# ansible-docker-swarm

This repository contains a complete Ansible config for setting up a Docker
Swarm on Debian 10-based nodes. I personally use it for a swarm of Raspberry
Pi's, but in theory it should work with other hosts as well.

## Inventory file

A template for the inventory file can be found in `hosts.template.ini`. The
hosts consists of three main groups:

* `admin`: the admin is the host that initializes the Swarm. It serves several
  functions:
    * It's used to initialize the Swarm.
    * It serves as the entrypoint to the Swarm.
    * It hosts the NFS share that's used for persistent storage.
* `managers`: these are the nodes that should be added as manager.
* `workers`: these nodes will be added as workers.

## Roles

The config is divided into several roles to make management easier:

* `install-python3`: replaces Python 2 with Python 3. This role currently
  crashes, because Ansible doesn't like it when you change the Python install
  during a run, but a consecutive run does work.
* `install-net-security`: installs UFW & Fail2Ban & configures them
* `install-docker`: installs Docker & any Docker-related tools
* `init-docker-swarm`: initializes the Swarm on the `admin` host
* `add-docker-swarm-managers`: adds the manager nodes to the swarm
* `add-docker-swarm-workers`: adds the worker nodes to the swarm
* `deploy-portainer`: deploys Portainer

## Use of Portainer

Portainer is a tool created for managing Docker engines, and in particular
Docker Swarm. Because I use Portainer for setting up all other services, it's
the only Docker service that I actually set up using Ansible.