salt.modules.lxd

Module for managing the LXD daemon and its containers.

New in version 2019.2.0.

LXD(1) is a container "hypervisor". This execution module provides several functions to help manage it and its containers.

Note

  • pylxd(2) version >=2.2.5 is required to let this work, currently only available via pip.

    To install on Ubuntu:

    $ apt-get install libssl-dev python-pip $ pip install -U pylxd

  • you need lxd installed on the minion for the init() and version() methods.

  • for the config_get() and config_get() methods you need to have lxd-client installed.

maintainer:

René Jochum <rene@jochums.at>

maturity:

new

depends:

python-pylxd

platform:

Linux

salt.modules.lxd.authenticate(remote_addr, password, cert, key, verify_cert=True)

Authenticate with a remote LXDaemon.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443

password :

The password of the remote.

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false

See the requests-docs for the SSL stuff.

salt.modules.lxd.config_get(key)

Get an LXD daemon config option

key :

The key of the config value to retrieve

CLI Examples:

salt '*' lxd.config_get core.https_address
salt.modules.lxd.config_set(key, value)

Set an LXD daemon config option

CLI Examples:

To listen on IPv4 and IPv6 port 8443, you can omit the :8443 its the default:

salt '*' lxd.config_set core.https_address [::]:8443

To set the server trust password:

salt '*' lxd.config_set core.trust_password blah
salt.modules.lxd.container_config_delete(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a container config value

name :

Name of the container

config_key :

The config key to delete

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_config_get(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a container config value

name :

Name of the container

config_key :

The config key to retrieve

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_config_set(name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True)

Set a container config value

name :

Name of the container

config_key :

The config key to set

config_value :

The config value to set

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_create(name, source, profiles=None, config=None, devices=None, architecture='x86_64', ephemeral=False, wait=True, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Create a container

name :

The name of the container

source :
Can be either a string containing an image alias:

"xenial/amd64"

or an dict with type "image" with alias:
{"type": "image",

"alias": "xenial/amd64"}

or image with "fingerprint":
{"type": "image",

"fingerprint": "SHA-256"}

or image with "properties":
{"type": "image",
"properties": {

"os": "ubuntu", "release": "14.04", "architecture": "x86_64"}}

or none:

{"type": "none"}

or copy:
{"type": "copy",

"source": "my-old-container"}

profiles['default']

List of profiles to apply on this container

config :

A config dict or None (None = unset).

Can also be a list:
[{'key': 'boot.autostart', 'value': 1},

{'key': 'security.privileged', 'value': '1'}]

devices :

A device dict or None (None = unset).

architecture'x86_64'
Can be one of the following:
  • unknown

  • i686

  • x86_64

  • armv7l

  • aarch64

  • ppc

  • ppc64

  • ppc64le

  • s390x

ephemeralFalse

Destroy this container after stop?

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

_rawFalse

Return the raw pyxld object or a dict?

CLI Examples:

salt '*' lxd.container_create test xenial/amd64

See also the rest-api-docs.

salt.modules.lxd.container_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a container

name :

Name of the container to delete

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_device_add(name, device_name, device_type='disk', remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs)

Add a container device

name :

Name of the container

device_name :

The device name to add

device_type :

Type of the device

** kwargs :

Additional device args

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_device_delete(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a container device

name :

Name of the container

device_name :

The device name to delete

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_device_get(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a container device

name :

Name of the container

device_name :

The device name to retrieve

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_execute(name, cmd, remote_addr=None, cert=None, key=None, verify_cert=True)

Execute a command list on a container.

name :

Name of the container

cmd :

Command to be executed (as a list)

Example :

'["ls", "-l"]'

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.container_execute <container name> '["ls", "-l"]'
salt.modules.lxd.container_file_get(name, src, dst, overwrite=False, mode=None, uid=None, gid=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a file from a container

name :

Name of the container

src :

The source file or directory

dst :

The destination file or directory

mode :

Set file mode to octal number

uid :

Set file uid (owner)

gid :

Set file gid (group)

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_file_put(name, src, dst, recursive=False, overwrite=False, mode=None, uid=None, gid=None, saltenv='base', remote_addr=None, cert=None, key=None, verify_cert=True)

