Skip to content

Latest commit

 

History

History

base_docker_service

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.md
README.md
 
 
config.tf
config.tf
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
secret.tf
secret.tf
 
 
variables.tf
variables.tf
 
 
version.tf
version.tf
 
 

README.md

base_docker_service

This module serves as a canonical foundation for higher level services.

Requirements

Name Version
terraform ~> 1.2
docker 3.0.2
null 3.2.2

Providers

Name Version
docker 3.0.2

Modules

No modules.

Resources

Name Type
docker_config.this resource
docker_secret.this resource
docker_service.this resource

Inputs

Name Description Type Default Required
args (Optional) The arguments to pass to the docker image list(string) null no
auth (Optional) The authentication for a private docker registry.

auth = {
server_address = The address of the server for the authentication against a private docker registry.
username = The password.
password = The username.
}		 
object({
    server_address = optional(string)
    username       = string
    password       = string
  })
 null no
command (Optional) The command/entrypoint to be run in the image. According to the docker cli the override of the entrypoint is also passed to the command property and there is no entrypoint attribute in the ContainerSpec of the service. list(string) null no
configs (Optional) A list of configs that will be created and mounted by the service.

configs = [{
config_id = ID of the specific config that we're referencing
file_name = Represents the final filename in the filesystem
config_name = Name of the config that this references, but this is just provided for lookup/display purposes. The config in the reference will be identified by its ID
file_gid = Represents the file GID. Defaults to '0'.
file_mode = Represents represents the FileMode of the file. Defaults to '0o444'.
file_uid = Represents the file UID. Defaults to '0'.
}]		 
set(object({
    file_name = string
    # config_id   = string # config will be created and we take that resource id
    file_gid    = optional(string)
    file_mode   = optional(number, 0444)
    file_uid    = optional(string)
    config_name = optional(string, null)
    config_data = string
  }))
 [] no
constraints (Optional) The container placement constraints set(string) [] no
env (Optional) The environmental variables to pass to the docker image map(string) null no
healthcheck healthcheck = {
test = The test to be performed in CMD format.
interval = Time between running the check (ms|s|m|h). Defaults to '0s'.
timeout = Maximum time to allow one check to run (ms|s|m|h). Defaults to '0s'.
retries = Consecutive failures needed to report unhealthy. Defaults to '0'.
start_period = Start period for the container to initialize before counting retries towards unstable (ms|s|m|h). Defaults to '0s'.
}		 
object({
    test         = list(string)
    interval     = optional(string, "0s")
    timeout      = optional(string, "0s")
    retries      = optional(number, 0)
    start_period = optional(string, "0s")
  })
 null no
image The docker image name excluding the image tag string n/a yes
image_tag (Optional) The image tag of the docker image. Defaults to: latest string "latest" no
labels (Optional) Labels to add to the service and container map(string) {} no
limit (Optional) The resources limit of service, memory unit is MB 
object({
    cores  = optional(number)
    memory = optional(number)
  })
 null no
mode (Optional) The service mode. Defaults to 'replicated' with replicas set to 1.
type = {
global = The global service mode. Defaults to 'false'.
replicated = {
replicas = The amount of replicas of the service. Defaults to '1'.
}
}		 
object({
    global = optional(bool, false)
    replicated = optional(object({
      replicas = number
    }), { replicas = 1 })
  })
 
{
  "global": false,
  "replicated": {
    "replicas": 1
  }
}
 no
mounts (Optional) Mounts of this docker service.

