docker_stack
Docker Stack
A role to deploy a Docker Stack from a docker-compose.yml file in the playbook directory.
Usage
The Docker registry defaults to GitHub Package Registry, but can be changed by passing a new hostname (e.g. docker.io) as the docker_registry
variable. Credentials are password as environment variables:
DOCKER_USERNAME=mydockeraccount
DOCKER_PASSWORD=ah32hg3hrgrmbds
If a Vaultenv secrets file named secrets.conf
exists in the playbook directory, the role copies this to the server and creates a .env
file containing Vault credentials if passed as environment variables:
VAULT_ADDR=https://vault.company.com:443
VAULT_TOKEN=s.g23gberb32b322b23b4
The role will create Docker Secrets from any files found in {{ inventory_dir }}/secrets
. Due to limitations of Docker Secrets rotation, the role removes and re-creates the stack on each update. This is so secrets are not in use when updated.
If a PROJECT
environment variable is set, it will be used as the stack name. If TAG
and ENV
are set, they will be passed through to the Swarm.
Usage
Include this role in a playbook using a requirements.txt file.
Example playbook
- hosts: manager[0]
roles:
- docker-stack
Deployment
This role will be automatically built and deployed to Ansible Galaxy when a Semver tag is pushed to the repo.
A role to deploy a Docker Stack from a docker-compose.yml file and configure Vaultenv
ansible-galaxy install gendall/ansible-docker-stack