atosatto / ansible-dockerswarm Goto Github PK
View Code? Open in Web Editor NEWDocker Engine clustering using "Swarm Mode" and Ansible
Home Page: https://galaxy.ansible.com/atosatto/docker-swarm/
License: MIT License
Docker Engine clustering using "Swarm Mode" and Ansible
Home Page: https://galaxy.ansible.com/atosatto/docker-swarm/
License: MIT License
The version_compare
filter was removed in v2.9 after being deprecated in version 2.5.
Please update the role as specified here, #48
Quick solution,
sudo add-apt-repository ppa:ansible/ansible-2.8
sudo add-apt-repository --remove ppa:ansible/ansible
sudo apt update
sudo apt remove ansible
sudo apt install ansible
ansible --version
Is this repository still maintained? The current state of the repos isn't working, there are a few important PRs open?
Hi its not really an issue here but are there any plans to have docker overlay network?
At the moment I noticed you have network bridging in the code.
It would be good to have an option to either choose bridging or overlay.
Thanks
Chung
suggest to add an example:
docker_package_version: "5:19.03.12~3-0~ubuntu-focal"
user@ubuntu2004:$ apt-cache madison docker-ce
docker-ce | 5:20.10.5~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:20.10.4~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:20.10.3~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:20.10.2~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:20.10.1~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:20.10.0~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.15~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.14~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.13~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.12~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.11~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.10~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
docker-ce | 5:19.03.9~3-0~ubuntu-focal | https://download.docker.com/linux/ubuntu focal/stable amd64 Packages
Receives the following errors when creating a swarm on a clean Ubuntu 18.04 server
fatal: [hostname]: FAILED! => {"changed": false, "module_stderr": "Shared connection to hostname closed.\r
", "module_stdout": "Traceback (most recent call last):\r
File \"/home/benyanke/.ansible/tmp/ansible-tmp-1541531946.58-234265249723950/AnsiballZ_apt_repository.py\", line 113, in <module>\r
_ansiballz_main()\r
File \"/home/benyanke/.ansible/tmp/ansible-tmp-1541531946.58-234265249723950/AnsiballZ_apt_repository.py\", line 105, in _ansiballz_main\r
invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\r
File \"/home/benyanke/.ansible/tmp/ansible-tmp-1541531946.58-234265249723950/AnsiballZ_apt_repository.py\", line 48, in invoke_module\r
imp.load_module('__main__', mod, module, MOD_DESC)\r
File \"/tmp/ansible_apt_repository_payload_1RV081/__main__.py\", line 550, in <module>\r
File \"/tmp/ansible_apt_repository_payload_1RV081/__main__.py\", line 542, in main\r
File \"/usr/lib/python2.7/dist-packages/apt/cache.py\", line 546, in update\r
raise FetchFailedException(e)\r
apt.cache.FetchFailedException: E:Failed to fetch https://apt.dockerproject.org/repo/dists/ubuntu-bionic/InRelease 403 Forbidden [IP: 52.84.67.161 443], E:The repository 'https://apt.dockerproject.org/repo ubuntu-bionic InRelease' is not signed.\r
", "msg": "MODULE FAILURE
See stdout/stderr for the exact error", "rc": 1}
The name in galaxy is atosatto.docker-swarm, on your README it is a different value in your example playbook.
TASK [atosatto.docker-swarm : Install docker-py] ******************************************************************************************************
[DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using `result|version_compare` use `result is version_compare`. This feature
will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using `result|version_compare` use `result is version_compare`. This feature
will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using `result|version_compare` use `result is version_compare`. This feature
will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using `result|version_compare` use `result is version_compare`. This feature
will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using `result|version_compare` use `result is version_compare`. This feature
will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
[DEPRECATION WARNING]: Using tests as filters is deprecated. Instead of using `result|version_compare` use `result is version_compare`. This feature
will be removed in version 2.9. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.
Looking for support for Ubuntu 20.04 LTS as we have moved to this platform for docker swarm. Current project does not support it, can downgrade if needed though we would rather utilize this version.
