community.docker.docker_image module – Manage docker images
Note
This module is part of the community.docker collection (version 4.4.0).
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.docker
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.docker.docker_image
.
Synopsis
Build, load or pull an image, making the image available for creating containers. Also supports tagging an image, pushing an image, and archiving an image to a
.tar
file.We recommend to use the individual modules community.docker.docker_image_build, community.docker.docker_image_export, community.docker.docker_image_load, community.docker.docker_image_pull, community.docker.docker_image_push, community.docker.docker_image_remove, and community.docker.docker_image_tag instead of this module.
Requirements
The below requirements are needed on the host that executes this module.
Docker API >= 1.25
backports.ssl_match_hostname (when using TLS on Python 2)
paramiko (when using SSH with
use_ssh_client=false
)pyOpenSSL (when using TLS)
pywin32 (when using named pipes on Windows 32)
requests
Parameters
Parameter |
Comments |
---|---|
The version of the Docker API running on the Docker Host. Defaults to the latest version of the API supported by this collection and the docker daemon. If the value is not specified in the task, the value of environment variable Default: |
|
Use with |
|
Specifies options used for building images. |
|
Provide a dictionary of Docker expects the value to be a string. For convenience any non-string values will be converted to strings. |
|
List of image names to consider as cache source. |
|
A dictionary of limits applied to each container created by the build process. |
|
CPUs in which to allow execution. For example, |
|
CPU shares (relative weight). |
|
Memory limit for build in format Omitting the unit defaults to bytes. Before community.docker 3.6.0, no units were allowed. |
|
Total memory limit (memory + swap) for build in format Omitting the unit defaults to bytes. Before community.docker 3.6.0, no units were allowed, and neither was the special value |
|
Use with This can also include a relative path (relative to |
|
Extra hosts to add to Instead of an IP address, the special value |
|
Timeout for HTTP requests during the image build operation. Provide a positive integer value for the number of seconds. |
|
Dictionary of key value pairs. |
|
The network to use for |
|
Do not use cache when building an image. Choices:
|
|
Use with state ‘present’ to build an image. Will be the path to a directory containing the context and Dockerfile for building an image. |
|
Platform in the format |
|
When building an image downloads any updates to the FROM image in Dockerfile. Choices:
|
|
Remove intermediate containers after build. Choices:
|
|
Size of Omitting the unit defaults to bytes. If you omit the size entirely, Docker daemon uses |
|
When building an image specifies an intermediate build stage by name as a final stage for the resulting image. |
|
If set to Choices:
|
|
Use a CA certificate when performing server verification by providing the path to a CA certificate file. If the value is not specified in the task and the environment variable This option was called |
|
Path to the client’s TLS certificate file. If the value is not specified in the task and the environment variable |
|
Path to the client’s TLS key file. If the value is not specified in the task and the environment variable |
|
Debug mode Choices:
|
|
The URL or Unix socket path used to connect to the Docker API. To connect to a remote host, provide the TCP connection string. For example, If the value is not specified in the task, the value of environment variable Default: |
|
Use with Choices:
|
|
Use with Choices:
|
|
Use with Set |
|
Image name. Name format will be one of: Note that image IDs (hashes) are only supported for |
|
Specifies options used for pulling images. |
|
When pulling an image, ask for this specific platform. Note that this value is not used to determine whether the image needs to be pulled. This might change in the future in a minor release, though. |
|
Push the image to the registry. Specify the registry as part of the Choices:
|
|
Use with Expects format If |
|
Determines where the module will try to retrieve the image from. Use Use Use Use Choices:
|
|
Make assertions about the state of an image. When When Choices:
|
|
The maximum amount of time in seconds to wait on a response from the API. If the value is not specified in the task, the value of environment variable Default: |
|
Secure the connection to the API by using TLS without verifying the authenticity of the Docker host server. Note that if If the value is not specified in the task, the value of environment variable Choices:
|
|
When verifying the authenticity of the Docker Host server, provide the expected name of the server. If the value is not specified in the task, the value of environment variable Note that this option had a default value |
|
For SSH transports, use the Choices:
|
|
Secure the connection to the API by using TLS and verifying the authenticity of the Docker host server. If the value is not specified in the task, the value of environment variable Choices:
|
Attributes
Attribute |
Support |
Description |
---|---|---|
Action groups: community.docker.docker, docker |
Use |
|
Support: partial When trying to pull an image, the module assumes this is always changed in check mode. |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
|
Support: partial Whether the module is idempotent depends on the exact parameters, in particular of |
When run twice in a row outside check mode, with the same arguments, the second invocation indicates no change. This assumes that the system controlled/queried by the module has not changed in a relevant way. |
Notes
Note
Building images is done using Docker daemon’s API. It is not possible to use BuildKit / buildx this way. Use community.docker.docker_image_build to build images with BuildKit.
