Docker Stack

A role for deploying a Docker Stack using a docker-compose.yml file in the playbook directory.

How to Use

By default, the Docker registry is set to GitHub Package Registry, but you can change it by providing a new hostname (like docker.io) as the docker_registry variable. You need to set the following environment variables for authentication:

DOCKER_USERNAME=mydockeraccount
DOCKER_PASSWORD=ah32hg3hrgrmbds

If there is a file named secrets.conf in the playbook directory (from Vaultenv), it will be copied to the server. This file is used to create a .env file with Vault credentials if they are available as environment variables:

VAULT_ADDR=https://vault.company.com:443
VAULT_TOKEN=s.g23gberb32b322b23b4

The role will also create Docker Secrets from any files found in {{ inventory_dir }}/secrets. Because of limitations in updating Docker Secrets, the role will remove and recreate the entire stack with each update, ensuring that secrets are not in use during the update process.

If you set a PROJECT environment variable, it will be used as the stack name. If TAG and ENV are set, those will also be included in the Swarm.

How to Include

Add this role to your playbook using a requirements.txt file.

Sample Playbook

- hosts: manager[0]
  roles:
    - docker-stack

Deployment Process

This role will automatically be built and deployed to Ansible Galaxy whenever a Semver tag is pushed to the repository.