community / community.docker / 3.8.1 / module / docker_config Manage docker configs. Authors: Chris Houseknecht (@chouseknecht), John Hu (@ushuz)community.docker.docker_config (3.8.1) — module
Install with ansible-galaxy collection install community.docker:==3.8.1
collections: - name: community.docker version: 3.8.1
Create and remove Docker configs in a Swarm environment. Similar to C(docker config create) and C(docker config rm).
Adds to the metadata of new configs 'ansible_key', an encrypted hash representation of the data, which is then used in future runs to test if a config has changed. If 'ansible_key' is not present, then a config will not be updated unless the O(force) option is set.
Updates to configs are performed by removing the config and creating it again.
- name: Create config foo (from a file on the control machine) community.docker.docker_config: name: foo # If the file is JSON or binary, Ansible might modify it (because # it is first decoded and later re-encoded). Base64-encoding the # file directly after reading it prevents this to happen. data: "{{ lookup('file', '/path/to/config/file') | b64encode }}" data_is_b64: true state: present
- name: Create config foo (from a file on the target machine) community.docker.docker_config: name: foo data_src: /path/to/config/file state: present
- name: Change the config data community.docker.docker_config: name: foo data: Goodnight everyone! labels: bar: baz one: '1' state: present
- name: Add a new label community.docker.docker_config: name: foo data: Goodnight everyone! labels: bar: baz one: '1' # Adding a new label will cause a remove/create of the config two: '2' state: present
- name: No change community.docker.docker_config: name: foo data: Goodnight everyone! labels: bar: baz one: '1' # Even though 'two' is missing, there is no change to the existing config state: present
- name: Update an existing label community.docker.docker_config: name: foo data: Goodnight everyone! labels: bar: monkey # Changing a label will cause a remove/create of the config one: '1' state: present
- name: Force the (re-)creation of the config community.docker.docker_config: name: foo data: Goodnight everyone! force: true state: present
- name: Remove config foo community.docker.docker_config: name: foo state: absent
tls: default: false description: - Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server. Note that if O(validate_certs) is set to V(true) as well, it will take precedence. - If the value is not specified in the task, the value of environment variable E(DOCKER_TLS) will be used instead. If the environment variable is not set, the default value will be used. type: bool data: description: - The value of the config. - Mutually exclusive with O(data_src). One of O(data) and O(data_src) is required if O(state=present). type: str name: description: - The name of the config. required: true type: str debug: default: false description: - Debug mode type: bool force: default: false description: - Use with O(state=present) to always remove and recreate an existing config. - If V(true), an existing config will be replaced, even if it has not been changed. type: bool state: choices: - absent - present default: present description: - Set to V(present), if the config should exist, and V(absent), if it should not. type: str labels: description: - A map of key:value meta data, where both the C(key) and C(value) are expected to be a string. - If new meta data is provided, or existing meta data is modified, the config will be updated by removing it and creating it again. type: dict ca_path: aliases: - ca_cert - tls_ca_cert - cacert_path description: - Use a CA certificate when performing server verification by providing the path to a CA certificate file. - If the value is not specified in the task and the environment variable E(DOCKER_CERT_PATH) is set, the file C(ca.pem) from the directory specified in the environment variable E(DOCKER_CERT_PATH) will be used. - This option was called O(ca_cert) and got renamed to O(ca_path) in community.docker 3.6.0. The old name has been added as an alias and can still be used. type: path timeout: default: 60 description: - The maximum amount of time in seconds to wait on a response from the API. - If the value is not specified in the task, the value of environment variable E(DOCKER_TIMEOUT) will be used instead. If the environment variable is not set, the default value will be used. type: int data_src: description: - The file on the target from which to read the config. - Mutually exclusive with O(data). One of O(data) and O(data_src) is required if O(state=present). type: path version_added: 1.10.0 version_added_collection: community.docker client_key: aliases: - tls_client_key - key_path description: - Path to the client's TLS key file. - If the value is not specified in the task and the environment variable E(DOCKER_CERT_PATH) is set, the file C(key.pem) from the directory specified in the environment variable E(DOCKER_CERT_PATH) will be used. type: path api_version: aliases: - docker_api_version default: auto description: - The version of the Docker API running on the Docker Host. - Defaults to the latest version of the API supported by Docker SDK for Python and the docker daemon. - If the value is not specified in the task, the value of environment variable E(DOCKER_API_VERSION) will be used instead. If the environment variable is not set, the default value will be used. type: str client_cert: aliases: - tls_client_cert - cert_path description: - Path to the client's TLS certificate file. - If the value is not specified in the task and the environment variable E(DOCKER_CERT_PATH) is set, the file C(cert.pem) from the directory specified in the environment variable E(DOCKER_CERT_PATH) will be used. type: path data_is_b64: default: false description: - If set to V(true), the data is assumed to be Base64 encoded and will be decoded before being used. - To use binary O(data), it is better to keep it Base64 encoded and let it be decoded by this option. type: bool docker_host: aliases: - docker_url default: unix:///var/run/docker.sock description: - The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, V(tcp://192.0.2.23:2376). If TLS is used to encrypt the connection, the module will automatically replace C(tcp) in the connection URL with C(https). - If the value is not specified in the task, the value of environment variable E(DOCKER_HOST) will be used instead. If the environment variable is not set, the default value will be used. type: str ssl_version: description: - Provide a valid SSL version number. Default value determined by L(SSL Python module, https://docs.python.org/3/library/ssl.html). - If the value is not specified in the task, the value of environment variable E(DOCKER_SSL_VERSION) will be used instead. - B(Note:) this option is no longer supported for Docker SDK for Python 7.0.0+. Specifying it with Docker SDK for Python 7.0.0 or newer will lead to an error. type: str tls_hostname: description: - When verifying the authenticity of the Docker Host server, provide the expected name of the server. - If the value is not specified in the task, the value of environment variable E(DOCKER_TLS_HOSTNAME) will be used instead. If the environment variable is not set, the default value will be used. - Note that this option had a default value V(localhost) in older versions. It was removed in community.docker 3.0.0. - B(Note:) this option is no longer supported for Docker SDK for Python 7.0.0+. Specifying it with Docker SDK for Python 7.0.0 or newer will lead to an error. type: str use_ssh_client: default: false description: - For SSH transports, use the C(ssh) CLI tool instead of paramiko. - Requires Docker SDK for Python 4.4.0 or newer. type: bool version_added: 1.5.0 version_added_collection: community.docker validate_certs: aliases: - tls_verify default: false description: - Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server. - If the value is not specified in the task, the value of environment variable E(DOCKER_TLS_VERIFY) will be used instead. If the environment variable is not set, the default value will be used. type: bool template_driver: choices: - golang description: - Set to V(golang) to use a Go template in O(data) or a Go template file in O(data_src). type: str version_added: 2.5.0 version_added_collection: community.docker rolling_versions: default: false description: - If set to V(true), configs are created with an increasing version number appended to their name. - Adds a label containing the version number to the managed configs with the name C(ansible_version). type: bool version_added: 2.2.0 version_added_collection: community.docker versions_to_keep: default: 5 description: - When using O(rolling_versions), the number of old versions of the config to keep. - Extraneous old configs are deleted after the new one is created. - Set to V(-1) to keep everything or V(0) or V(1) to keep only the current one. type: int version_added: 2.2.0 version_added_collection: community.docker
config_id: description: - The ID assigned by Docker to the config object. returned: success and O(state=present) sample: hzehrmyjigmcp2gb6nlhmjqcv type: str config_name: description: - The name of the created config object. returned: success and O(state=present) sample: awesome_config type: str version_added: 2.2.0 version_added_collection: community.docker