salt.modules.lxd

Module for managing the LXD daemon and its containers.

New in version 2019.2.0.

LXD(1) is a container "hypervisor". This execution module provides several functions to help manage it and its containers.

Note

  • pylxd(2) version >=2.2.5 is required to let this work, currently only available via pip.

    To install on Ubuntu:

    $ apt-get install libssl-dev python-pip $ pip install -U pylxd

  • you need lxd installed on the minion for the init() and version() methods.

  • for the config_get() and config_get() methods you need to have lxd-client installed.

maintainer:René Jochum <rene@jochums.at>
maturity:new
depends:python-pylxd
platform:Linux
salt.modules.lxd.authenticate(remote_addr, password, cert, key, verify_cert=True)

Authenticate with a remote LXDaemon.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443
password :
The password of the remote.
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false

See the requests-docs for the SSL stuff.

salt.modules.lxd.config_get(key)

Get an LXD daemon config option

key :
The key of the config value to retrieve

CLI Examples:

salt '*' lxd.config_get core.https_address
salt.modules.lxd.config_set(key, value)

Set an LXD daemon config option

CLI Examples:

To listen on IPv4 and IPv6 port 8443, you can omit the :8443 its the default:

salt '*' lxd.config_set core.https_address [::]:8443

To set the server trust password:

salt '*' lxd.config_set core.trust_password blah
salt.modules.lxd.container_config_delete(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a container config value

name :
Name of the container
config_key :
The config key to delete
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_config_get(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a container config value

name :
Name of the container
config_key :
The config key to retrieve
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_config_set(name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True)

Set a container config value

name :
Name of the container
config_key :
The config key to set
config_value :
The config value to set
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_create(name, source, profiles=None, config=None, devices=None, architecture=u'x86_64', ephemeral=False, wait=True, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Create a container

name :
The name of the container
source :
Can be either a string containing an image alias:
"xenial/amd64"
or an dict with type "image" with alias:
{"type": "image",
"alias": "xenial/amd64"}
or image with "fingerprint":
{"type": "image",
"fingerprint": "SHA-256"}
or image with "properties":
{"type": "image",
"properties": {
"os": "ubuntu", "release": "14.04", "architecture": "x86_64"}}
or none:
{"type": "none"}
or copy:
{"type": "copy",
"source": "my-old-container"}
profiles
: ['default']
List of profiles to apply on this container
config :

A config dict or None (None = unset).

Can also be a list:
[{'key': 'boot.autostart', 'value': 1},
{'key': 'security.privileged', 'value': '1'}]
devices :
A device dict or None (None = unset).
architecture
: 'x86_64'
Can be one of the following:
  • unknown
  • i686
  • x86_64
  • armv7l
  • aarch64
  • ppc
  • ppc64
  • ppc64le
  • s390x
ephemeral
: False
Destroy this container after stop?
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
_raw
: False
Return the raw pyxld object or a dict?

CLI Examples:

salt '*' lxd.container_create test xenial/amd64

See also the rest-api-docs.

salt.modules.lxd.container_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a container

name :
Name of the container to delete
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_device_add(name, device_name, device_type=u'disk', remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs)

Add a container device

name :
Name of the container
device_name :
The device name to add
device_type :
Type of the device
** kwargs :
Additional device args
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_device_delete(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a container device

name :
Name of the container
device_name :
The device name to delete
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_device_get(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a container device

name :
Name of the container
device_name :
The device name to retrieve
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_execute(name, cmd, remote_addr=None, cert=None, key=None, verify_cert=True)

Execute a command list on a container.

name :
Name of the container
cmd :

Command to be executed (as a list)

Example :
'["ls", "-l"]'
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

salt '*' lxd.container_execute <container name> '["ls", "-l"]'
salt.modules.lxd.container_file_get(name, src, dst, overwrite=False, mode=None, uid=None, gid=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a file from a container

name :
Name of the container
src :
The source file or directory
dst :
The destination file or directory
mode :
Set file mode to octal number
uid :
Set file uid (owner)
gid :
Set file gid (group)
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_file_put(name, src, dst, recursive=False, overwrite=False, mode=None, uid=None, gid=None, saltenv=u'base', remote_addr=None, cert=None, key=None, verify_cert=True)

Put a file into a container

name :
Name of the container
src :
The source file or directory
dst :
The destination file or directory
recursive :
Decent into src directory
overwrite :
Replace destination if it exists
mode :
Set file mode to octal number
uid :
Set file uid (owner)
gid :
Set file gid (group)
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

salt '*' lxd.container_file_put <container name> /var/tmp/foo /var/tmp/
salt.modules.lxd.container_freeze(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Freeze a container

name :
Name of the container to freeze
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_get(name=None, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Gets a container from the LXD

name :
The name of the container to get.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
_raw :
Return the pylxd object, this is internal and by states in use.
salt.modules.lxd.container_list(list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Lists containers

list_names
: False
Only return a list of names when True
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

Full dict with all available informations:

salt '*' lxd.container_list

For a list of names:

salt '*' lxd.container_list true

See also container-attributes.

salt.modules.lxd.container_migrate(name, stop_and_start=False, remote_addr=None, cert=None, key=None, verify_cert=True, src_remote_addr=None, src_cert=None, src_key=None, src_verify_cert=None)

Migrate a container.