Hey, first of all, thanks for making this great role! I've got it mostly working but my playbook gets to the verify last step:
TASK [atosatto.docker-swarm : Extract the name of the latest docker-compose release tag.] ******************************
fatal: [swarm-proto-3]: FAILED! => {"msg": "You need to install \"jmespath\" prior to running json_query filter"}
fatal: [swarm-proto-2]: FAILED! => {"msg": "You need to install \"jmespath\" prior to running json_query filter"}
fatal: [swarm-proto-1]: FAILED! => {"msg": "You need to install \"jmespath\" prior to running json_query filter"}
I've tried the following:
pip install -r requirements.txt
after copying your requirements.txt over on my workstation (where I'm launching playbooks from), running straight pip install jmespath==0.9.3
- name: install jmespath==0.9.3 for other role
pip:
name: jmespath==0.9.3
and having it run on the hosts before the dockerswarm role
3. running playbook multiple times
I apologize I'm very new to ansible/python, is there something I'm doing wrong? something I should be launching?
dev.yaml (inventory)
docker_swarm_manager:
hosts:
swarm-proto-1:
ansible_ssh_host: 10.x.x.x
swarm_labels: zone1
swarm-proto-2:
ansible_ssh_host: 10.x.x.x
swarm_labels: zone2
swarm-proto-3:
ansible_ssh_host: 10.x.x.x
swarm_labels: zone3
docker-swarm.yml (playbook)
- hosts: docker_swarm_manager
become: true
become_user: root
roles:
- '../roles/pip-dependencies'
- atosatto.docker-swarm
and cli that I'm launching as:
ansible-playbook playbooks/docker-swarm.yml -i inventory/dev.yaml --become-user root --ask-become-pass
I'm able to ssh into the host and can see the other nodes by doing a sudo docker node ls
so thanks for making an awesome role :D would just love to figure out what I'm doing wrong on this last step.
Thanks again,
Paul
I am using your role currently like so:
daemon.json
This is a bit of a maybe oddity, but I found no other way to insure that first Docker gets installed, so I can use docker plugin install
and only then do I reconfigure daemon.json
to include the plugin. If I try to configure daemon.json
right away, the initial start of dockerd fails and therefor also the plugin install. Anyhow, I am a bit stumped.
The problem:
It seems no matter what I do, it the role skips certain parts and looks like the variables from the second "invocation" of your role are set. In this case, I am relying on docker-py to be installed so I can use it in my docker plugin role. In the second run, I am trying to save some time by disabling (almost) everything but the configuration of daemon.json
.
Here is an example playbook (or prepare.yml
) with Molecule:
tasks:
- import_role:
name: atosatto.docker-swarm
vars:
docker_daemon_config:
storage-driver: vfs
docker_py_package_version: 4.4.4
docker_service_override: |
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H unix://
skip_docker_compose: True
skip_group: True
- import_role:
name: ansible-docker-plugin-loki
vars:
docker_loki_version: v1.2.0
- import_role:
name: atosatto.docker-swarm
vars:
docker_daemon_config:
storage-driver: vfs
log-driver: loki
skip_cli: True
skip_containerd: True
skip_docker_compose: True
skip_docker_py: True
skip_group: True
skip_swarm: True
During the first run, skip_docker_py
is already true
:
TASK [atosatto.docker-swarm : Show env] ****************************************
task path: /root/.cache/molecule/ansible-docker-plugin-loki/upgrade/roles/atosatto.docker-swarm/tasks/setup-python-pip.yml:2
ok: [instance] => {
"msg": "Show Variables:\nskip_docker_py: True, skip_docker_compose: True\n\nTest if #1\nFalse - False\n\nTest if #2\nFalse\n\nTest if #3\nTrue\n"
}
I dumped it on a local branch: till@f8b42b6
I am not sure if this is a regression in Ansible as I haven't noticed this before and my test started failing only "recently". But here is my environment:
ansible-playbook 2.9.7
config file = /root/.cache/molecule/ansible-docker-plugin-loki/upgrade/ansible.cfg
configured module search path = ['/usr/lib/python3.8/site-packages/molecule/provisioner/ansible/plugins/modules', '/root/.cache/molecule/ansible-docker-plugin-loki/upgrade/library', '/tmp/ansible-docker-plugin-loki/library', '/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python3.8/site-packages/ansible
executable location = /usr/bin/ansible-playbook
python version = 3.8.2 (default, Apr 13 2020, 10:20:46) [GCC 9.3.0]
Using /root/.cache/molecule/ansible-docker-plugin-loki/upgrade/ansible.cfg as config file
host_list declined parsing /root/.cache/molecule/ansible-docker-plugin-loki/upgrade/inventory/ansible_inventory.yml as it did not pass its verify_file() method
script declined parsing /root/.cache/molecule/ansible-docker-plugin-loki/upgrade/inventory/ansible_inventory.yml as it did not pass its verify_file() method
Parsed /root/.cache/molecule/ansible-docker-plugin-loki/upgrade/inventory/ansible_inventory.yml inventory source with yaml plugin
1 plays in /tmp/ansible-docker-plugin-loki/molecule/upgrade/converge.yml
I tried adding allow_duplicates: True
to my import_role
statements. But to no avail. Anyhow, any thoughts? Maybe this is the wrong repository for this bug report. ๐คท๐ผ Any input appreciated.
Role fails on "Get list of labels" task if target hosts hostname is FQDN with 'no such object ' error
I tried to install this setup with only 1 node and 1 manager (since i didn't have my nr3 server) and now it fails on this:
TASK [atosatto.docker-swarm : Join the Swarm nodes.] ***************************
fatal: [xxxxxxx]: FAILED! => {"failed": true, "msg": "the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'dict object' has no attribute 'stdout'\n\nThe error appears to have been in '/Users/riemers/roles/atosatto.docker-swarm/tasks/swarm_cluster.yml': line 28, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Join the Swarm nodes.\n ^ here\n"}
Tried removing docker on the nodes and doing it again, but same issue. I have another group of 3 servers which ran the playbook just fine, except for this group. Is there anything i am overlooking? Some kind of fact cache that needs to clear or some settings on the server?
Summary
containerd installation fails on CENTOS8 with the message Failed to validate GPG signature for containerd.io-1.2.6-3.3.el7.x86_64
. Changing the repository URL to containerd of CentOS7 to CentOS8 (https://github.com/atosatto/ansible-dockerswarm/blob/master/tasks/setup-containerd.yml#L26) is not successful, but yields another error
Problem: problem with installed package podman-1.6.4-10.module_el8.2.0+305+5e198a41.x86_64
- package podman-1.6.4-10.module_el8.2.0+305+5e198a41.x86_64 requires runc >= 1.0.0-57, but none of the providers can be installed
- package containerd.io-1.3.7-3.1.el8.x86_64 conflicts with runc provided by runc-1.0.0-65.rc10.module_el8.2.0+305+5e198a41.x86_64
- package containerd.io-1.3.7-3.1.el8.x86_64 obsoletes runc provided by runc-1.0.0-65.rc10.module_el8.2.0+305+5e198a41.x86_64
- conflicting requests
- package runc-1.0.0-64.rc10.module_el8.2.0+304+65a3c2ac.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.10-3.2.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.13-3.1.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.13-3.2.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.2-3.3.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.2-3.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.4-3.1.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.5-3.1.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.2.6-3.3.el7.x86_64 is filtered out by modular filtering
- package containerd.io-1.3.7-3.1.el7.x86_64 is filtered out by modular filtering
Is there any specific reason, containerd is not installed via dnf/yum?
Issue Type
OS / Environment
Steps to reproduce
# playbook.yml
---
- hosts: all
roles:
- role: atosatto.docker-swarm
ansible-playbook ./playbook.yml
Expected result
Installation of docker swarm succeeds.
Actual Result
Installation fails while installing containerd.
Hi,
When docker labels are added to nodes of an already provisioned cluster with this role without using the swarm_labels
variable in the inventory file, but by for example, adding them manually, the role will fail with the following error:
TASK [atosatto.docker-swarm : Remove labels from swarm node.] ******************
fatal: [swarm_manager_preprod_1]: FAILED! => {"msg": "The conditional check 'item not in swarm_labels' failed. The error was: error while evaluating conditional (item not in swarm_labels): 'swarm_labels' is undefined\n\nThe error appears to be in '/builds/karisma.org.co/pub/ansible/roles/atosatto.docker-swarm/tasks/setup-swarm-labels.yml': line 15, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Remove labels from swarm node.\n ^ here\n"}
The issue arises because the item
variable will be not empty containing the manually added labels, but swarm_labels
variable will be empty, as any label has not been configured using that variable, so the when:
condition of that task will fail.
This is fixed by also checking that swarm_labels
is also defined on that task.