Put a file into a container

name :

Name of the container

src :

The source file or directory

dst :

The destination file or directory

recursive :

Decent into src directory

overwrite :

Replace destination if it exists

mode :

Set file mode to octal number

uid :

Set file uid (owner)

gid :

Set file gid (group)

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.container_file_put <container name> /var/tmp/foo /var/tmp/
salt.modules.lxd.container_freeze(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Freeze a container

name :

Name of the container to freeze

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_get(name=None, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Gets a container from the LXD

name :

The name of the container to get.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

_raw :

Return the pylxd object, this is internal and by states in use.

salt.modules.lxd.container_list(list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Lists containers

list_namesFalse

Only return a list of names when True

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

Full dict with all available information:

salt '*' lxd.container_list

For a list of names:

salt '*' lxd.container_list true

See also container-attributes.

salt.modules.lxd.container_migrate(name, stop_and_start=False, remote_addr=None, cert=None, key=None, verify_cert=True, src_remote_addr=None, src_cert=None, src_key=None, src_verify_cert=None)

Migrate a container.

If the container is running, it either must be shut down first (use stop_and_start=True) or criu must be installed on the source and destination machines.

For this operation both certs need to be authenticated, use lxd.authenticate <salt.modules.lxd.authenticate to authenticate your cert(s).

name :

Name of the container to migrate

stop_and_start :

Stop the container on the source and start it on dest

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

# Authorize
salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false
salt '*' lxd.authenticate https://srv02:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false

# Migrate phpmyadmin from srv01 to srv02
salt '*' lxd.container_migrate phpmyadmin stop_and_start=true remote_addr=https://srv02:8443 cert=~/.config/lxc/client.crt key=~/.config/lxc/client.key verify_cert=False src_remote_addr=https://srv01:8443
salt.modules.lxd.container_rename(name, newname, remote_addr=None, cert=None, key=None, verify_cert=True)

Rename a container

name :

Name of the container to Rename

newname :

The new name of the container

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_restart(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Restart a container

name :

Name of the container to restart

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_start(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Start a container

name :

Name of the container to start

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_state(name=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Get container state

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_stop(name, timeout=30, force=True, remote_addr=None, cert=None, key=None, verify_cert=True)

Stop a container

name :

Name of the container to stop

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.container_unfreeze(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Unfreeze a container

name :

Name of the container to unfreeze

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.modules.lxd.image_alias_add(image, alias, description='', remote_addr=None, cert=None, key=None, verify_cert=True)

Create an alias on the given image

image :

An image alias, a fingerprint or a image object

alias :

The alias to add

description :

Description of the alias

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
salt.modules.lxd.image_alias_delete(image, alias, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete an alias (this is currently not restricted to the image)

image :

An image alias, a fingerprint or a image object

alias :

The alias to delete

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
salt.modules.lxd.image_copy_lxd(source, src_remote_addr, src_cert, src_key, src_verify_cert, remote_addr, cert, key, verify_cert=True, aliases=None, public=None, auto_update=None, _raw=False)

Copy an image from another LXD instance

source :

An alias or a fingerprint of the source.

src_remote_addr :

An URL to the source remote daemon

Examples:

https://mysourceserver.lan:8443

src_cert :

PEM Formatted SSL Certificate for the source

Examples:

~/.config/lxc/client.crt

src_key :

PEM Formatted SSL Key for the source

Examples:

~/.config/lxc/client.key

src_verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

remote_addr :

Address of the destination daemon

Examples:

https://mydestserver.lan:8443

cert :

PEM Formatted SSL Certificate for the destination

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key for the destination

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

aliases[]

List of aliases to append to the copied image

publicNone

Make this image public available, None = copy source

auto_updateNone

Wherever to auto-update from the original source, None = copy source

_rawFalse

Return the raw pylxd object or a dict of the destination image?

