diff options
Diffstat (limited to 'ansible_collections/community/docker/docs/docsite')
| -rw-r--r-- | ansible_collections/community/docker/docs/docsite/config.yml | 15 | ||||
| -rw-r--r-- | ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst | 216 |
2 files changed, 174 insertions, 57 deletions
diff --git a/ansible_collections/community/docker/docs/docsite/config.yml b/ansible_collections/community/docker/docs/docsite/config.yml new file mode 100644 index 000000000..846b95f62 --- /dev/null +++ b/ansible_collections/community/docker/docs/docsite/config.yml @@ -0,0 +1,15 @@ +--- +# Copyright (c) Ansible Project +# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt) +# SPDX-License-Identifier: GPL-3.0-or-later + +# The following `.. envvar::` directives are defined in the extra docsite docs: +envvar_directives: + - DOCKER_HOST + - DOCKER_API_VERSION + - DOCKER_TIMEOUT + - DOCKER_CERT_PATH + - DOCKER_SSL_VERSION + - DOCKER_TLS + - DOCKER_TLS_HOSTNAME + - DOCKER_TLS_VERIFY diff --git a/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst b/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst index e4b84431f..203aa57d2 100644 --- a/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst +++ b/ansible_collections/community/docker/docs/docsite/rst/scenario_guide.rst @@ -8,7 +8,7 @@ Docker Guide ============ -The `community.docker collection <https://galaxy.ansible.com/community/docker>`_ offers several modules and plugins for orchestrating Docker containers and Docker Swarm. +The `community.docker collection <https://galaxy.ansible.com/ui/repo/published/community/docker/>`_ offers several modules and plugins for orchestrating Docker containers and Docker Swarm. .. contents:: :local: @@ -18,7 +18,7 @@ The `community.docker collection <https://galaxy.ansible.com/community/docker>`_ Requirements ------------ -Most of the modules and plugins in community.docker require the `Docker SDK for Python <https://docker-py.readthedocs.io/en/stable/>`_. The SDK needs to be installed on the machines where the modules and plugins are executed, and for the Python version(s) with which the modules and plugins are executed. You can use the :ref:`community.general.python_requirements_info module <ansible_collections.community.general.python_requirements_info_module>` to make sure that the Docker SDK for Python is installed on the correct machine and for the Python version used by Ansible. +Most of the modules and plugins in community.docker require the `Docker SDK for Python <https://docker-py.readthedocs.io/en/stable/>`_. The SDK needs to be installed on the machines where the modules and plugins are executed, and for the Python version(s) with which the modules and plugins are executed. You can use the :ansplugin:`community.general.python_requirements_info module <community.general.python_requirements_info#module>` to make sure that the Docker SDK for Python is installed on the correct machine and for the Python version used by Ansible. Note that plugins (inventory plugins and connection plugins) are always executed in the context of Ansible itself. If you use a plugin that requires the Docker SDK for Python, you need to install it on the machine running ``ansible`` or ``ansible-playbook`` and for the same Python interpreter used by Ansible. To see which Python is used, run ``ansible --version``. @@ -49,7 +49,7 @@ Parameters Most plugins and modules can be configured by the following parameters: docker_host - The URL or Unix socket path used to connect to the Docker API. Defaults to ``unix://var/run/docker.sock``. To connect to a remote host, provide the TCP connection string (for example: ``tcp://192.0.2.23:2376``). If TLS is used to encrypt the connection to the API, then the module will automatically replace 'tcp' in the connection URL with 'https'. + The URL or Unix socket path used to connect to the Docker API. Defaults to ``unix:///var/run/docker.sock``. To connect to a remote host, provide the TCP connection string (for example: ``tcp://192.0.2.23:2376``). If TLS is used to encrypt the connection to the API, then the module will automatically replace ``tcp`` in the connection URL with ``https``. api_version The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by the Docker SDK for Python installed. @@ -63,7 +63,7 @@ Most plugins and modules can be configured by the following parameters: validate_certs Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server. Default is ``false``. - cacert_path + ca_path Use a CA certificate when performing server verification by providing the path to a CA certificate file. cert_path @@ -78,6 +78,58 @@ Most plugins and modules can be configured by the following parameters: ssl_version Provide a valid SSL version number. The default value is determined by the Docker SDK for Python. + This option is not available for the CLI based plugins. It is mainly needed for