Try Spotterdocker stack module
Authors: Dario Zanzico (@dariko)
Install with ansible-galaxy collection install community.docker:==3.8.1
collections:
- name: community.docker
version: 3.8.1Manage docker stacks using the C(docker stack) command on the target node (see examples).
- name: Deploy stack from a compose file
community.docker.docker_stack:
state: present
name: mystack
compose:
- /opt/docker-compose.yml
- name: Deploy stack from base compose file and override the web service
community.docker.docker_stack:
state: present
name: mystack
compose:
- /opt/docker-compose.yml
- version: '3'
services:
web:
image: nginx:latest
environment:
ENVVAR: envvar
- name: Remove stack
community.docker.docker_stack:
name: mystack
state: absent
tls:
default: false
description:
- Secure the connection to the API by using TLS without verifying the authenticity
of the Docker host server. Note that if O(validate_certs) is set to V(true) as well,
it will take precedence.
- If the value is not specified in the task, the value of environment variable E(DOCKER_TLS)
will be used instead. If the environment variable is not set, the default value
will be used.
type: bool
version_added: 3.6.0
version_added_collection: community.docker
name:
description:
- Stack name
required: true
type: str
prune:
default: false
description:
- If true will add the C(--prune) option to the C(docker stack deploy) command. This
will have docker remove the services not present in the current stack definition.
type: bool
state:
choices:
- present
- absent
default: present
description:
- Service state.
type: str
ca_path:
aliases:
- ca_cert
- tls_ca_cert
- cacert_path
description:
- Use a CA certificate when performing server verification by providing the path to
a CA certificate file.
- If the value is not specified in the task and the environment variable E(DOCKER_CERT_PATH)
is set, the file C(ca.pem) from the directory specified in the environment variable
E(DOCKER_CERT_PATH) will be used.
type: path
version_added: 3.6.0
version_added_collection: community.docker
compose:
default: []
description:
- List of compose definitions. Any element may be a string referring to the path of
the compose file on the target host or the YAML contents of a compose file nested
as dictionary.
elements: raw
type: list
client_key:
aliases:
- tls_client_key
- key_path
description:
- Path to the client's TLS key file.
- If the value is not specified in the task and the environment variable E(DOCKER_CERT_PATH)
is set, the file C(key.pem) from the directory specified in the environment variable
E(DOCKER_CERT_PATH) will be used.
type: path
version_added: 3.6.0
version_added_collection: community.docker
docker_cli:
description:
- Path to the Docker CLI. If not provided, will search for Docker CLI on the E(PATH).
type: path
version_added: 3.6.0
version_added_collection: community.docker
api_version:
aliases:
- docker_api_version
default: auto
description:
- The version of the Docker API running on the Docker Host.
- Defaults to the latest version of the API supported by this collection and the docker
daemon.
- If the value is not specified in the task, the value of environment variable E(DOCKER_API_VERSION)
will be used instead. If the environment variable is not set, the default value
will be used.
type: str
version_added: 3.6.0
version_added_collection: community.docker
cli_context:
description:
- The Docker CLI context to use.
type: str
version_added: 3.6.0
version_added_collection: community.docker
client_cert:
aliases:
- tls_client_cert
- cert_path
description:
- Path to the client's TLS certificate file.
- If the value is not specified in the task and the environment variable E(DOCKER_CERT_PATH)
is set, the file C(cert.pem) from the directory specified in the environment variable
E(DOCKER_CERT_PATH) will be used.
type: path
version_added: 3.6.0
version_added_collection: community.docker
docker_host:
aliases:
- docker_url
default: unix:///var/run/docker.sock
description:
- The URL or Unix socket path used to connect to the Docker API. To connect to a remote
host, provide the TCP connection string. For example, V(tcp://192.0.2.23:2376).
If TLS is used to encrypt the connection, the module will automatically replace
C(tcp) in the connection URL with C(https).
- If the value is not specified in the task, the value of environment variable E(DOCKER_HOST)
will be used instead. If the environment variable is not set, the default value
will be used.
type: str
version_added: 3.6.0
version_added_collection: community.docker
tls_hostname:
description:
- When verifying the authenticity of the Docker Host server, provide the expected
name of the server.
- If the value is not specified in the task, the value of environment variable E(DOCKER_TLS_HOSTNAME)
will be used instead. If the environment variable is not set, the default value
will be used.
type: str
version_added: 3.6.0
version_added_collection: community.docker
resolve_image:
choices:
- always
- changed
- never
description:
- If set will add the C(--resolve-image) option to the C(docker stack deploy) command.
This will have docker query the registry to resolve image digest and supported platforms.
If not set, docker use "always" by default.
type: str
absent_retries:
default: 0
description:
- If larger than V(0) and O(state=absent) the module will retry up to O(absent_retries)
times to delete the stack until all the resources have been effectively deleted.
If the last try still reports the stack as not completely removed the module will
fail.
type: int
validate_certs:
aliases:
- tls_verify
default: false
description:
- Secure the connection to the API by using TLS and verifying the authenticity of
the Docker host server.
- If the value is not specified in the task, the value of environment variable E(DOCKER_TLS_VERIFY)
will be used instead. If the environment variable is not set, the default value
will be used.
type: bool
version_added: 3.6.0
version_added_collection: community.docker
with_registry_auth:
default: false
description:
- If true will add the C(--with-registry-auth) option to the C(docker stack deploy)
command. This will have docker send registry authentication details to Swarm agents.
type: bool
absent_retries_interval:
default: 1
description:
- Interval in seconds between consecutive O(absent_retries).
type: int
stack_spec_diff:
description: 'dictionary containing the differences between the ''Spec'' field
of the stack services before and after applying the new stack
definition.
'
returned: on change
sample: '"stack_spec_diff": {''test_stack_test_service'': {u''TaskTemplate'': {u''ContainerSpec'':
{delete: [u''Env'']}}}}
'
type: dict