salt.modules.lxd
Module for managing the LXD daemon and its containers.
New in version 2019.2.0.
LXD(1) is a container "hypervisor". This execution module provides several functions to help manage it and its containers.
Note
-
pylxd(2) version >=2.2.5 is required to let this work, currently only available via pip.
To install on Ubuntu:
$ apt-get install libssl-dev python-pip $ pip install -U pylxd
you need lxd installed on the minion for the init() and version() methods.
for the config_get() and config_get() methods you need to have lxd-client installed.
- maintainer
-
René Jochum <rene@jochums.at>
- maturity
-
new
- depends
-
python-pylxd
- platform
-
Linux
-
Authenticate with a remote LXDaemon.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
- password :
-
The password of the remote.
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false
See the requests-docs for the SSL stuff.
salt.modules.lxd.authenticate(remote_addr, password, cert, key, verify_cert=True)
-
Get an LXD daemon config option
- key :
-
The key of the config value to retrieve
CLI Examples:
salt '*' lxd.config_get core.https_address
salt.modules.lxd.config_get(key)
-
Set an LXD daemon config option
CLI Examples:
To listen on IPv4 and IPv6 port 8443, you can omit the :8443 its the default:
salt '*' lxd.config_set core.https_address [::]:8443
To set the server trust password:
salt '*' lxd.config_set core.trust_password blah
salt.modules.lxd.config_set(key, value)
-
Delete a container config value
- name :
-
Name of the container
- config_key :
-
The config key to delete
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_config_delete(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get a container config value
- name :
-
Name of the container
- config_key :
-
The config key to retrieve
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_config_get(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Set a container config value
- name :
-
Name of the container
- config_key :
-
The config key to set
- config_value :
-
The config value to set
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_config_set(name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Create a container
- name :
-
The name of the container
- source :
-
- Can be either a string containing an image alias:
-
"xenial/amd64"
- or an dict with type "image" with alias:
-
- {"type": "image",
-
"alias": "xenial/amd64"}
- or image with "fingerprint":
-
- {"type": "image",
-
"fingerprint": "SHA-256"}
- or image with "properties":
-
- {"type": "image",
-
- "properties": {
-
"os": "ubuntu", "release": "14.04", "architecture": "x86_64"}}
- or none:
-
{"type": "none"}
- or copy:
-
- {"type": "copy",
-
"source": "my-old-container"}
- profiles['default']
-
List of profiles to apply on this container
- config :
-
A config dict or None (None = unset).
- Can also be a list:
-
- [{'key': 'boot.autostart', 'value': 1},
-
{'key': 'security.privileged', 'value': '1'}]
- devices :
-
A device dict or None (None = unset).
- architecture'x86_64'
-
- Can be one of the following:
-
unknown
i686
x86_64
armv7l
aarch64
ppc
ppc64
ppc64le
s390x
- ephemeralFalse
-
Destroy this container after stop?
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- _rawFalse
-
Return the raw pyxld object or a dict?
CLI Examples:
salt '*' lxd.container_create test xenial/amd64
See also the rest-api-docs.
salt.modules.lxd.container_create(name, source, profiles=None, config=None, devices=None, architecture='x86_64', ephemeral=False, wait=True, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)
-
Delete a container
- name :
-
Name of the container to delete
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Add a container device
- name :
-
Name of the container
- device_name :
-
The device name to add
- device_type :
-
Type of the device
- ** kwargs :
-
Additional device args
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_device_add(name, device_name, device_type='disk', remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs)
-
Delete a container device
- name :
-
Name of the container
- device_name :
-
The device name to delete
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_device_delete(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get a container device
- name :
-
Name of the container
- device_name :
-
The device name to retrieve
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_device_get(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Execute a command list on a container.
- name :
-
Name of the container
- cmd :
-
Command to be executed (as a list)
- Example :
-
'["ls", "-l"]'
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.container_execute <container name> '["ls", "-l"]'
salt.modules.lxd.container_execute(name, cmd, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get a file from a container
- name :
-
Name of the container
- src :
-
The source file or directory
- dst :
-
The destination file or directory
- mode :
-
Set file mode to octal number
- uid :
-
Set file uid (owner)
- gid :
-
Set file gid (group)
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_file_get(name, src, dst, overwrite=False, mode=None, uid=None, gid=None, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Put a file into a container
- name :
-
Name of the container
- src :
-
The source file or directory
- dst :
-
The destination file or directory
- recursive :
-
Decent into src directory
- overwrite :
-
Replace destination if it exists
- mode :
-
Set file mode to octal number
- uid :
-
Set file uid (owner)
- gid :
-
Set file gid (group)
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.container_file_put <container name> /var/tmp/foo /var/tmp/
salt.modules.lxd.container_file_put(name, src, dst, recursive=False, overwrite=False, mode=None, uid=None, gid=None, saltenv='base', remote_addr=None, cert=None, key=None, verify_cert=True)
-
Freeze a container
- name :
-
Name of the container to freeze
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_freeze(name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Gets a container from the LXD
- name :
-
The name of the container to get.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- _raw :
-
Return the pylxd object, this is internal and by states in use.