legacy systems and should be avoided. + + +Module default group +.................... + +To avoid having to specify common parameters for all the modules in every task, you can use the ``community.docker.docker`` :ref:`module defaults group <module_defaults_groups>`, or its short name ``docker``. + +.. note:: + + Module default groups only work for modules, not for plugins (connection and inventory plugins). + +The following example shows how the module default group can be used in a playbook: + +.. code-block:: yaml+jinja + + --- + - name: Pull and image and start the container + hosts: localhost + gather_facts: false + module_defaults: + group/community.docker.docker: + # Select Docker Daemon on other host + docker_host: tcp://192.0.2.23:2376 + # Configure TLS + tls: true + validate_certs: true + tls_hostname: docker.example.com + ca_path: /path/to/cacert.pem + # Increase timeout + timeout: 120 + tasks: + - name: Pull image + community.docker.docker_image_pull: + name: python + tag: 3.12 + + - name: Start container + community.docker.docker_container: + cleanup: true + command: python --version + detach: false + image: python:3.12 + name: my-python-container + output_logs: true + + - name: Show output + ansible.builtin.debug: + msg: "{{ output.container.Output }}" + +Here the two ``community.docker`` tasks will use the options set for the module defaults group. + Environment variables ..................... @@ -86,27 +138,38 @@ You can also control how the plugins and modules connect to the Docker API by se For plugins, they have to be set for the environment Ansible itself runs in. For modules, they have to be set for the environment the modules are executed in. For modules running on remote machines, the environment variables have to be set on that machine for the user used to execute the modules with. - DOCKER_HOST - The URL or Unix socket path used to connect to the Docker API. +.. envvar:: DOCKER_HOST + + The URL or Unix socket path used to connect to the Docker API. + +.. envvar:: DOCKER_API_VERSION + + The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported + by Docker SDK for Python. + +.. envvar:: DOCKER_TIMEOUT + + The maximum amount of time in seconds to wait on a response from the API. - DOCKER_API_VERSION - The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported - by Docker SDK for Python. +.. envvar:: DOCKER_CERT_PATH - DOCKER_TIMEOUT - The maximum amount of time in seconds to wait on a response from the API. + Path to the directory containing the client certificate, client key and CA certificate. - DOCKER_CERT_PATH - Path to the directory containing the client certificate, client key and CA certificate. +.. envvar:: DOCKER_SSL_VERSION - DOCKER_SSL_VERSION - Provide a valid SSL version number. + Provide a valid SSL version number. - DOCKER_TLS - Secure the connection to the API by using TLS without verifying the authenticity of the Docker Host. +.. envvar:: DOCKER_TLS - DOCKER_TLS_VERIFY - Secure the connection to the API by using TLS and verify the authenticity of the Docker Host. + Secure the connection to the API by using TLS without verifying the authenticity of the Docker Host. + +.. envvar:: DOCKER_TLS_HOSTNAME + + When verifying the authenticity of the Docker Host, uses this hostname to compare to the host's certificate. + +.. envvar:: DOCKER_TLS_VERIFY + + Secure the connection to the API by using TLS and verify the authenticity of the Docker Host. Plain Docker daemon: images, networks, volumes, and containers @@ -115,70 +178,118 @@ Plain Docker daemon: images, networks, volumes, and containers For working with a plain Docker daemon, that is without Swarm, there are connection plugins, an inventory plugin, and several modules available: docker connection plugin - The :ref:`community.docker.docker connection plugin <ansible_collections.community.docker.docker_connection>` uses the Docker CLI utility to connect to Docker containers and execute modules in them. It essentially wraps ``docker exec`` and ``docker cp``. This connection plugin is supported by the :ref:`ansible.posix.synchronize module <ansible_collections.ansible.posix.synchronize_module>`. + The :ansplugin:`community.docker.docker connection plugin <community.docker.docker#connection>` uses the Docker CLI utility to connect to Docker containers and execute modules in them. It essentially wraps ``docker exec`` and ``docker cp``. This connection plugin is supported by the :ansplugin:`ansible.posix.synchronize module <ansible.posix.synchronize#module>`. docker_api connection plugin - The :ref:`community.docker.docker_api connection plugin <ansible_collections.community.docker.docker_api_connection>` talks directly to the Docker daemon to connect to Docker containers and execute modules in them. + The :ansplugin:`community.docker.docker_api connection plugin <community.docker.docker_api#connection>` talks