Hi,
When deploying to ec2-instances the {{ ansible_hostname }} that is returned by Ansible is a shortened version, which makes the following tasks fail.
Example:
returned value by ansible in var {{ ansible_hostname }} = ip-10-210-154-89
value required by swarm
ip-10-210-154-89.us-west-1.compute.internal
Ansible provides the fqdn in a var called {{ ansible_fqdn }}
I updated the above tasks to use {{ ansible_fqdn }} and this worked.
Thanks,
Chris
When using this and reapplying, even if the labels haven't changed they get removed and readded. Meaning any docker instances targeted with the labels get removed and readded for a loss of service.
A small change would make them idempotent. This code here it will remove labels no longer in the list, and add any that aren't already set.
- name: Remove labels from swarm node
command: docker node update --label-rm {{ item }} {{ inventory_hostname }}
with_items: "{{ docker_swarm_labels.stdout_lines }}"
when: item not in swarm_labels
delegate_to: "{{ groups['docker_swarm_manager'][0] }}"
delegate_facts: True
tags:
- skip_ansible_lint
- swarm_labels
- name: Asign labels to swarm nodes | if any
command: docker node update --label-add {{ item }}=true {{ inventory_hostname }}
when: item not in docker_swarm_labels.stdout_lines
with_items:
- "{{ swarm_labels | default([]) }}"
delegate_to: "{{ groups['docker_swarm_manager'][0] }}"
delegate_facts: True
tags:
- skip_ansible_lint
- swarm_labels
Hi, I am trying to figure out how to have this role configure the docker daemon to bind a to a TCP port for remote access.
I think that maybe once #23 has been merged in, that will allow for the functionality?
Please let me know! I'm happy to help add documentation or contribute any other way I can.
Thanks for refactoring the code - your doing a great job here!
I'm using your role on a pi3, so I have a few modifications, I would ask you to add?
Could you please add armv7l: "arm64"
to docker_architechture
in vars/main.yml
?
Could you add the following to the bottom of tasks/setup-docker-compose.yml ?
when: ansible_userspace_architecture is defined
- block:
- name: Pip install Docker Compose.
pip:
name: docker-compose
extra_args: --user
executable: pip3
when: ansible_userspace_architecture is undefined
This enables docker compose to be installed via pip on my type device. :)
Thank you!!
It would be awesome to have an option to set managers as drained, which many admins use to stop any containers from running on their managers, reducing the risk of their masters experiencing issues.
docker node update --availability drain [node name]
Would be awesome to add a variable like manager_availability
which can have this role set managers to draining or available.
Hi,
I've been doing some work and I'm wondering if would be possible to add support for arch linux. I know it could add more layers to maintain but could be useful for many out there too.
Hi,
I'm using ansible dynamic inventories with AWS. As the ec2.py inventory script creates a group for example for the labels added to an ec2 instance, how can I add swarm labels to that dynamic group ? it seems there is no way to target a host directy when using dynamic inventory.
This role installs the latest 'docker' packages (17.05), but starting from 17.06 they shift to 'docker-ce' and now the role is still installing 17.05.
I tried to fix it myself and making a PR but I'm not able right now
I have difficulties applying the latest playbook from latest master. I always get a ERROR! Cannot reset connection
error message. I am not able to figure out what exactly is wrong with it.
First there are this warning messages, which are not directly related to the problem I think.
TASK [ansible-dockerswarm : Kill the ansible_user active SSH connections] ********************************************************
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: ansible_user is
defined and ansible_user in docker_admin_users and ansible_user in "{{ addtogroup.results | selectattr('changed') |
map(attribute='item') | list }}" and ansible_version.major <= 2 and ansible_version.minor <3
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: ansible_user is
defined and ansible_user in docker_admin_users and ansible_user in "{{ addtogroup.results | selectattr('changed') |
map(attribute='item') | list }}" and ansible_version.major <= 2 and ansible_version.minor <3
skipping: [cluser-node-1]
skipping: [cluser-node-2]
[WARNING]: when statements should not include jinja2 templating delimiters such as {{ }} or {% %}. Found: ansible_user is
defined and ansible_user in docker_admin_users and ansible_user in "{{ addtogroup.results | selectattr('changed') |
map(attribute='item') | list }}" and ansible_version.major <= 2 and ansible_version.minor <3
skipping: [cluser-node-3]
ERROR! Cannot reset connection:
Control socket connect(/Users/v/.ansible/cp/none): No such file or directory
I'm wondering if you'd consider splitting off the Docker Engine tasks into its own role? I have some hosts that just need to be set up as engines, without swarm mode.
