docker_swarm – Manage Swarm cluster

From Get docs
Ansible/docs/2.7/modules/docker swarm module


docker_swarm – Manage Swarm cluster

New in version 2.7.


Synopsis

  • Create a new Swarm cluster.
  • Add/Remove nodes or managers to an existing cluster.

Requirements

The below requirements are needed on the host that executes this module.

  • python >= 2.7
  • docker-py >= 1.10.0
  • Please note that the docker-py Python module has been superseded by docker (see here for details). For Python 2.6, docker-py must be used. Otherwise, it is recommended to install the docker Python module. Note that both modules should not be installed at the same time. Also note that when both modules are installed and one of them is uninstalled, the other might no longer function and a reinstall of it is required.
  • Docker API >= 1.25

Parameters

Parameter Choices/Defaults Comments

advertise_addr

string

Externally reachable address advertised to other nodes.

This can either be an address/port combination in the form 192.168.1.1:4567, or an interface followed by a port number, like eth0:4567.

If the port number is omitted, the port number from the listen address is used.

If advertise_addr is not specified, it will be automatically detected when possible.

api_version

-

Default:

"auto"

The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by docker-py.

If the value is not specified in the task, the value of environment variable DOCKER_API_VERSION will be used instead. If the environment variable is not set, the default value will be used.


aliases: docker_api_version

autolock_managers

boolean

  • no
  • yes

If set, generate a key and use it to lock data stored on the managers.

Docker default value is no.

ca_force_rotate

integer

An integer whose purpose is to force swarm to generate a new signing CA certificate and key, if none have been specified.

Docker default value is 0.

Requires API version >= 1.30.

cacert_path

-

Use a CA certificate when performing server verification by providing the path to a CA certificate file.

If the value is not specified in the task and the environment variable DOCKER_CERT_PATH is set, the file ca.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.


aliases: tls_ca_cert

cert_path

-

Path to the client's TLS certificate file.

If the value is not specified in the task and the environment variable DOCKER_CERT_PATH is set, the file cert.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.


aliases: tls_client_cert

debug

boolean

  • no

  • yes

Debug mode

dispatcher_heartbeat_period

integer

The delay for an agent to send a heartbeat to the dispatcher.

Docker default value is 5s.

docker_host

-

Default:

"unix://var/run/docker.sock"

The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, 'tcp://192.0.2.23:2376'. If TLS is used to encrypt the connection, the module will automatically replace 'tcp' in the connection URL with 'https'.

If the value is not specified in the task, the value of environment variable DOCKER_HOST will be used instead. If the environment variable is not set, the default value will be used.


aliases: docker_url

election_tick

integer

Amount of ticks (in seconds) needed without a leader to trigger a new election.

Docker default value is 10s.

force

boolean

  • no

  • yes

Use with state present to force creating a new Swarm, even if already part of one.

Use with state absent to Leave the swarm even if this node is a manager.

heartbeat_tick

integer

Amount of ticks (in seconds) between each heartbeat.

Docker default value is 1s.

join_token

string

Swarm token used to join a swarm cluster.

Used with state=join.

keep_old_snapshots

integer

Number of snapshots to keep beyond the current snapshot.

Docker default value is 0.

key_path

-

Path to the client's TLS key file.

If the value is not specified in the task and the environment variable DOCKER_CERT_PATH is set, the file key.pem from the directory specified in the environment variable DOCKER_CERT_PATH will be used.


aliases: tls_client_key

labels

dictionary

User-defined key/value metadata.

Label operations in this module apply to the docker swarm cluster. Use docker_node module to add/modify/remove swarm node labels.

Requires API version >= 1.32.

listen_addr

string

Default:

"0.0.0.0:2377"

Listen address used for inter-manager communication.

This can either be an address/port combination in the form 192.168.1.1:4567, or an interface followed by a port number, like eth0:4567.

If the port number is omitted, the default swarm listening port is used.

log_entries_for_slow_followers

integer

Number of log entries to keep around to sync up slow followers after a snapshot is created.

name

string

The name of the swarm.

node_cert_expiry

integer

Automatic expiry for nodes certificates.

Docker default value is 3months.

node_id

string

Swarm id of the node to remove.

Used with state=remove.

remote_addrs

list

Remote address of one or more manager nodes of an existing Swarm to connect to.

