salt.states.lxd_container

Manage LXD containers.

New in version 2019.2.0.

maintainer:

René Jochum <rene@jochums.at>

maturity:

new

depends:

python-pylxd

platform:

Linux

salt.states.lxd_container.absent(name, stop=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Ensure a LXD container is not present, destroying it if present

name :

The name of the container to destroy

stop :

stop before destroying default: false

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Zertifikate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.states.lxd_container.frozen(name, start=True, remote_addr=None, cert=None, key=None, verify_cert=True)

Ensure a LXD container is frozen, start and freeze it if start is true

name :

The name of the container to freeze

start :

start and freeze it

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Zertifikate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.states.lxd_container.migrated(name, remote_addr, cert, key, verify_cert, src_remote_addr, stop_and_start=False, src_cert=None, src_key=None, src_verify_cert=None)

Ensure a container is migrated to another host

If the container is running, it either must be shut down first (use stop_and_start=True) or criu must be installed on the source and destination machines.

For this operation both certs need to be authenticated, use lxd.authenticate <salt.states.lxd.authenticate to authenticate your cert(s).

name :

The container to migrate

remote_addr :

An URL to the destination remote Server

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Zertifikate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

src_remote_addr :

An URL to the source remote Server

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

stop_and_start:

Stop before migrating and start after

src_cert :

PEM Formatted SSL Zertifikate, if None we copy "cert"

Examples:

~/.config/lxc/client.crt

src_key :

PEM Formatted SSL Key, if None we copy "key"

Examples:

~/.config/lxc/client.key

src_verify_cert :

Wherever to verify the cert, if None we copy "verify_cert"

salt.states.lxd_container.present(name, running=None, source=None, profiles=None, config=None, devices=None, architecture='x86_64', ephemeral=False, restart_on_change=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Create the named container if it does not exist

name

The name of the container to be created

runningNone
  • If True, ensure that the container is running

  • If False, ensure that the container is stopped

  • If None, do nothing with regards to the running state of the container

sourceNone

Can be either a string containing an image alias:

"xenial/amd64"

or an dict with type "image" with alias:

{"type": "image",
 "alias": "xenial/amd64"}

or image with "fingerprint":

{"type": "image",
 "fingerprint": "SHA-256"}

or image with "properties":

{"type": "image",
 "properties": {
    "os": "ubuntu",
    "release": "14.04",
    "architecture": "x86_64"
 }}

or none:

{"type": "none"}

or copy:

{"type": "copy",
 "source": "my-old-container"}
profiles['default']

List of profiles to apply on this container

config :

A config dict or None (None = unset).

Can also be a list:

[{'key': 'boot.autostart', 'value': 1},
 {'key': 'security.privileged', 'value': '1'}]
devices :

A device dict or None (None = unset).

architecture'x86_64'

Can be one of the following:

  • unknown

  • i686

  • x86_64

  • armv7l

  • aarch64

  • ppc

  • ppc64

  • ppc64le

  • s390x

ephemeralFalse

Destroy this container after stop?

restart_on_changeFalse

Restart the container when we detect changes on the config or its devices?

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Zertifikate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.states.lxd_container.running(name, restart=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Ensure a LXD container is running and restart it if restart is True

name :

The name of the container to start/restart.

restart :

restart the container if it is already started.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Zertifikate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.

salt.states.lxd_container.stopped(name, kill=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Ensure a LXD container is stopped, kill it if kill is true else stop it

name :

The name of the container to stop

kill :

kill if true

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr!

Examples:

https://myserver.lan:8443 /var/lib/mysocket.sock

cert :

PEM Formatted SSL Zertifikate.

Examples:

~/.config/lxc/client.crt

key :

PEM Formatted SSL Key.

Examples:

~/.config/lxc/client.key

verify_certTrue

Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates.