Try SpotterManage an Azure Container Instance
| "added in version" 0.1.2 of azure.azcollection"
Authors: Zim Kalinowski (@zikalino)
Install with ansible-galaxy collection install azure.azcollection:==2.3.0
collections:
- name: azure.azcollection
version: 2.3.0Create, update and delete an Azure Container Instance.
- name: Create sample container group
azure_rm_containerinstance:
resource_group: myResourceGroup
name: myContainerInstanceGroup
os_type: linux
ip_address: public
containers:
- name: myContainer1
image: httpd
memory: 1.5
ports:
- 80
- 81
- name: Create sample container group with azure file share volume
azure_rm_containerinstance:
resource_group: myResourceGroup
name: myContainerInstanceGroupz
os_type: linux
ip_address: public
containers:
- name: mycontainer1
image: httpd
memory: 1
volume_mounts:
- name: filesharevolume
mount_path: "/data/files"
ports:
- 80
- 81
volumes:
- name: filesharevolume
azure_file:
storage_account_name: mystorageaccount
share_name: acishare
storage_account_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
- name: Create sample container group with git repo volume
azure_rm_containerinstance:
resource_group: myResourceGroup
name: myContainerInstanceGroup
os_type: linux
ip_address: public
containers:
- name: mycontainer1
image: httpd
memory: 1
volume_mounts:
- name: myvolume1
mount_path: "/mnt/test"
ports:
- 80
- 81
volumes:
- name: myvolume1
git_repo:
repository: "https://github.com/Azure-Samples/aci-helloworld.git"
- name: Create sample container instance with subnet
azure_rm_containerinstance:
resource_group: myResourceGroup
name: myContainerInstanceGroup
os_type: linux
ip_address: private
location: eastus
subnet_ids:
- "{{ subnet_id }}"
ports:
- 80
containers:
- name: mycontainer1
image: httpd
memory: 1.5
ports:
- 80
- 81
name:
description:
- The name of the container group.
required: true
type: str
tags:
description:
- Dictionary of string:string pairs to assign as metadata to the object.
- Metadata tags on the object will be updated with any provided values.
- To remove tags set append_tags option to false.
- Currently, Azure DNS zones and Traffic Manager services also don't allow the use
of spaces in the tag.
- Azure Front Door doesn't support the use of
- Azure Automation and Azure CDN only support 15 tags on resources.
type: dict
ports:
default: []
description:
- List of ports exposed within the container group.
- This option is deprecated, using I(ports) under I(containers)".
elements: int
type: list
state:
choices:
- absent
- present
default: present
description:
- Assert the state of the container instance. Use C(present) to create or update an
container instance and C(absent) to delete it.
type: str
secret:
description:
- Azure client secret. Use when authenticating with a Service Principal.
type: str
tenant:
description:
- Azure tenant ID. Use when authenticating with a Service Principal.
type: str
ad_user:
description:
- Active Directory username. Use when authenticating with an Active Directory user
rather than service principal.
type: str
os_type:
choices:
- linux
- windows
default: linux
description:
- The OS type of containers.
type: str
profile:
description:
- Security profile found in ~/.azure/credentials file.
type: str
volumes:
description:
- List of Volumes that can be mounted by containers in this container group.
elements: dict
suboptions:
azure_file:
description:
- The Azure File volume
suboptions:
read_only:
description:
- The flag indicating whether the Azure File shared mounted as a volume is
read-only
type: bool
share_name:
description:
- The name of the Azure File share to be mounted as a volume
required: true
type: str
storage_account_key:
description:
- The storage account access key used to access the Azure File share
required: true
type: str
storage_account_name:
description:
- The name of the storage account that contains the Azure File share
required: true
type: str
type: dict
empty_dir:
description:
- The empty directory volume
type: dict
git_repo:
description:
- The git repo volume
suboptions:
directory:
description:
- Target directory name
type: str
repository:
description:
- Repository URL
required: true
type: str
revision:
description:
- Commit hash for the specified revision
type: str
type: dict
name:
description:
- The name of the Volume
required: true
type: str
secret:
description:
- The secret volume
type: dict
type: list
location:
description:
- Valid azure location. Defaults to location of the resource group.
type: str
log_mode:
description:
- Parent argument.
type: str
log_path:
description:
- Parent argument.
type: str
password:
description:
- Active Directory user password. Use when authenticating with an Active Directory
user rather than service principal.
type: str
client_id:
description:
- Azure client ID. Use when authenticating with a Service Principal or Managed Identity
(msi).
