form If the port number is omitted, the default swarm listening port is used. Only used when swarm is initialised or joined. Because of this it’s not considered for idempotency checking. Default: |
|
Number of log entries to keep around to sync up slow followers after a snapshot is created. |
|
The name of the swarm. |
|
Automatic expiry for nodes certificates, given in nanoseconds. Docker default value is 90 days, which corresponds to a value of |
|
Swarm id of the node to remove. Used with |
|
Remote address of one or more manager nodes of an existing Swarm to connect to. Used with |
|
Rotate the manager join token. Choices:
|
|
Rotate the worker join token. Choices:
|
|
The desired signing CA certificate for all swarm node TLS leaf certificates, in PEM format. This must not be a path to a certificate, but the contents of the certificate. Requires API version >= 1.30. |
|
The desired signing CA key for all swarm node TLS leaf certificates, in PEM format. This must not be a path to a key, but the contents of the key. Requires API version >= 1.30. |
|
Number of logs entries between snapshot. Docker default value is |
|
Provide a valid SSL version number. Default value determined by SSL Python module. If the value is not specified in the task, the value of environment variable Note: this option is no longer supported for Docker SDK for Python 7.0.0+. Specifying it with Docker SDK for Python 7.0.0 or newer will lead to an error. |
|
Set to Set to Set to Set to community.docker.docker_node can be used to demote a manager before removal. Choices:
|
|
Default address pool subnet mask length. Only used when swarm is initialised. Because of this it’s not considered for idempotency checking. Requires API version >= 1.39. |
|
Maximum number of tasks history stored. Docker default value is |
|
The maximum amount of time in seconds to wait on a response from the API. If the value is not specified in the task, the value of environment variable Default: |
|
Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server. Note that if If the value is not specified in the task, the value of environment variable Choices:
|
|
When verifying the authenticity of the Docker Host server, provide the expected name of the server. If the value is not specified in the task, the value of environment variable Note that this option had a default value Note: this option is no longer supported for Docker SDK for Python 7.0.0+. Specifying it with Docker SDK for Python 7.0.0 or newer will lead to an error. |
|
For SSH transports, use the Requires Docker SDK for Python 4.4.0 or newer. Choices:
|
|
Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server. If the value is not specified in the task, the value of environment variable Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Action groups: community.docker.docker, docker |
Use |
|
Support: full |
Can run in |
|
Support: full |
Will return details on what has changed (or possibly needs changing in |
Notes
Note
Connect to the Docker daemon by providing parameters with each task or by defining environment variables. You can define
DOCKER_HOST
,DOCKER_TLS_HOSTNAME
,DOCKER_API_VERSION
,DOCKER_CERT_PATH
,DOCKER_SSL_VERSION
,DOCKER_TLS
,DOCKER_TLS_VERIFY
andDOCKER_TIMEOUT
. If you are using docker machine, run the script shipped with the product that sets up the environment. It will set these variables for you. See https://docs.docker.com/machine/reference/env/ for more details.When connecting to Docker daemon with TLS, you might need to install additional Python packages. For the Docker SDK for Python, version 2.4 or newer, this can be done by installing
docker[tls]
with ansible.builtin.pip.Note that the Docker SDK for Python only allows to specify the path to the Docker configuration for very few functions. In general, it will use
$HOME/.docker/config.json
if theDOCKER_CONFIG
environment variable is not specified, and use$DOCKER_CONFIG/config.json
otherwise.This module uses the Docker SDK for Python to communicate with the Docker daemon.
Examples
- name: Init a new swarm with default parameters
community.docker.docker_swarm:
state: present
- name: Update swarm configuration
community.docker.docker_swarm:
state: present
election_tick: 5
- name: Add nodes
community.docker.docker_swarm:
state: join
advertise_addr: 192.168.1.2
join_token: SWMTKN-1--xxxxx
remote_addrs: [ '192.168.1.1:2377' ]
- name: Leave swarm for a node
community.docker.docker_swarm:
state: absent
- name: Remove a swarm manager
community.docker.docker_swarm:
state: absent
force: true
- name: Remove node from swarm
community.docker.docker_swarm:
state: remove
node_id: mynode
- name: Init a new swarm with different data path interface
community.docker.docker_swarm:
state: present
advertise_addr: eth0
data_path_addr: ens10
- name: Init a new swarm with a different data path port
community.docker.docker_swarm:
state: present
data_path_port: 9789
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Provides the actions done on the swarm. Returned: when action failed. Sample: |
|
Information about swarm. Returned: success |
|
Tokens to connect to the Swarm. Returned: success |
|
Token to join the cluster as a new *manager* node. Note: if this value has been specified as Returned: success Sample: |
|
Token to join the cluster as a new *worker* node. Note: if this value has been specified as Returned: success Sample: |
|
The swarm unlock-key if Returned: on success if Sample: |