directly to the Docker daemon to connect to Docker containers and execute modules in them. docker_containers inventory plugin - The :ref:`community.docker.docker_containers inventory plugin <ansible_collections.community.docker.docker_containers_inventory>` allows you to dynamically add Docker containers from a Docker Daemon to your Ansible inventory. See :ref:`dynamic_inventory` for details on dynamic inventories. + The :ansplugin:`community.docker.docker_containers inventory plugin <community.docker.docker_containers#inventory>` allows you to dynamically add Docker containers from a Docker Daemon to your Ansible inventory. See :ref:`dynamic_inventory` for details on dynamic inventories. The `docker inventory script <https://github.com/ansible-community/contrib-scripts/blob/main/inventory/docker.py>`_ is deprecated. Please use the inventory plugin instead. The inventory plugin has several compatibility options. If you need to collect Docker containers from multiple Docker daemons, you need to add every Docker daemon as an individual inventory source. docker_host_info module - The :ref:`community.docker.docker_host_info module <ansible_collections.community.docker.docker_host_info_module>` allows you to retrieve information on a Docker daemon, such as all containers, images, volumes, networks and so on. + The :ansplugin:`community.docker.docker_host_info module <community.docker.docker_host_info#module>` allows you to retrieve information on a Docker daemon, such as all containers, images, volumes, networks and so on. docker_login module - The :ref:`community.docker.docker_login module <ansible_collections.community.docker.docker_login_module>` allows you to log in and out of a remote registry, such as Docker Hub or a private registry. It provides similar functionality to the ``docker login`` and ``docker logout`` CLI commands. + The :ansplugin:`community.docker.docker_login module <community.docker.docker_login#module>` allows you to log in and out of a remote registry, such as Docker Hub or a private registry. It provides similar functionality to the ``docker login`` and ``docker logout`` CLI commands. docker_prune module - The :ref:`community.docker.docker_prune module <ansible_collections.community.docker.docker_prune_module>` allows you to prune no longer needed containers, images, volumes and so on. It provides similar functionality to the ``docker prune`` CLI command. + The :ansplugin:`community.docker.docker_prune module <community.docker.docker_prune#module>` allows you to prune no longer needed containers, images, volumes and so on. It provides similar functionality to the ``docker prune`` CLI command. docker_image module - The :ref:`community.docker.docker_image module <ansible_collections.community.docker.docker_image_module>` provides full control over images, including: build, pull, push, tag and remove. + The :ansplugin:`community.docker.docker_image module <community.docker.docker_image#module>` provides full control over images, including: build, pull, push, tag and remove. + + docker_image_build + The :ansplugin:`community.docker.docker_image_build module <community.docker.docker_image_build#module>` allows you to build a Docker image using Docker buildx. + + docker_image_export module + The :ansplugin:`community.docker.docker_image_export module <community.docker.docker_image_export#module>` allows you to export (archive) images. docker_image_info module - The :ref:`community.docker.docker_image_info module <ansible_collections.community.docker.docker_image_info_module>` allows you to list and inspect images. + The :ansplugin:`community.docker.docker_image_info module <community.docker.docker_image_info#module>` allows you to list and inspect images. + + docker_image_load + The :ansplugin:`community.docker.docker_image_load module <community.docker.docker_image_load#module>` allows you to import one or multiple images from tarballs. + + docker_image_pull + The :ansplugin:`community.docker.docker_image_pull module <community.docker.docker_image_pull#module>` allows you to pull a Docker image from a registry. + + docker_image_push + The :ansplugin:`community.docker.docker_image_push module <community.docker.docker_image_push#module>` allows you to push a Docker image to a registry. + + docker_image_remove + The :ansplugin:`community.docker.docker_image_remove module <community.docker.docker_image_remove#module>` allows you to remove and/or untag a Docker image from the Docker daemon. + + docker_image_tag + The :ansplugin:`community.docker.docker_image_tag module <community.docker.docker_image_tag#module>` allows you to tag a Docker image with additional names and/or tags. docker_network module - The :ref:`community.docker.docker_network module <ansible_collections.community.docker.docker_network_module>` provides full control over Docker networks. + The :ansplugin:`community.docker.docker_network module <community.docker.docker_network#module>` provides full control over Docker networks. docker_network_info module - The :ref:`community.docker.docker_network_info module <ansible_collections.community.docker.docker_network_info_module>` allows you to inspect Docker networks. + The :ansplugin:`community.docker.docker_network_info module <community.docker.docker_network_info#module>` allows you to inspect Docker networks. docker_volume_info module - The :ref:`community.docker.docker_volume_info module <ansible_collections.community.docker.docker_volume_info_module>` provides full control over Docker volumes. + The :ansplugin:`community.docker.docker_volume_info module <community.docker.docker_volume_info#module>` provides full control over Docker volumes. docker_volume module - The :ref:`community.docker.docker_volume module <ansible_collections.community.docker.docker_volume_module>` allows you to inspect Docker volumes. + The :ansplugin:`community.docker.docker_volume module <community.docker.docker_volume#module>` allows you to inspect Docker volumes. docker_container module - The :ref:`community.docker.docker_container module <ansible_collections.community.docker.docker_container_module>` manages the container lifecycle by providing the ability to create, update, stop, start and destroy a Docker container. + The :ansplugin:`community.docker.docker_container module <community.docker.docker_container#module>` manages the container lifecycle by providing the ability to create, update, stop, start and destroy a Docker container. + + docker_container_copy_into + The :ansplugin:`community.docker.docker_container_copy_into module <community.docker.docker_container_copy_into#module>` allows you to copy files from the control node into a container. + + docker_container_exec + The :ansplugin:`community.docker.docker_container_exec module <community.docker.docker_container_exec#module>` allows you to execute commands in a running container. docker_container_info module - The :ref:`community.docker.docker_container_info module <ansible_collections.community.docker.docker_container_info_module>` allows you to inspect a Docker container. + The :ansplugin:`community.docker.docker_container_info module <community.docker.docker_container_info#module>` allows you to inspect a Docker container. + + docker_plugin + The :ansplugin:`community.docker.docker_plugin module <community.docker.docker_plugin#module>` allows you to manage Docker plugins. Docker Compose -------------- -The :ref:`community.docker.docker_compose module <ansible_collections.community.docker.docker_compose_module>` +Docker Compose v2 +................. + +There are two modules for working with Docker compose projects: + + community.docker.docker_compose_v2 + The :ansplugin:`community.docker.docker_compose_v2 module <community.docker.docker_compose_v2#module>` allows you to use your existing Docker compose files to orchestrate containers on a single Docker daemon or on Swarm. + + community.docker.docker_compose_v2_pull + The :ansplugin:`community.docker.docker_compose_v2_pull module <community.docker.docker_compose_v2_pull#module>` allows you to pull Docker compose projects. + +These modules use the Docker CLI "compose" plugin (``docker compose``), and thus needs access to the Docker CLI tool. +No further requirements next to to the CLI tool and its Docker Compose plugin are needed. + +Docker Compose v1 +................. + +The :ansplugin:`community.docker.docker_compose module <community.docker.docker_compose#module>` allows you to use your existing Docker compose files to orchestrate containers on a single Docker daemon or on Swarm. -Supports compose versions 1 and 2. +This module uses the out-dated and End of Life version 1.x of Docker Compose. It should mainly be used for legacy systems +which still have to use that version of Docker Compose. -Next to Docker SDK for Python, you need to install `docker-compose <https://github.com/docker/compose>`_ on the remote machines to use the module. +You need to install the `old Python docker-compose <https://pypi.org/project/docker-compose/>`_ on the remote machines to use the module. Docker Machine -------------- -The :ref:`community.docker.docker_machine inventory plugin <ansible_collections.community.docker.docker_machine_inventory>` allows you to dynamically add Docker Machine hosts to your Ansible inventory. +The :ansplugin:`community.docker.docker_machine inventory plugin <community.docker.docker_machine#inventory>` allows you to dynamically add Docker Machine hosts to your Ansible inventory. -Docker stack ------------- +Docker Swarm stack +------------------ -The :ref:`community.docker.docker_stack module <ansible_collections.community.docker.docker_stack_module>` module allows you to control Docker stacks. Information on stacks can be retrieved by the :ref:`community.docker.docker_stack_info module <ansible_collections.community.docker.docker_stack_info_module>`, and information on stack tasks can be retrieved by the :ref:`community.docker.docker_stack_task_info module <ansible_collections.community.docker.docker_stack_task_info_module>`. +The :ansplugin:`community.docker.docker_stack module <community.docker.docker_stack#module>` module allows you to control Docker Swarm stacks. Information on Swarm stacks can be retrieved by the :ansplugin:`community.docker.docker_stack_info module <community.docker.docker_stack_info#module>`, and information on Swarm stack tasks can be retrieved by the :ansplugin:`community.docker.docker_stack_task_info module <community.docker.docker_stack_task_info#module>`. Docker Swarm @@ -192,19 +303,19 @@ Swarm management One inventory plugin and several modules are provided to manage Docker Swarms: docker_swarm inventory plugin - The :ref:`community.docker.docker_swarm inventory plugin <ansible_collections.community.docker.docker_swarm_inventory>` allows you to dynamically add all Docker Swarm nodes to your Ansible inventory. + The :ansplugin:`community.docker.docker_swarm inventory plugin <community.docker.docker_swarm#inventory>` allows you to dynamically add all Docker Swarm nodes to your Ansible inventory. docker_swarm module - The :ref:`community.docker.docker_swarm module <ansible_collections.community.docker.docker_swarm_module>` allows you to globally configure Docker Swarm manager nodes to join and leave swarms, and to change the Docker Swarm configuration. + The :ansplugin:`community.docker.docker_swarm module <community.docker.docker_swarm#module>` allows you to globally configure Docker Swarm manager nodes to join and leave swarms, and to change the Docker Swarm configuration. docker_swarm_info module - The :ref:`community.docker.docker_swarm_info module <ansible_collections.community.docker.docker_swarm_info_module>` allows you to retrieve information on Docker Swarm. + The :ansplugin:`community.docker.docker_swarm_info module <community.docker.docker_swarm_info#module>` allows you to retrieve information on Docker Swarm. docker_node module - The :ref:`community.docker.docker_node module <ansible_collections.community.docker.docker_node_module>` allows you to manage Docker Swarm nodes. + The :ansplugin:`community.docker.docker_node module <community.docker.docker_node#module>` allows you to manage Docker Swarm nodes. docker_node_info module - The :ref:`community.docker.docker_node_info module <ansible_collections.community.docker.docker_node_info_module>` allows you to retrieve information on Docker Swarm nodes. + The :ansplugin:`community.docker.docker_node_info module <community.docker.docker_node_info#module>` allows you to retrieve information on Docker Swarm nodes. Configuration management ........................ @@ -212,21 +323,12 @@ Configuration management The community.docker collection offers modules to manage Docker Swarm configurations and secrets: docker_config module - The :ref:`community.docker.docker_config module <ansible_collections.community.docker.docker_config_module>` allows you to create and modify Docker Swarm configs. + The :ansplugin:`community.docker.docker_config module <community.docker.docker_config#module>` allows you to create and modify Docker Swarm configs. docker_secret module - The :ref:`community.docker.docker_secret module <ansible_collections.community.docker.docker_secret_module>` allows you to create and modify Docker Swarm secrets. - + The :ansplugin:`community.docker.docker_secret module <community.docker.docker_secret#module>` allows you to create and modify Docker Swarm secrets. Swarm services .............. -Docker Swarm services can be created and updated with the :ref:`community.docker.docker_swarm_service module <ansible_collections.community.docker.docker_swarm_service_module>`, and information on them can be queried by the :ref:`community.docker.docker_swarm_service_info module <ansible_collections.community.docker.docker_swarm_service_info_module>`. - - -Helpful links -------------- - -Still using Dockerfile to build images? Check out `ansible-bender <https://github.com/ansible-community/ansible-bender>`_, and start building images from your Ansible playbooks. - -Use `Ansible Operator <https://learn.openshift.com/ansibleop/ansible-operator-overview/>`_ to launch your docker-compose file on `OpenShift <https://www.okd.io/>`_. Go from an app on your laptop to a fully scalable app in the cloud with Kubernetes in just a few moments. +Docker Swarm services can be created and updated with the :ansplugin:`community.docker.docker_swarm_service module <community.docker.docker_swarm_service#module>`, and information on them can be queried by the :ansplugin:`community.docker.docker_swarm_service_info module <community.docker.docker_swarm_service_info#module>`. |