Connect to the Docker daemon by providing parameters with each task or by defining environment variables. You can define
DOCKER_HOST
,DOCKER_TLS_HOSTNAME
,DOCKER_API_VERSION
,DOCKER_CERT_PATH
,DOCKER_TLS
,DOCKER_TLS_VERIFY
andDOCKER_TIMEOUT
. If you are using docker machine, run the script shipped with the product that sets up the environment. It will set these variables for you. See https://docs.docker.com/machine/reference/env/ for more details.This module does not use the Docker SDK for Python to communicate with the Docker daemon. It uses code derived from the Docker SDK or Python that is included in this collection.
See Also
See also
- community.docker.docker_image_build
Build Docker images using Docker buildx.
- community.docker.docker_image_export
Export (archive) Docker images.
- community.docker.docker_image_info
Inspect docker images.
- community.docker.docker_image_load
Load docker image(s) from archives.
- community.docker.docker_image_pull
Pull Docker images from registries.
- community.docker.docker_image_push
Push Docker images to registries.
- community.docker.docker_image_remove
Remove Docker images.
- community.docker.docker_image_tag
Tag Docker images with new names and/or tags.
Examples
- name: Pull an image
community.docker.docker_image:
name: pacur/centos-7
source: pull
# Select platform for pulling. If not specified, will pull whatever docker prefers.
pull:
platform: amd64
- name: Tag and push to docker hub
community.docker.docker_image:
name: pacur/centos-7:56
repository: dcoppenhagan/myimage:7.56
push: true
source: local
- name: Tag and push to local registry
community.docker.docker_image:
# Image will be centos:7
name: centos
# Will be pushed to localhost:5000/centos:7
repository: localhost:5000/centos
tag: 7
push: true
source: local
- name: Add tag latest to image
community.docker.docker_image:
name: myimage:7.1.2
repository: myimage:latest
# As 'latest' usually already is present, we need to enable overwriting of existing tags:
force_tag: true
source: local
- name: Remove image
community.docker.docker_image:
state: absent
name: registry.ansible.com/chouseknecht/sinatra
tag: v1
- name: Build an image and push it to a private repo
community.docker.docker_image:
build:
path: ./sinatra
name: registry.ansible.com/chouseknecht/sinatra
tag: v1
push: true
source: build
- name: Archive image
community.docker.docker_image:
name: registry.ansible.com/chouseknecht/sinatra
tag: v1
archive_path: my_sinatra.tar
source: local
- name: Load image from archive and push to a private registry
community.docker.docker_image:
name: localhost:5000/myimages/sinatra
tag: v1
push: true
load_path: my_sinatra.tar
source: load
- name: Build image and with build args
community.docker.docker_image:
name: myimage
build:
path: /path/to/build/dir
args:
log_volume: /var/log/myapp
listen_port: 8080
source: build
- name: Build image using cache source
community.docker.docker_image:
name: myimage:latest
build:
path: /path/to/build/dir
# Use as cache source for building myimage
cache_from:
- nginx:latest
- alpine:3.8
source: build
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
Image inspection results for the affected image. Returned: success Sample: |
|
Docker build output when building an image. Returned: success Sample: |