salt.modules.lxd.container_get(name=None, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)
-
Lists containers
- list_namesFalse
-
Only return a list of names when True
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
Full dict with all available information:
salt '*' lxd.container_list
For a list of names:
salt '*' lxd.container_list true
See also container-attributes.
salt.modules.lxd.container_list(list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Migrate a container.
If the container is running, it either must be shut down first (use stop_and_start=True) or criu must be installed on the source and destination machines.
For this operation both certs need to be authenticated, use
lxd.authenticate <salt.modules.lxd.authenticate
to authenticate your cert(s).- name :
-
Name of the container to migrate
- stop_and_start :
-
Stop the container on the source and start it on dest
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
# Authorize salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false salt '*' lxd.authenticate https://srv02:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false # Migrate phpmyadmin from srv01 to srv02 salt '*' lxd.container_migrate phpmyadmin stop_and_start=true remote_addr=https://srv02:8443 cert=~/.config/lxc/client.crt key=~/.config/lxc/client.key verify_cert=False src_remote_addr=https://srv01:8443
salt.modules.lxd.container_migrate(name, stop_and_start=False, remote_addr=None, cert=None, key=None, verify_cert=True, src_remote_addr=None, src_cert=None, src_key=None, src_verify_cert=None)
-
Rename a container
- name :
-
Name of the container to Rename
- newname :
-
The new name of the container
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_rename(name, newname, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Restart a container
- name :
-
Name of the container to restart
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_restart(name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Start a container
- name :
-
Name of the container to start
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_start(name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get container state
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_state(name=None, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Stop a container
- name :
-
Name of the container to stop
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_stop(name, timeout=30, force=True, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Unfreeze a container
- name :
-
Name of the container to unfreeze
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
salt.modules.lxd.container_unfreeze(name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Create an alias on the given image
- image :
-
An image alias, a fingerprint or a image object
- alias :
-
The alias to add
- description :
-
Description of the alias
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
salt.modules.lxd.image_alias_add(image, alias, description='', remote_addr=None, cert=None, key=None, verify_cert=True)
-
Delete an alias (this is currently not restricted to the image)
- image :
-
An image alias, a fingerprint or a image object
- alias :
-
The alias to delete
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
salt.modules.lxd.image_alias_delete(image, alias, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Copy an image from another LXD instance
- source :
-
An alias or a fingerprint of the source.
- src_remote_addr :
-
An URL to the source remote daemon
- Examples:
- src_cert :
-
PEM Formatted SSL Certificate for the source
- Examples:
-
~/.config/lxc/client.crt
- src_key :
-
PEM Formatted SSL Key for the source
- Examples:
-
~/.config/lxc/client.key
- src_verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- remote_addr :
-
Address of the destination daemon
- Examples:
- cert :
-
PEM Formatted SSL Certificate for the destination
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key for the destination
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- aliases[]
-
List of aliases to append to the copied image
- publicNone
-
Make this image public available, None = copy source
- auto_updateNone
-
Wherever to auto-update from the original source, None = copy source
- _rawFalse
-
Return the raw pylxd object or a dict of the destination image?
CLI Examples:
salt '*' lxd.image_copy_lxd xenial/amd64 https://srv01:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false https://srv02:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false aliases="['xenial/amd64']"
salt.modules.lxd.image_copy_lxd(source, src_remote_addr, src_cert, src_key, src_verify_cert, remote_addr, cert, key, verify_cert=True, aliases=None, public=None, auto_update=None, _raw=False)
-
Delete an image by an alias or fingerprint
- name :
-
The alias or fingerprint of the image to delete, can be a obj for the states.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
salt '*' lxd.image_delete xenial/amd64
salt.modules.lxd.image_delete(image, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Create an image from a file
- filename :
-
The filename of the rootfs
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- aliases[]
-
List of aliases to append to the copied image
- publicFalse
-
Make this image public available
- saltenvbase
-
The saltenv to use for salt:// copies
- _rawFalse
-
Return the raw pylxd object or a dict of the image?