Your tasks for Docker Engine are nicely written with multi-OS support. It'd be useful if it existed as a distinct role that the docker-swarm role depended on rather than being bundled within the docker-swarm role.
As an user of docker swarm in a productive environment I want to be able to select that Docker Version that should be installed. Right now only 17.05 is installed which is not maintained by Docker anymore.
skip_dockerpy
flagpython-pip
only if it's really neededMaybe this could be helpful for someone.
Add this at the top of swarm_cluster.yml to set group_names as swarm labels for each swarm_node.
---
- name: "Set SWARM LABELS"
set_fact: swarm_labels="{{ group_names }}"
tags:
- skip_ansible_lint
- swarm_labels
Hi, I'm having this error while running my playbook:
TASK [atosatto.docker-swarm : Install python-pip.] ***********************************************************************************************************************************************************
task path: /Users/dev01/.ansible/roles/atosatto.docker-swarm/tasks/main.yml:15
fatal: [worker01]: FAILED! => {
"msg": "The conditional check '(not skip_docker_py) or (ansible_os_family == 'Debian' and ansible_python_version | version_compare('2.6.0', '>=') and ansible_python_version | version_compare('2.7.9', '<'))' failed. The error was: template error while templating string: no filter named 'version_compare'. String: {% if (not skip_docker_py) or (ansible_os_family == 'Debian' and ansible_python_version | version_compare('2.6.0', '>=') and ansible_python_version | version_compare('2.7.9', '<')) %} True {% else %} False {% endif %}\n\nThe error appears to be in '/Users/fabianochagas/.ansible/roles/atosatto.docker-swarm/tasks/main.yml': line 15, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# https://github.com/ansible/ansible-modules-core/issues/1178\n- name: Install python-pip.\n ^ here\n"
}
I'm using:
Ansible: 2.9.3
Python: 3.8.1
Role's version: v1.3.2
Thanks cheers!
I found a bit of a race-condition when I configure docker on first-run.
But let me explain this a bit:
docker plugin install foo/bar
docker needs to be runningdaemon.json
) and the plugin is not installed, it will not start when the role completesWhat I think needs to happen:
flush_handlers
)daemon.json
docker plugin install ...
notify: restart docker
in the endSo, for that, I think there are a few things missing. E.g., the order of execution, and also some kind of mechanism to supply plugins.
docker_plugins:
- name: foo/bar
state: present
Any thoughts? Or any alternatives how to handle this?
First off - i'm new to ansible. I've tried running ansible-playbook that set-up K8's and was able to make it work just fine.
I wanted to try SWARM and saw this playbook.
When I try to run the playbook:
ansible-playbook -i inventory playbook.yml
I'm getting the following error:
ERROR! the role 'ansible-dockerswarm' was not found in /home/master/Projects/ansible-dockerswarm/roles:/home/master/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:/home/master/Projects/ansible-dockerswarm
The error appears to have been in '/home/master/Projects/ansible-dockerswarm/playbook.yml': line 6, column 7, but may
be elsewhere in the file depending on the exact syntax problem.The offending line appears to be:
roles:
- { role: ansible-dockerswarm }
^ here
Inventory file:
SWARM01 ansible_ssh_host=172.16.0.171
SWARM02 ansible_ssh_host=172.16.0.172
SWARM03 ansible_ssh_host=172.16.0.173[docker_engine]
SWARM01
SWARM02
SWARM03[docker_swarm_manager]
SWARM01
SWARM02
SWARM03[docker_swarm_worker]
SWARM01
SWARM02
SWARM03
Ansible version: 2.6.4
Not sure how to use the roles (?). ive downloaded the role from Ansible galaxy. but still the same.
Maybe a newbie guide on how to use this?
Thank you!
while running playbook, it fails at https://github.com/atosatto/ansible-dockerswarm/blob/master/tasks/main.yml#L9 as the cache was not updated.
On Ubuntu 14.04.5 LTS, I got the error below when running task "Install the Python SNI python-pip dependencies."