CLI Examples:

salt '*' lxd.image_copy_lxd xenial/amd64 https://srv01:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false https://srv02:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false aliases="['xenial/amd64']"
salt.modules.lxd.image_delete(image, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete an image by an alias or fingerprint

name :

The alias or fingerprint of the image to delete, can be a obj for the states.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

salt '*' lxd.image_delete xenial/amd64
salt.modules.lxd.image_from_file(filename, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, saltenv='base', _raw=False)

Create an image from a file

filename :

The filename of the rootfs

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

aliases[]

List of aliases to append to the copied image

publicFalse

Make this image public available

saltenvbase

The saltenv to use for salt:// copies

_rawFalse

Return the raw pylxd object or a dict of the image?

CLI Examples:

salt '*' lxd.image_from_file salt://lxd/files/busybox.tar.xz aliases=["busybox-amd64"]
salt.modules.lxd.image_from_simplestreams(server, alias, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False)

Create an image from simplestreams

server :

Simplestreams server URI

alias :

The alias of the image to retrieve

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

aliases[]

List of aliases to append to the copied image

publicFalse

Make this image public available

auto_updateFalse

Should LXD auto update that image?

_rawFalse

Return the raw pylxd object or a dict of the image?

CLI Examples:

salt '*' lxd.image_from_simplestreams "https://cloud-images.ubuntu.com/releases" "trusty/amd64" aliases='["t", "trusty/amd64"]' auto_update=True
salt.modules.lxd.image_from_url(url, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False)

Create an image from an url

url :

The URL from where to download the image

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

aliases[]

List of aliases to append to the copied image

publicFalse

Make this image public available

auto_updateFalse

Should LXD auto update that image?

_rawFalse

Return the raw pylxd object or a dict of the image?

CLI Examples:

salt '*' lxd.image_from_url https://dl.stgraber.org/lxd aliases='["busybox-amd64"]'
salt.modules.lxd.image_get(fingerprint, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Get an image by its fingerprint

fingerprint :

The fingerprint of the image to retrieve

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

_rawFalse

Return the raw pylxd object or a dict of it?

CLI Examples:

salt '*' lxd.image_get <fingerprint>
salt.modules.lxd.image_get_by_alias(alias, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Get an image by an alias

alias :

The alias of the image to retrieve

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

_rawFalse

Return the raw pylxd object or a dict of it?

CLI Examples:

salt '*' lxd.image_get_by_alias xenial/amd64
salt.modules.lxd.image_list(list_aliases=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Lists all images from the LXD.

list_aliases :

Return a dict with the fingerprint as key and a list of aliases as value instead.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

salt '*' lxd.image_list true --out=json
salt '*' lxd.image_list --out=json
salt.modules.lxd.init(storage_backend='dir', trust_password=None, network_address=None, network_port=None, storage_create_device=None, storage_create_loop=None, storage_pool=None)

Calls lxd init --auto -- opts

storage_backend :

Storage backend to use (zfs or dir, default: dir)

trust_password :

Password required to add new clients

network_addressNone

Address to bind LXD to (default: none)

network_portNone

Port to bind LXD to (Default: 8443)

storage_create_deviceNone

Setup device based storage using this DEVICE

storage_create_loopNone

Setup loop based storage with this SIZE in GB

storage_poolNone

Storage pool to use or create

CLI Examples:

To listen on all IPv4/IPv6 Addresses:

salt '*' lxd.init dir PaSsW0rD [::]

To not listen on Network:

salt '*' lxd.init
salt.modules.lxd.normalize_input_values(config, devices)

normalize config input so returns can be put into mongodb, which doesn't like .

This is not meant to be used on the commandline.

CLI Examples:

salt '*' lxd.normalize_input_values config={} devices={}
salt.modules.lxd.profile_config_delete(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a profile config item.

name :

The name of the profile to delete the config item.

config_key :

The config key for the value to retrieve.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_config_delete autostart boot.autostart.delay
salt.modules.lxd.profile_config_get(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a profile config item.

name :

The name of the profile to get the config item from.

config_key :

The key for the item to retrieve.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_config_get autostart boot.autostart
salt.modules.lxd.profile_config_set(name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True)

Set a profile config item.

name :

The name of the profile to set the config item to.

config_key :

The items key.

config_value :

Its items value.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_config_set autostart boot.autostart 0
salt.modules.lxd.profile_create(name, config=None, devices=None, description=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Creates a profile.

name :

The name of the profile to get.

config :

A config dict or None (None = unset).