- Can also be set via the C(AZURE_CLIENT_ID) environment variable.
type: str
containers:
description:
- List of containers.
- Required when creation.
elements: dict
suboptions:
commands:
description:
- List of commands to execute within the container instance in exec form.
- When updating existing container all existing commands will be replaced by new
ones.
elements: str
type: list
cpu:
default: 1
description:
- The required number of CPU cores of the containers.
type: float
environment_variables:
description:
- List of container environment variables.
- When updating existing container all existing variables will be replaced by
new ones.
elements: dict
suboptions:
is_secure:
description:
- Is variable secure.
type: bool
name:
description:
- Environment variable name.
required: true
type: str
value:
description:
- Environment variable value.
required: true
type: str
type: list
image:
description:
- The container image name.
required: true
type: str
memory:
default: 1.5
description:
- The required memory of the containers in GB.
type: float
name:
description:
- The name of the container instance.
required: true
type: str
ports:
description:
- List of ports exposed within the container group.
elements: int
type: list
volume_mounts:
description:
- The volume mounts for the container instance
elements: dict
suboptions:
mount_path:
description:
- The path within the container where the volume should be mounted
required: true
type: str
name:
description:
- The name of the volume mount
required: true
type: str
read_only:
description:
- The flag indicating whether the volume mount is read-only
type: bool
type: list
type: list
ip_address:
choices:
- public
- none
- private
default: none
description:
- The IP address type of the container group.
- Default is C(none) and creating an instance without public IP.
type: str
subnet_ids:
description:
- The subnet resource IDs for a container group.
- Multiple subnets are not yet supported. Only 1 subnet can be used.
elements: str
type: list
thumbprint:
description:
- The thumbprint of the private key specified in I(x509_certificate_path).
- Use when authenticating with a Service Principal.
- Required if I(x509_certificate_path) is defined.
type: str
version_added: 1.14.0
version_added_collection: azure.azcollection
api_profile:
default: latest
description:
- Selects an API profile to use when communicating with Azure services. Default value
of C(latest) is appropriate for public clouds; future values will allow use with
Azure Stack.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
append_tags:
default: true
description:
- Use to control if tags field is canonical or just appends to existing tags.
- When canonical, any tags not found in the tags parameter will be removed from the
object's metadata.
type: bool
auth_source:
choices:
- auto
- cli
- credential_file
- env
- msi
default: auto
description:
- Controls the source of the credentials to use for authentication.
- Can also be set via the C(ANSIBLE_AZURE_AUTH_SOURCE) environment variable.
- When set to C(auto) (the default) the precedence is module parameters -> C(env)
-> C(credential_file) -> C(cli).
- When set to C(env), the credentials will be read from the environment variables
- When set to C(credential_file), it will read the profile from C(~/.azure/credentials).
- When set to C(cli), the credentials will be sources from the Azure CLI profile.
C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID) can be used
to identify the subscription ID if more than one is present otherwise the default
az cli subscription is used.
- When set to C(msi), the host machine must be an azure resource with an enabled MSI
extension. C(subscription_id) or the environment variable C(AZURE_SUBSCRIPTION_ID)
can be used to identify the subscription ID if the resource is granted access to
more than one subscription, otherwise the first subscription is chosen.