CLI Examples:
salt '*' lxd.image_from_file salt://lxd/files/busybox.tar.xz aliases=["busybox-amd64"]
salt.modules.lxd.image_from_file(filename, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, saltenv='base', _raw=False)
-
Create an image from simplestreams
- server :
-
Simplestreams server URI
- alias :
-
The alias of the image to retrieve
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- aliases[]
-
List of aliases to append to the copied image
- publicFalse
-
Make this image public available
- auto_updateFalse
-
Should LXD auto update that image?
- _rawFalse
-
Return the raw pylxd object or a dict of the image?
CLI Examples:
salt '*' lxd.image_from_simplestreams "https://cloud-images.ubuntu.com/releases" "trusty/amd64" aliases='["t", "trusty/amd64"]' auto_update=True
salt.modules.lxd.image_from_simplestreams(server, alias, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False)
-
Create an image from an url
- url :
-
The URL from where to download the image
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- aliases[]
-
List of aliases to append to the copied image
- publicFalse
-
Make this image public available
- auto_updateFalse
-
Should LXD auto update that image?
- _rawFalse
-
Return the raw pylxd object or a dict of the image?
CLI Examples:
salt '*' lxd.image_from_url https://dl.stgraber.org/lxd aliases='["busybox-amd64"]'
salt.modules.lxd.image_from_url(url, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False)
-
Get an image by its fingerprint
- fingerprint :
-
The fingerprint of the image to retrieve
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- _rawFalse
-
Return the raw pylxd object or a dict of it?
CLI Examples:
salt '*' lxd.image_get <fingerprint>
salt.modules.lxd.image_get(fingerprint, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)
-
Get an image by an alias
- alias :
-
The alias of the image to retrieve
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- _rawFalse
-
Return the raw pylxd object or a dict of it?
CLI Examples:
salt '*' lxd.image_get_by_alias xenial/amd64
salt.modules.lxd.image_get_by_alias(alias, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)
-
Lists all images from the LXD.
list_aliases :
Return a dict with the fingerprint as key and a list of aliases as value instead.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
salt '*' lxd.image_list true --out=json salt '*' lxd.image_list --out=json
salt.modules.lxd.image_list(list_aliases=False, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Calls lxd init --auto -- opts
- storage_backend :
-
Storage backend to use (zfs or dir, default: dir)
- trust_password :
-
Password required to add new clients
- network_addressNone
-
Address to bind LXD to (default: none)
- network_portNone
-
Port to bind LXD to (Default: 8443)
- storage_create_deviceNone
-
Setup device based storage using this DEVICE
- storage_create_loopNone
-
Setup loop based storage with this SIZE in GB
- storage_poolNone
-
Storage pool to use or create
CLI Examples:
To listen on all IPv4/IPv6 Addresses:
salt '*' lxd.init dir PaSsW0rD [::]
To not listen on Network:
salt '*' lxd.init
salt.modules.lxd.init(storage_backend='dir', trust_password=None, network_address=None, network_port=None, storage_create_device=None, storage_create_loop=None, storage_pool=None)
-
normalize config input so returns can be put into mongodb, which doesn't like .
This is not meant to be used on the commandline.
CLI Examples:
salt '*' lxd.normalize_input_values config={} devices={}
salt.modules.lxd.normalize_input_values(config, devices)
-
Delete a profile config item.
- name :
-
The name of the profile to delete the config item.
- config_key :
-
The config key for the value to retrieve.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_config_delete autostart boot.autostart.delay
salt.modules.lxd.profile_config_delete(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get a profile config item.
- name :
-
The name of the profile to get the config item from.
- config_key :
-
The key for the item to retrieve.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_config_get autostart boot.autostart
salt.modules.lxd.profile_config_get(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Set a profile config item.
- name :
-
The name of the profile to set the config item to.
- config_key :
-
The items key.
- config_value :
-
Its items value.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_config_set autostart boot.autostart 0
salt.modules.lxd.profile_config_set(name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Creates a profile.
- name :
-
The name of the profile to get.
- config :
-
A config dict or None (None = unset).
- Can also be a list:
-
- [{'key': 'boot.autostart', 'value': 1},
-
{'key': 'security.privileged', 'value': '1'}]
- devices :
-
A device dict or None (None = unset).
- description :
-
A description string or None (None = unset).