Can also be a list:
[{'key': 'boot.autostart', 'value': 1},

{'key': 'security.privileged', 'value': '1'}]

devices :

A device dict or None (None = unset).

description :

A description string or None (None = unset).

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

salt '*' lxd.profile_create autostart config="{boot.autostart: 1, boot.autostart.delay: 2, boot.autostart.priority: 1}"
salt '*' lxd.profile_create shared_mounts devices="{shared_mount: {type: 'disk', source: '/home/shared', path: '/home/shared'}}"

See the lxd-docs for the details about the config and devices dicts.

salt.modules.lxd.profile_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Deletes a profile.

name :

The name of the profile to delete.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_delete shared_mounts
salt.modules.lxd.profile_device_delete(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a profile device.

name :

The name of the profile to delete the device.

device_name :

The name of the device to delete.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_device_delete autostart eth1
salt.modules.lxd.profile_device_get(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a profile device.

name :

The name of the profile to get the device from.

device_name :

The name of the device to retrieve.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_device_get default eth0
salt.modules.lxd.profile_device_set(name, device_name, device_type='disk', remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs)

Set a profile device.

name :

The name of the profile to set the device to.

device_name :

The name of the device to set.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Example:

salt '*' lxd.profile_device_set autostart eth1 nic nictype=bridged parent=lxdbr0
salt.modules.lxd.profile_get(name, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Gets a profile from the LXD

name :

The name of the profile to get.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

_raw :

Return the pylxd object, this is internal and by states in use.

CLI Examples:

salt '*' lxd.profile_get autostart
salt.modules.lxd.profile_list(list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Lists all profiles from the LXD.

list_names :

Return a list of names instead of full blown dicts.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

CLI Examples:

salt '*' lxd.profile_list true --out=json
salt '*' lxd.profile_list --out=json
salt.modules.lxd.pylxd_client_get(remote_addr=None, cert=None, key=None, verify_cert=True)

Get an pyxld client, this is not meant to be run over the CLI.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

See the requests-docs for the SSL stuff.

salt.modules.lxd.pylxd_save_object(obj)
Saves an object (profile/image/container) and

translate its execpetion on failure

obj :

The object to save

This is an internal method, no CLI Example.

salt.modules.lxd.pylxd_version()

Returns the actual pylxd version.

CLI Example:

salt '*' lxd.pylxd_version
salt.modules.lxd.snapshots_all(container, remote_addr=None, cert=None, key=None, verify_cert=True)

Get all snapshots for a container

container :

The name of the container to get.

remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Verify the ssl certificate. Default: True

CLI Examples:

salt '*' lxd.snapshots_all test-container
salt.modules.lxd.snapshots_create(container, name=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Create a snapshot for a container

container :

The name of the container to get.

name :

The name of the snapshot.

remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Verify the ssl certificate. Default: True

CLI Examples:

salt '*' lxd.snapshots_create test-container test-snapshot
salt.modules.lxd.snapshots_delete(container, name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a snapshot for a container

container :

The name of the container to get.

name :

The name of the snapshot.

remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Verify the ssl certificate. Default: True

CLI Examples:

salt '*' lxd.snapshots_delete test-container test-snapshot
salt.modules.lxd.snapshots_get(container, name, remote_addr=None, cert=None, key=None, verify_cert=True)

Get information about snapshot for a container

container :

The name of the container to get.

name :

The name of the snapshot.

remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Certificate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Verify the ssl certificate. Default: True

CLI Examples:

salt '*' lxd.snapshots_get test-container test-snapshot
salt.modules.lxd.sync_config_devices(obj, newconfig, newdevices, test=False)

Syncs the given config and devices with the object (a profile or a container) returns a changes dict with all changes made.

obj :

The object to sync with / or just test with.

newconfig:

The new config to check with the obj.

newdevices:

The new devices to check with the obj.

test:

Wherever to not change anything and give "Would change" message.

salt.modules.lxd.version()

Returns the actual lxd version.

CLI Example:

salt '*' lxd.version