docker_swarm_service - docker swarm service

New in version 2.7.

Synopsis

Requirements

The below requirements are needed on the host that executes this module.

  • docker-py >= 2.0
  • Please note that the docker-py Python module has been superseded by docker (see here for details). Version 2.1.0 or newer is only available with the docker module.

Parameters

Parameter Choices/Defaults Comments
api_version Default:
auto
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.
If the value is not specified in the task, the value of environment variable DOCKER_API_VERSION will be used instead. If the environment variable is not set, the default value will be used.

aliases: docker_api_version
args Default:
[]
List comprised of the command and the arguments to be run inside
the container
cacert_path
Use a CA certificate when performing server verification by providing the path to a CA certificate file.
If the value is not specified in the task and the environment variable DOCKER_CERT_PATH is set, the file ca.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.

aliases: tls_ca_cert
cert_path
Path to the client's TLS certificate file.
If the value is not specified in the task and the environment variable DOCKER_CERT_PATH is set, the file cert.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.

aliases: tls_client_cert
configs Default:
[]
List of dictionaries describing the service configs.
Every item must be a dictionary exposing the keys config_id, config_name, filename, uid (defaults to 0), gid (defaults to 0), mode (defaults to 0o444)
Maps docker service --config option.
constraints Default:
[]
List of the service constraints.
Maps docker service --constraint option.
container_labels Default:
[]
List of the service containers labels.
Maps docker service --container-label option.
debug
bool
    Choices:
  • no ←
  • yes
Debug mode
dns Default:
[]
List of custom DNS servers.
Maps docker service --dns option.
Requires api_version >= 1.25
dns_options Default:
[]
List of custom DNS options.
Maps docker service --dns-option option.
Requires api_version >= 1.25
dns_search Default:
[]
List of custom DNS search domains.
Maps docker service --dns-search option.
Requires api_version >= 1.25
docker_host Default:
unix://var/run/docker.sock
The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.
If the value is not specified in the task, the value of environment variable DOCKER_HOST will be used instead. If the environment variable is not set, the default value will be used.

aliases: docker_url
endpoint_mode
    Choices:
  • vip ←
  • dnsrr
Service endpoint mode.
Maps docker service --endpoint-mode option.
env Default:
[]
List of the service environment variables.
Maps docker service --env option.
force_update
bool
    Choices:
  • no ←
  • yes
Force update even if no changes require it.
Maps to docker service update --force option.
Requires api_version >= 1.25
hostname Default:
Container hostname
Maps docker service --hostname option.
Requires api_version >= 1.25
image
required
Service image path and tag. Maps docker service IMAGE parameter.
key_path
Path to the client's TLS key file.
If the value is not specified in the task and the environment variable DOCKER_CERT_PATH is set, the file key.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.