Downloading/unpacking pyopenssl
Downloading pyOpenSSL-17.5.0-py2.py3-none-any.whl (53kB): 53kB downloaded
Requirement already satisfied (use --upgrade to upgrade): six>=1.5.2 in /usr/lib/python2.7/dist-packages (from pyopenssl)
Downloading/unpacking cryptography>=2.1.4 (from pyopenssl)
Downloading cryptography-2.1.4.tar.gz (441kB): 441kB downloaded
Running setup.py (path:/tmp/pip_build_root/cryptography/setup.py) egg_info for package cryptography
error in cryptography setup command: Invalid environment marker: python_version < '3'
Complete output from command python setup.py egg_info:
error in cryptography setup command: Invalid environment marker: python_version < '3'
----------------------------------------
Cleaning up...
Command python setup.py egg_info failed with error code 1 in /tmp/pip_build_root/cryptography
Storing debug log for failure in /home/vagrant/.pip/pip.log
after further testing I see there's reasons python-pip was used instead of python3-pip used but I still get this error on Ubuntu 18.04, ansible version 2.8.5
TASK [swarm : Install docker-py.] ***************
fatal: [192.168.0.11]: FAILED! => {"changed": false, "msg": "Unable to find any of pip3 to use. pip needs to be installed."}
This commit 3bb8a49 breaks the swarm nodes label functionnality, as the docker inspect command used to get the labels actually doesn't find anything and breaks.
Reverting to v2.2.0 solves the issue.
The pip package docker-py
has been renamed to docker
See this page for more info docker/docker-py#1310
This will allow for using the docker_config_module.
https://docs.ansible.com/ansible/latest/modules/docker_config_module.html
Please note that it is not allowed to have both docker-py
and docker
installed at the same time.
Hi there!
The role installs the gpg module on debian-like machines, but it seems that for the ubuntu 16 it is the gnupg .
TASK [atosatto.docker-swarm : Install apt-transport-https and gpg if necessary.] ***********************
fatal: [worker01]: FAILED! => {"changed": false, "msg": "No package matching 'gpg' is available"}
While trying to run the test suite under Ubuntu 16.04 I receive the above error executing the task that should enable and start the Docker daemon.
Diving in the container created by molecule I found out that the Docker daemon doesn't start because it tries to use the devicemapper
backend while no loopback device is available. Starting the Docker daemon in the container with the vfs
backend fixes the issue.
Centos 7 is not affected because it seamlessly falls back to using the vfs
driver after trying to use (and failing) the devicemapper
backend.
Is it just me? Why under the Ubuntu container the fallback does not work?
Please let me know if I can install this behind a proxy.
Using the role on two centOS virtual machines, I receive the following error:
TASK [atosatto.docker-swarm : Init "Swarm Mode" on the first manager.] ************************************************************************************fatal: [app1.myapp.dev]: FAILED! => {"msg": "The conditional check 'docker_info.stdout.find('Swarm: active') == -1 and inventory_hostname == groups['docker_swarm_manager'][0]' failed. The error was: error while evaluating conditional (docker_info.stdout.find('Swarm: active') == -1 and inventory_hostname == groups['docker_swarm_manager'][0]): 'dict object' has no attribute 'docker_swarm_manager'\n\nThe error appears to be in '/home/salvo/.ansible/roles/atosatto.docker-swarm/tasks/setup-swarm-cluster.yml': line 22, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Init \"Swarm Mode\" on the first manager.\n ^ here\n"} fatal: [app2.myapp.dev]: FAILED! => {"msg": "The conditional check 'docker_info.stdout.find('Swarm: active') == -1 and inventory_hostname == groups['docker_swarm_manager'][0]' failed. The error was: error while evaluating conditional (docker_info.stdout.find('Swarm: active') == -1 and inventory_hostname == groups['docker_swarm_manager'][0]): 'dict object' has no attribute 'docker_swarm_manager'\n\nThe error appears to be in '/home/salvo/.ansible/roles/atosatto.docker-swarm/tasks/setup-swarm-cluster.yml': line 22, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n\n- name: Init \"Swarm Mode\" on the first manager.\n ^ here\n"}
The task Get list of labels.