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
salt '*' lxd.profile_create autostart config="{boot.autostart: 1, boot.autostart.delay: 2, boot.autostart.priority: 1}" salt '*' lxd.profile_create shared_mounts devices="{shared_mount: {type: 'disk', source: '/home/shared', path: '/home/shared'}}"
See the lxd-docs for the details about the config and devices dicts.
salt.modules.lxd.profile_create(name, config=None, devices=None, description=None, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Deletes a profile.
- name :
-
The name of the profile to delete.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_delete shared_mounts
salt.modules.lxd.profile_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Delete a profile device.
- name :
-
The name of the profile to delete the device.
- device_name :
-
The name of the device to delete.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_device_delete autostart eth1
salt.modules.lxd.profile_device_delete(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get a profile device.
- name :
-
The name of the profile to get the device from.
- device_name :
-
The name of the device to retrieve.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_device_get default eth0
salt.modules.lxd.profile_device_get(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Set a profile device.
- name :
-
The name of the profile to set the device to.
- device_name :
-
The name of the device to set.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Example:
salt '*' lxd.profile_device_set autostart eth1 nic nictype=bridged parent=lxdbr0
salt.modules.lxd.profile_device_set(name, device_name, device_type='disk', remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs)
-
Gets a profile from the LXD
- name :
-
The name of the profile to get.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
- _raw :
-
Return the pylxd object, this is internal and by states in use.
CLI Examples:
salt '*' lxd.profile_get autostart
salt.modules.lxd.profile_get(name, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)
-
Lists all profiles from the LXD.
list_names :
Return a list of names instead of full blown dicts.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
CLI Examples:
salt '*' lxd.profile_list true --out=json salt '*' lxd.profile_list --out=json
salt.modules.lxd.profile_list(list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get an pyxld client, this is not meant to be run over the CLI.
- remote_addr :
-
An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.
See the requests-docs for the SSL stuff.
salt.modules.lxd.pylxd_client_get(remote_addr=None, cert=None, key=None, verify_cert=True)
-
- Saves an object (profile/image/container) and
-
translate its execpetion on failure
- obj :
-
The object to save
This is an internal method, no CLI Example.
salt.modules.lxd.pylxd_save_object(obj)
-
Returns the actual pylxd version.
CLI Example:
salt '*' lxd.pylxd_version
salt.modules.lxd.pylxd_version()
-
Get all snapshots for a container
- container :
-
The name of the container to get.
- remote_addr :
-
An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Verify the ssl certificate. Default: True
CLI Examples:
salt '*' lxd.snapshots_all test-container
salt.modules.lxd.snapshots_all(container, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Create a snapshot for a container
- container :
-
The name of the container to get.
- name :
-
The name of the snapshot.
- remote_addr :
-
An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Verify the ssl certificate. Default: True
CLI Examples:
salt '*' lxd.snapshots_create test-container test-snapshot
salt.modules.lxd.snapshots_create(container, name=None, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Delete a snapshot for a container
- container :
-
The name of the container to get.
- name :
-
The name of the snapshot.
- remote_addr :
-
An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Verify the ssl certificate. Default: True
CLI Examples:
salt '*' lxd.snapshots_delete test-container test-snapshot
salt.modules.lxd.snapshots_delete(container, name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Get information about snapshot for a container
- container :
-
The name of the container to get.
- name :
-
The name of the snapshot.
- remote_addr :
-
An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.
- Examples:
-
https://myserver.lan:8443 /var/lib/mysocket.sock
- cert :
-
PEM Formatted SSL Certificate.
- Examples:
-
~/.config/lxc/client.crt
- key :
-
PEM Formatted SSL Key.
- Examples:
-
~/.config/lxc/client.key
- verify_certTrue
-
Verify the ssl certificate. Default: True
CLI Examples:
salt '*' lxd.snapshots_get test-container test-snapshot
salt.modules.lxd.snapshots_get(container, name, remote_addr=None, cert=None, key=None, verify_cert=True)
-
Syncs the given config and devices with the object (a profile or a container) returns a changes dict with all changes made.
- obj :
-
The object to sync with / or just test with.
- newconfig:
-
The new config to check with the obj.
- newdevices:
-
The new devices to check with the obj.
- test:
-
Wherever to not change anything and give "Would change" message.
salt.modules.lxd.sync_config_devices(obj, newconfig, newdevices, test=False)
-
Returns the actual lxd version.
CLI Example:
salt '*' lxd.version
salt.modules.lxd.version()
© 2021 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltproject.io/en/latest/ref/modules/all/salt.modules.lxd.html