Used with state=join.

rotate_manager_token

boolean

  • no

  • yes

Rotate the manager join token.

rotate_worker_token

boolean

  • no

  • yes

Rotate the worker join token.

signing_ca_cert

string

The desired signing CA certificate for all swarm node TLS leaf certificates, in PEM format.

This must not be a path to a certificate, but the contents of the certificate.

Requires API version >= 1.30.

signing_ca_key

string

The desired signing CA key for all swarm node TLS leaf certificates, in PEM format.

This must not be a path to a key, but the contents of the key.

Requires API version >= 1.30.

snapshot_interval

integer

Number of logs entries between snapshot.

Docker default value is 10000.

ssl_version

-

Provide a valid SSL version number. Default value determined by ssl.py module.

If the value is not specified in the task, the value of environment variable DOCKER_SSL_VERSION will be used instead.

state

string / required

  • present

  • join
  • absent
  • remove
  • inspect

Set to present, to create/update a new cluster.

Set to join, to join an existing cluster.

Set to absent, to leave an existing cluster.

Set to remove, to remove an absent node from the cluster. Note that removing requires docker-py >= 2.4.0.

Set to inspect to display swarm informations.

task_history_retention_limit

integer

Maximum number of tasks history stored.

Docker default value is 5.

timeout

-

Default:

60

The maximum amount of time in seconds to wait on a response from the API.

If the value is not specified in the task, the value of environment variable DOCKER_TIMEOUT will be used instead. If the environment variable is not set, the default value will be used.

tls

boolean

  • no

  • yes

Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server.

If the value is not specified in the task, the value of environment variable DOCKER_TLS will be used instead. If the environment variable is not set, the default value will be used.

tls_hostname

-

Default:

"localhost"

When verifying the authenticity of the Docker Host server, provide the expected name of the server.

If the value is not specified in the task, the value of environment variable DOCKER_TLS_HOSTNAME will be used instead. If the environment variable is not set, the default value will be used.

tls_verify

boolean

  • no

  • yes

Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server.

If the value is not specified in the task, the value of environment variable DOCKER_TLS_VERIFY will be used instead. If the environment variable is not set, the default value will be used.



Notes

Note

  • Connect to the Docker daemon by providing parameters with each task or by defining environment variables. You can define DOCKER_HOST, DOCKER_TLS_HOSTNAME, DOCKER_API_VERSION, DOCKER_CERT_PATH, DOCKER_SSL_VERSION, DOCKER_TLS, DOCKER_TLS_VERIFY and DOCKER_TIMEOUT. If you are using docker machine, run the script shipped with the product that sets up the environment. It will set these variables for you. See https://docker-py.readthedocs.io/en/stable/machine/ for more details.
  • When connecting to Docker daemon with TLS, you might need to install additional Python packages. For the Docker SDK for Python, version 2.4 or newer, this can be done by installing docker[tls] with pip.
  • Note that the Docker SDK for Python only allows to specify the path to the Docker configuration for very few functions. In general, it will use $HOME/docker/config.json if the DOCKER_CONFIG environment variable is not specified, and use $DOCKER_CONFIG/config.json otherwise.


Examples

- name: Init a new swarm with default parameters
  docker_swarm:
    state: present

- name: Update swarm configuration
  docker_swarm:
    state: present
    election_tick: 5

- name: Add nodes
  docker_swarm:
    state: join
    advertise_addr: 192.168.1.2
    join_token: SWMTKN-1--xxxxx
    remote_addrs: [ '192.168.1.1:2377' ]

- name: Leave swarm for a node
  docker_swarm:
    state: absent

- name: Remove a swarm manager
  docker_swarm:
    state: absent
    force: true

- name: Remove node from swarm
  docker_swarm:
    state: remove
    node_id: mynode

- name: Inspect swarm
  docker_swarm:
    state: inspect
  register: swarm_info

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

actions

list

when action failed.

Provides the actions done on the swarm.


swarm_facts

complex

success

Informations about swarm.


JoinTokens

complex

success

Tokens to connect to the Swarm.


Manager

string

success

Token to create a new manager node


Worker

string

success

Token to create a new worker node





Status

Authors

  • Thierry Bouvet (@tbouvet)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/docker_swarm_module.html