- The C(msi) was added in Ansible 2.6.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
force_update:
default: 'no'
description:
- Force update of existing container instance. Any update will result in deletion
and recreation of existing containers.
type: bool
dns_name_label:
description:
- The Dns name label for the IP.
type: str
resource_group:
description:
- Name of resource group.
required: true
type: str
restart_policy:
choices:
- always
- on_failure
- never
description:
- Restart policy for all containers within the container group.
type: str
subscription_id:
description:
- Your Azure subscription Id.
type: str
cloud_environment:
default: AzureCloud
description:
- For cloud environments other than the US public cloud, the environment name (as
defined by Azure Python SDK, eg, C(AzureChinaCloud), C(AzureUSGovernment)), or a
metadata discovery endpoint URL (required for Azure Stack). Can also be set via
credential file profile or the C(AZURE_CLOUD_ENVIRONMENT) environment variable.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
registry_password:
description:
- The password to log in container image registry server.
type: str
registry_username:
description:
- The username to log in container image registry server.
type: str
adfs_authority_url:
description:
- Azure AD authority url. Use when authenticating with Username/password, and has
your own ADFS authority.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
cert_validation_mode:
choices:
- ignore
- validate
description:
- Controls the certificate validation behavior for Azure endpoints. By default, all
modules will validate the server certificate, but when an HTTPS proxy is in use,
or against Azure Stack, it may be necessary to disable this behavior by passing
C(ignore). Can also be set via credential file profile or the C(AZURE_CERT_VALIDATION)
environment variable.
type: str
version_added: 0.0.1
version_added_collection: azure.azcollection
registry_login_server:
description:
- The container image registry login server.
type: str
x509_certificate_path:
description:
- Path to the X509 certificate used to create the service principal in PEM format.
- The certificate must be appended to the private key.
- Use when authenticating with a Service Principal.
type: path
version_added: 1.14.0
version_added_collection: azure.azcollection
disable_instance_discovery:
default: false
description:
- Determines whether or not instance discovery is performed when attempting to authenticate.
Setting this to true will completely disable both instance discovery and authority
validation. This functionality is intended for use in scenarios where the metadata
endpoint cannot be reached such as in private clouds or Azure Stack. The process
of instance discovery entails retrieving authority metadata from https://login.microsoft.com/
to validate the authority. By setting this to **True**, the validation of the authority
is disabled. As a result, it is crucial to ensure that the configured authority
host is valid and trustworthy.
- Set via credential file profile or the C(AZURE_DISABLE_INSTANCE_DISCOVERY) environment
variable.
type: bool
version_added: 2.3.0
version_added_collection: azure.azcollection
containers:
description:
- The containers within the container group.
elements: dict
returned: always
sample:
- commands: null
cpu: 1.0
environment_variables: null
image: httpd
memory: 1.0
name: mycontainer1
ports:
- 80
- 81
volume_mounts:
- mount_path: /data/files
name: filesharevolume
read_only: false
type: list
id:
description:
- Resource ID.
returned: always
sample: /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ContainerInstance/containerGroups/aci1b6dd89
type: str
ip_address:
description:
- Public IP Address of created container group.
returned: if address is public
sample: 175.12.233.11
type: str
provisioning_state:
description:
- Provisioning state of the container.
returned: always
sample: Creating
type: str
volumes:
contains:
azure_file:
description:
- Azure file share volume details
returned: If Azure file share type of volume requested
sample:
read_only: null
share_name: acishare
storage_account_key: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
storage_account_name: mystorageaccount
type: dict
empty_dir:
description:
- Empty directory volume details
returned: If Empty directory type of volume requested
sample: {}
type: dict
git_repo:
description:
- Git Repo volume details
returned: If Git repo type of volume requested
sample:
directory: null
repository: https://github.com/Azure-Samples/aci-helloworld.git
revision: null
type: dict
name:
description:
- The name of the Volume
returned: always
sample: filesharevolume
type: str
secret:
description:
- Secret volume details
returned: If Secret type of volume requested
sample: {}
type: dict
description:
- The list of volumes that mounted by containers in container group
elements: dict
returned: if volumes specified
type: list