mounts = [{
target = Container path
type = The mount type
source = Mount source (e.g. a volume name, a host path)
read_only = Whether the mount should be read-only
tmpfs_options = {
mode = The permission mode for the tmpfs mount in an integer
size_bytes = The size for the tmpfs mount in bytes
}
volume_options = {
driver_name = Name of the driver to use to create the volume
driver_options = key/value map of driver specific options
labels = [{
label = Name of the label
value = Value of the label
}]
no_copy = Populate volume with data from the target.
}
}]		 
set(object({
    target = string
    type   = string
    # bind_options conflict with volume, so we omit it from the input!
    # bind_options   = optional(object({ propagation = optional(string) }), null),
    read_only      = optional(bool, false)
    source         = optional(string)
    tmpfs_options  = optional(object({ mode = optional(number), size_bytes = optional(number) }), null)
    volume_options = optional(object({ driver_name = optional(string), driver_options = optional(map(string)), labels = optional(map(string)), no_copy = optional(bool) }), null)
  }))
 [] no
name The service name which must not be longer than 63 characters. This name will also be used as a network alias for all attached networks. string n/a yes
namespace (Optional) The namespace of Docker Swarm string null no
network_aliases (Optional) Aliases (alternative hostnames) for this service on all specified networks. Other containers on the same network can use either the service name or this alias to connect to one of the service's containers. See https://docs.docker.com/compose/compose-file/compose-file-v3/#aliases for more information. list(string) [] no
networks (Optional) Attaches this service to the following network IDs. You can also supply names but those will force replacement in the terraform state. set(string) [] no
ports (Optional) The ports to expose on the swarm for the service.

ports = [{
target_port = The port inside the container.
name = A random name for the port.
protocol = Represents the protocol of a port: tcp, udp or sctp. Defaults to 'tcp'.
publish_mode = Represents the mode in which the port is to be published: 'ingress' or 'host'. Defaults to 'ingress'.
published_port = The port on the swarm hosts.
}]		 
list(object({
    target_port    = number,
    name           = optional(string),
    protocol       = optional(string, "tcp"),
    publish_mode   = optional(string, "ingress")
    published_port = optional(number),
  }))
 [] no
reservation (Optional) The resource reservation of service, memory unit is MB 
object({
    cores  = optional(number)
    memory = optional(number)
    generic_resources = optional(object({
      discrete_resources_spec = optional(set(string))
      named_resources_spec    = optional(set(string))
    }))
  })
 null no
restart_policy (Optional) Restart policy for containers.

restart_policy = {
condition = Condition for restart; possible options are "none" which does not automatically restart, "on-failure" restarts on non-zero exit, "any" (default) restarts regardless of exit status.
delay = Delay between restart attempts (default is 5s) (ms|s|m|h).
max_attempts = How many times to attempt to restart a container before giving up (default: 0, i.e. never give up). If the restart does not succeed within the configured window, this attempt doesn't count toward the configured max_attempts value. For example, if max_attempts is set to '2', and the restart fails on the first attempt, more than two restarts must be attempted.
window = The time window used to evaluate the restart policy (default value is 5s, 0 means unbounded) (ms|s|m|h).
}		 
object({
    condition    = optional(string, "any")
    delay        = optional(string, "5s")
    max_attempts = optional(number, 0)
    window       = optional(string, "5s")
  })
 
{
  "condition": "any",
  "delay": "5s",
  "max_attempts": 0,
  "window": "5s"
}
 no
secret_map (Optional) Similar to the secrets variable but allows for docker secret creation from terraform resources.

secret_map = {
key = {
file_name = Represents the final filename in the filesystem.
secret_id = ID of the specific secret that we're referencing.
file_gid = Represents the file GID. Defaults to '0'.
file_mode = Represents represents the FileMode of the file. Defaults to '0o444'.
file_uid = Represents the file UID. Defaults to '0'.
secret_name = Name of the secret that this references, but this is just provided for lookup/display purposes. The config in the reference will be identified by its ID.
}
}		 
map(object({
    file_name = string
    # secret_id   = string # secret will be created and we take that resource id
    file_gid    = optional(string, "0")
    file_mode   = optional(number, 0444)
    file_uid    = optional(string, "0")
    secret_name = optional(string, null)
    secret_data = string
  }))
 {} no
secrets (Optional) The secrets to create with and add to the docker container. Creates docker secrets from non-terraform-resources. 
set(object({
    file_name   = optional(string)
    secret_id   = optional(string, null) # secret_id will be auto-generated if not provided; secrets with secret_id must exist beforehand
    file_gid    = optional(string, "0")
    file_mode   = optional(number, 0444)
    file_uid    = optional(string, "0")
    secret_name = optional(string, null)
    secret_data = string
  }))
 [] no

Outputs

Name Description
configs The configs created with and for this base docker service.
secrets The secrets created with and for this base docker service.
this The output of the base docker service.