is failing after updated with ansible_fqdn
on 3bb8a49
The node hostname(staging-manager-03
) on docker node ls
is different from the fqdn string given on following error:
TASK [atosatto.docker-swarm : Get list of labels.] ********************************************************************************************************************************************
fatal: [165.22.48.107 -> 165.22.48.105]: FAILED! => {"changed": false, "cmd": ["docker", "inspect", "--format", "{{ range $key, $value := .Spec.Labels }}{{ printf \"%s\\n\" $key }}{{ end }}", "staging-manager-03.sgp1"], "delta": "0:00:00.412684", "end": "2020-05-14 13:10:42.573599", "msg": "non-zero return code", "rc": 1, "start": "2020-05-14 13:10:42.160915", "stderr": "Error: No such object: staging-manager-03.sgp1", "stderr_lines": ["Error: No such object: staging-manager-03.sgp1"], "stdout": "", "stdout_lines": []}
For now I am using v2.2.0 which gives no error.
ansible-dockerswarm/vars/Debian.yml
Line 4 in 579f802
while running this role on Ubuntu 20, it raises an error python-pip
package not found, instead it should be python3-pip
Whenever I install this role, I have manually to update this package name before running my playbook
The role does not work anymore with Ansible 2.5+ as is, because the ipaddr
filter has been moved to ansible.utils
.
There seems to be a way to kind of "import" collections, but it seems that this is only possible from within roles, not from external as would be required for using the role in an otherwise Ansible 2.5+ project.
Fixing this is simple, but that would make the role imcompatible with earlier versions.
Any ideas or suggestions how to make this backwards compatible?
Trying to produce a working Vagrant setup, but it consistently fails on:
./roles/atosatto.docker-swarm/tasks/swarm_cluster.yml#37
with message:
the field 'args' has an invalid value, which appears to include a variable that is undefined. The error was: 'dict object' has no attribute 'docker_manager_address
I'm not an Ansible expert, but I think the set_fact
task called Distribute the fact containing address of the first Swarm manager.
is properly run only with a proper facts inventory (afaik able to build such an inventory on cloud providers, but not via Vagrant, where setup is run sequencially).
https://github.com/djalexd/ansible-dockerswarm-vagrant-runtime
Any tips would be great!
If you use root as user for ansible then it will be killed in tasks/docker_group.yml as results of: pkill -u root sshd
Simple workaround is to add " && service sshd restart" to shell command
On Ubuntu 14.04 machines, when I run 'ansible-playbook playbook.yml', I receive the following error:
fatal: [xxx.yyy.zzz.aaa]: FAILED! => {"changed": false, "failed": true, "msg": "Failed to validate the SSL certificate for sks-keyservers.net:443. Make sure your managed systems have a valid CA certificate installed. If the website serving the url uses SNI you need python >= 2.7.9 on your managed machine or you can install the urllib3
, pyopenssl
, ndg-httpsclient
, and pyasn1
python modules to perform SNI verification in python >= 2.6. You can use validate_certs=False if you do not need to confirm the servers identity but this is unsafe and not recommended. Paths checked for this platform: /etc/ssl/certs, /etc/pki/ca-trust/extracted/pem, /etc/pki/tls/certs, /usr/share/ca-certificates/cacert.org, /etc/ansible"}
Given the list of hosts below, if mgr1 dies, or is removed from the swarm, the current behavior is the creation of a new swarm, despite a swarm quorum still existing with three workers and a quorum of two managers.
However, if mgr2 dies and is replaced with a fresh node, it is properly added to the existing cluster of manager1 and manager3, as expected.
Ideally, the tool should check to see if there is already a quorum among the existing masters before trying to create a new one.
$ cat inventory
[targets]
work[1:3].swarm.domain.com
mgr[1:3].swarm.domain.com
[docker_engine]
work[1:3].swarm.domain.com
mgr[1:3].swarm.domain.com
[docker_swarm_manager]
mgr[1:3].swarm.domain.com swarm_labels='["node_is_master"]'
[docker_swarm_worker]
work[1:3].swarm.domain.com swarm_labels='["node_is_worker"]'
Referencing this task https://github.com/atosatto/ansible-dockerswarm/blob/master/tasks/docker_engine.yml#L21-L25
The linux-image-extra-virtual package is only needed if you use AUFS storage driver and fails to install on some debian flavors. I'm running on raspberry pi and the package isn't available.
Just a suggestion to make the playbook more flexible.
Version in ansible galaxy is missing the swarm_labels stuff. Mind updating it please?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.