aliases: tls_client_key
labels
List of the service labels.
Maps docker service --label option.
limit_cpu Default:
0.0
Service CPU limit. 0 equals no limit.
Maps docker service --limit-cpu option.
limit_memory Default:
0
Service memory limit in MB. 0 equals no limit.
Maps docker service --limit-memory option.
log_driver Default:
json-file
Configure the logging driver for a service
log_driver_options Default:
[]
Options for service logging driver
mode Default:
replicated
Service replication mode.
Maps docker service --mode option.
mounts Default:
[]
List of dictionaries describing the service mounts.
Every item must be a dictionary exposing the keys source, target, type (defaults to 'bind'), readonly (defaults to false)
Maps docker service --mount option.
name
required
Service name
networks Default:
[]
List of the service networks names.
Maps docker service --network option.
publish Default:
[]
List of dictionaries describing the service published ports.
Every item must be a dictionary exposing the keys published_port, target_port, protocol (defaults to 'tcp'), mode <ingress|host>, default to ingress.
Only used with api_version >= 1.25
If api_version >= 1.32 and docker python library >= 3.0.0 attribute 'mode' can be set to 'ingress' or 'host' (default 'ingress').
replicas Default:
-1
Number of containers instantiated in the service. Valid only if ``mode=='replicated'``.
If set to -1, and service is not present, service replicas will be set to 1.
If set to -1, and service is present, service replicas will be unchanged.
Maps docker service --replicas option.
reserve_cpu Default:
0.0
Service CPU reservation. 0 equals no reservation.
Maps docker service --reserve-cpu option.
reserve_memory Default:
0
Service memory reservation in MB. 0 equals no reservation.
Maps docker service --reserve-memory option.
restart_policy
    Choices:
  • none ←
  • on-failure
  • any
Restart condition of the service.
Maps docker service --restart-condition option.
restart_policy_attempts Default:
0
Maximum number of service restarts.
Maps docker service --restart-max-attempts option.
restart_policy_delay Default:
0
Delay between restarts.
Maps docker service --restart-delay option.
restart_policy_window Default:
0
Restart policy evaluation window.
Maps docker service --restart-window option.
secrets Default:
[]
List of dictionaries describing the service secrets.
Every item must be a dictionary exposing the keys secret_id, secret_name, filename, uid (defaults to 0), gid (defaults to 0), mode (defaults to 0o444)
Maps docker service --secret option.
ssl_version
Provide a valid SSL version number. Default value determined by ssl.py module.
If the value is not specified in the task, the value of environment variable DOCKER_SSL_VERSION will be used instead.
state
required
    Choices:
  • present ←
  • absent
Service state.
timeout Default:
60
The maximum amount of time in seconds to wait on a response from the API.
If the value is not specified in the task, the value of environment variable DOCKER_TIMEOUT will be used instead. If the environment variable is not set, the default value will be used.
tls
bool
    Choices:
  • no ←
  • yes
Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.
If the value is not specified in the task, the value of environment variable DOCKER_TLS will be used instead. If the environment variable is not set, the default value will be used.
tls_hostname Default:
localhost
When verifying the authenticity of the Docker Host server, provide the expected name of the server.
If the value is not specified in the task, the value of environment variable DOCKER_TLS_HOSTNAME will be used instead. If the environment variable is not set, the default value will be used.
tls_verify
bool
    Choices:
  • no ←
  • yes
Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.
If the value is not specified in the task, the value of environment variable DOCKER_TLS_VERIFY will be used instead. If the environment variable is not set, the default value will be used.
tty
bool
    Choices:
  • no ←
  • yes
Allocate a pseudo-TTY
Maps docker service --tty option.
Requires api_version >= 1.25
update_delay Default:
10
Rolling update delay
Maps docker service --update-delay option
update_failure_action
    Choices:
  • continue ←
  • pause
Action to take in case of container failure
Maps to docker service --update-failure-action option
update_max_failure_ratio Default:
0.0
Fraction of tasks that may fail during an update before the failure action is invoked
Maps to docker service --update-max-failure-ratio
update_monitor Default:
5000000000
Time to monitor updated tasks for failures, in nanoseconds.
Maps to docker service --update-monitor option
update_order
    Choices:
  • stop-first ←
  • start-first
Specifies the order of operations when rolling out an updated task.
Maps to docker service --update-order
update_parallelism Default:
1
Rolling update parallelism
Maps docker service --update-parallelism option
user Default:
root
username or UID.
If set to null the image provided value (or the one already set for the service) will be used

Notes

Note

  • Connect to the Docker daemon by providing parameters with each task or by defining environment variables. You can define DOCKER_HOST, DOCKER_TLS_HOSTNAME, DOCKER_API_VERSION, DOCKER_CERT_PATH, DOCKER_SSL_VERSION, DOCKER_TLS, DOCKER_TLS_VERIFY and DOCKER_TIMEOUT. If you are using docker machine, run the script shipped with the product that sets up the environment. It will set these variables for you. See https://docker-py.readthedocs.io/en/stable/machine/ for more details.
  • When connecting to Docker daemon with TLS, you might need to install additional Python packages. For the Docker SDK for Python, version 2.4 or newer, this can be done by installing docker[tls] with pip.
  • Note that the Docker SDK for Python only allows to specify the path to the Docker configuration for very few functions. In general, it will use $HOME/docker/config.json if the DOCKER_CONFIG environment variable is not specified, and use $DOCKER_CONFIG/config.json otherwise.

Examples

-   name: define myservice
    docker_swarm_service:
        name: myservice
        image: "alpine"
        args:
        - "sleep"
        - "3600"
        mounts:
        -   source: /tmp/
            target: /remote_tmp/
            type: bind
        env:
        -   "ENVVAR1=envvar1"
        log_driver: fluentd
        log_driver_options:
          fluentd-address: "127.0.0.1:24224"
          fluentd-async-connect: true
          tag: "{{.Name}}/{{.ID}}"
        restart_policy: any
        restart_policy_attempts: 5
        restart_policy_window: 30
    register: dss_out1
-   name: change myservice.env
    docker_swarm_service:
        name: myservice
        image: "alpine"
        args:
        -   "sleep"
        -   "7200"
        mounts:
        -   source: /tmp/
            target: /remote_tmp/
            type: bind
        env:
        -   "ENVVAR1=envvar1"
        restart_policy: any
        restart_policy_attempts: 5
        restart_policy_window: 30
    register: dss_out2
-   name: test for changed myservice facts
    fail:
        msg: unchanged service
    when: "{{ dss_out1 == dss_out2 }}"
-   name: change myservice.image
    docker_swarm_service:
        name: myservice
        image: "alpine:edge"
        args:
        -   "sleep"
        -   "7200"
        mounts:
        -   source: /tmp/
            target: /remote_tmp/
            type: bind
        env:
        -   "ENVVAR1=envvar1"
        restart_policy: any
        restart_policy_attempts: 5
        restart_policy_window: 30
    register: dss_out3
-   name: test for changed myservice facts
    fail:
        msg: unchanged service
    when: "{{ dss_out2 == dss_out3 }}"
-   name: remove mount
    docker_swarm_service:
        name: myservice
        image: "alpine:edge"
        args:
        -   "sleep"
        -   "7200"
        env:
        -   "ENVVAR1=envvar1"
        restart_policy: any
        restart_policy_attempts: 5
        restart_policy_window: 30
    register: dss_out4
-   name: test for changed myservice facts
    fail:
        msg: unchanged service
    when: "{{ dss_out3 == dss_out4 }}"
-   name: keep service as it is
    docker_swarm_service:
        name: myservice
        image: "alpine:edge"
        args:
        -   "sleep"
        -   "7200"
        env:
        -   "ENVVAR1=envvar1"
        restart_policy: any
        restart_policy_attempts: 5
        restart_policy_window: 30
    register: dss_out5
-   name: test for changed service facts
    fail:
        msg: changed service
    when: "{{ dss_out5 != dss_out5 }}"
-   name: remove myservice
    docker_swarm_service:
        name: myservice
        state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
ansible_swarm_service
dict
always
Dictionary of variables representing the current state of the service. Matches the module parameters format.
Note that facts are not part of registered vars but accessible directly.

Sample:
{ "args": [ "sleep", "3600" ], "constraints": [], "container_labels": {}, "endpoint_mode": "vip", "env": [ "ENVVAR1=envvar1" ], "force_update": False, "image": "alpine", "labels": {}, "limit_cpu": 0.0, "limit_memory": 0, "log_driver": "json-file", "log_driver_options": {}, "mode": "replicated", "mounts": [ { "source": "/tmp/", "target": "/remote_tmp/", "type": "bind" } ], "secrets": [], "configs": [], "networks": [], "publish": [], "replicas": 1, "reserve_cpu": 0.0, "reserve_memory": 0, "restart_policy": "any", "restart_policy_attempts": 5, "restart_policy_delay": 0, "restart_policy_window": 30, "update_delay": 10, "update_parallelism": 1, "update_failure_action": "continue", "update_monitor": 5000000000 "update_max_failure_ratio": 0, "update_order": "stop-first" }
changes
list
always
List of changed service attributes if a service has been altered, [] otherwhise

Sample:
['container_labels', 'replicas']
rebuilt
bool
always
True if the service has been recreated (removed and created)

Sample:
True


Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

  • Dario Zanzico (@dariko), Jason Witkowski (@jwitko)

Hint

If you notice any issues in this documentation you can edit this document to improve it.