nishiki/ansible-role-swarm
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ansible-role-swarm/README.md
Adrien Waksberg 1235af7b9d
Some checks failed
/ lint (push) Has been cancelled
Details
/ molecule (push) Has been cancelled
Details
doc: new readme
2025-01-26 09:08:02 +01:00

206 lines
9.3 KiB
Markdown
Raw Blame History

# Ansible role: Docker Swarm
[![Version](https://img.shields.io/badge/latest_version-1.1.0-green.svg)](https://code.waks.be/nishiki/ansible-role-swarm/releases)
[![License](https://img.shields.io/badge/license-Apache--2.0-blue.svg)](https://code.waks.be/nishiki/ansible-role-swarm/src/branch/main/LICENSE)
[![Build](https://code.waks.be/nishiki/ansible-role-swarm/actions/workflows/molecule.yml/badge.svg?branch=main)](https://code.waks.be/nishiki/ansible-role-swarm/actions?workflow=molecule.yml)
Install and configure docker with swarm
## Requirements
- Ansible >= 2.10
- Debian Bookworm
## Role variables
| Name | Type | Required | Default | Comment |
| ------------------------ | --------- | -------- | ------- | ----------------------------------------------------------------------- |
| swarm_init | bool | no | false | init the cluster, run once with the ansible option `-e swarm_init=true` |
| swarm_manager | bool | no | false | set the cluster role |
| swarm_advertise_addr | str | no | | listen address |
| swarm_join_token_manager | str | no | | join token for manager |
| swarm_join_token_worker | str | no | | join token for worker |
| swarm_remote_addrs | str | no | | manager addresses for slave node |
| swarm_networks | dict | no | | array with the docker networks |
| swarm_services | dict | no | | hash with the service to manage |
| swarm_registry_logins | dict | no | | hash with the registry logins |
| swarm_proxy_url | str | no | | set a proxy url for http and https requests |
| swarm_proxy_ignore | list(str) | no | | array with ignore host or subnet |
### swarm_networks
| Name | Type | Required | Default | Comment |
| ------ | ---- | -------- | ------- | ---------------------------------------------- |
| key | str | yes | | network name |
| driver | str | no | overlay | docker drive to use |
| state | str | no | present | create network if present, or delete if absent |
Example:
```yaml
proxy:
state: present
```
### swarm_services
| Name | Type | Required | Default | Comment |
| ---------------- | ---------- | -------- | ------- | ----------------------------------------------------------- |
| key | str | yes | | Service name |
| image | str | yes | | Service image path and tag |
| args | list(str) | no | | List arguments to be passed to the container |
| mounts | list(dict) | no | | List of dictionaries describing the service mounts |
| networks | list(str) | no | | List of the service networks name |
| publish | list(dict) | no | | List of dictionaries describing the service published ports |
| replicas | int | no | 1 | Number of containers instantiated in the service |
| limits | dict | no | | Configures service resource limits |
| env | dict | no | | List or dictionary of the service environment variables |
| container_labels | dict | no | | Dictionary of key value pairs. |
| state | str | no | present | |
Example:
```yaml
wordpress:
image: wordpress:latest
args:
- "--api"
mounts:
- source: /opt/data
target: /usr/local/data
type: bind
networks:
- net
publish:
- published_port: 80
target_port: 8000
replicas: 3
limits:
cpus: 0.5
memory: 100M
env:
WORDPRESS_DB_HOST: db:3306
WORDPRESS_DB_USER: wordpress
WORDPRESS_DB_PASSWORD: wordpress
container_labels:
region: FR
state: present
```
#### swarm_services -> mounts
See all options [documentation](https://docs.ansible.com/ansible/2.9/modules/docker_swarm_service_module.html#parameter-mounts)
| Name | Type | Required | Default | Comment |
| ------ | ---- | -------- | ------- | ------------------------------------------------------ |
| source | str | no | | Mount source, must be specified if type is not `tmpfs` |
| target | str | yes | | Container path |
| type | str | no | bind | The mount type |
#### swarm_services -> publish
| Name | Type | Required | Default | Comment |
| -------------- | ---- | -------- | ------- | --------------------------------------------- |
| mode | str | yes | | What publish mode to use. `ingress` or `host` |
| protocol | str | no | tcp | What protocol to use. `tcp` or `udp` |
| published_port | int | yes | | The port to make externally available |
| target_port | int | yes | | The port inside the container to expose |
#### swarm_services -> limits
| Name | Type | Required | Default | Comment |
| ------ | ----- | -------- | ------- | ------------------------------------------------- |
| cpus | float | no | | Service CPU limit |
| memory | str | no | | Service memory limit in format `<number>[<unit>]` |
### swarm_registry_logins
| Name | Type | Required | Default | Comment |
| ----------------- | ---- | -------- | --------------- | -------------------------------------- |
| key | str | yes | | registry name |
| registry_url | str | yes | | registry url |
| registry_username | str | yes | | registry username for authentification |
| registry_password | str | yes | | registry password |
| user | str | no | ansible_user_id | |
Example:
```yaml
gitlab:
registry_url: registry.gitlab.com
registry_username: myaccount
registry_password: secret
user: www-data
```
## How to use
- On the first machine, init cluster `ansible-playbook swarm.yml -e swarm_init=true`
- Get docker manager and worker join token and set variable `docker_swarm_join_token_manager` and `dockerèswarm_joint_token_worker`
```sh
docker swarm join-token manager -q
docker swarm join-token worker -q
```
- Run playbook normally on other machine
```yaml
- hosts: server
roles:
- swarm
swarm_manager: true
swarm_remote_addrs:
- 192.168.0.1
- 192.168.0.2
- 192.168.0.3
swarm_init: true
swarm_join_token_worker: SWMTKN-1-2z1gzk9jdbpfw1paskodk6zc1fm5g0n5c293oz1taqii310a8u-1mjm55313up7tiksb0s3nr9lr
swarm_join_token_manager: SWMTKN-1-2z1gzk9jdbpfw1paskodk6zc1fm5g0n5c293oz1taqii310a8u-5644pyqmiexexfke6e1ycn11z
swarm_networks:
proxy:
driver: overlay
scope: swarm
swarm_services:
traefik:
image: traefik:3.0
networks:
- proxy
args:
- "--providers.swarm=true"
- "--providers.swarm.network=proxy"
- "--entrypoints.http.address=:80"
publish:
- published_port: 80
target_port: 80
mounts:
- source: /var/run/docker.sock
target: /var/run/docker.sock
```
## Development
### Test with molecule and docker
- install [docker](https://docs.docker.com/engine/installation/)
- install `python3` and `python3-pip`
- install molecule and dependencies `pip3 install molecule 'molecule[docker]' docker ansible-lint testinfra yamllint`
- run `molecule test`
## License
```
Copyright (c) 2018 Adrien Waksberg
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
```
Reference in a new issue View git blame Copy permalink