If the container is running, it either must be shut down first (use stop_and_start=True) or criu must be installed on the source and destination machines.

For this operation both certs need to be authenticated, use lxd.authenticate <salt.modules.lxd.authenticate to authenticate your cert(s).

name :
Name of the container to migrate
stop_and_start :
Stop the container on the source and start it on dest
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

# Authorize
salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false
salt '*' lxd.authenticate https://srv02:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false

# Migrate phpmyadmin from srv01 to srv02
salt '*' lxd.container_migrate phpmyadmin stop_and_start=true remote_addr=https://srv02:8443 cert=~/.config/lxc/client.crt key=~/.config/lxc/client.key verify_cert=False src_remote_addr=https://srv01:8443
salt.modules.lxd.container_rename(name, newname, remote_addr=None, cert=None, key=None, verify_cert=True)

Rename a container

name :
Name of the container to Rename
newname :
The new name of the contianer
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_restart(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Restart a container

name :
Name of the container to restart
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_start(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Start a container

name :
Name of the container to start
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_state(name=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Get container state

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_stop(name, timeout=30, force=True, remote_addr=None, cert=None, key=None, verify_cert=True)

Stop a container

name :
Name of the container to stop
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.container_unfreeze(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Unfreeze a container

name :
Name of the container to unfreeze
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
salt.modules.lxd.image_alias_add(image, alias, description=u'', remote_addr=None, cert=None, key=None, verify_cert=True)

Create an alias on the given image

image :
An image alias, a fingerprint or a image object
alias :
The alias to add
description :
Description of the alias
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

$ salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
salt.modules.lxd.image_alias_delete(image, alias, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete an alias (this is currently not restricted to the image)

image :
An image alias, a fingerprint or a image object
alias :
The alias to delete
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

$ salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
salt.modules.lxd.image_copy_lxd(source, src_remote_addr, src_cert, src_key, src_verify_cert, remote_addr, cert, key, verify_cert=True, aliases=None, public=None, auto_update=None, _raw=False)

Copy an image from another LXD instance

source :
An alias or a fingerprint of the source.
src_remote_addr :

An URL to the source remote daemon

Examples:
https://mysourceserver.lan:8443
src_cert :

PEM Formatted SSL Certificate for the source

Examples:
~/.config/lxc/client.crt
src_key :

PEM Formatted SSL Key for the source

Examples:
~/.config/lxc/client.key
src_verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
remote_addr :

Address of the destination daemon

Examples:
https://mydestserver.lan:8443
cert :

PEM Formatted SSL Certificate for the destination

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key for the destination

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
aliases
: []
List of aliases to append to the copied image
public
: None
Make this image public available, None = copy source
auto_update
: None
Wherever to auto-update from the original source, None = copy source
_raw
: False
Return the raw pylxd object or a dict of the destination image?

CLI Examples:

$ salt '*' lxd.image_copy_lxd xenial/amd64 https://srv01:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false https://srv02:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false aliases="['xenial/amd64']"
salt.modules.lxd.image_delete(image, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete an image by an alias or fingerprint

name :
The alias or fingerprint of the image to delete, can be a obj for the states.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

..code-block:: bash

$ salt '*' lxd.image_delete xenial/amd64
salt.modules.lxd.image_from_file(filename, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, saltenv=u'base', _raw=False)

Create an image from a file

filename :
The filename of the rootfs
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
aliases
: []
List of aliases to append to the copied image
public
: False
Make this image public available
saltenv
: base
The saltenv to use for salt:// copies
_raw
: False
Return the raw pylxd object or a dict of the image?

CLI Examples:

..code-block:: bash

$ salt '*' lxd.image_from_file salt://lxd/files/busybox.tar.xz aliases=["busybox-amd64"]
salt.modules.lxd.image_from_simplestreams(server, alias, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False)

Create an image from simplestreams

server :
Simplestreams server URI
alias :
The alias of the image to retrieve
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
aliases
: []
List of aliases to append to the copied image
public
: False
Make this image public available
auto_update
: False
Should LXD auto update that image?
_raw
: False
Return the raw pylxd object or a dict of the image?

CLI Examples:

..code-block:: bash

$ salt '*' lxd.image_from_simplestreams "https://cloud-images.ubuntu.com/releases" "trusty/amd64" aliases='["t", "trusty/amd64"]' auto_update=True
salt.modules.lxd.image_from_url(url, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False)

Create an image from an url

url :
The URL from where to download the image
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
aliases
: []
List of aliases to append to the copied image
public
: False
Make this image public available
auto_update
: False
Should LXD auto update that image?
_raw
: False
Return the raw pylxd object or a dict of the image?

CLI Examples:

..code-block:: bash

$ salt '*' lxd.image_from_url https://dl.stgraber.org/lxd aliases='["busybox-amd64"]'
salt.modules.lxd.image_get(fingerprint, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Get an image by its fingerprint

fingerprint :
The fingerprint of the image to retrieve
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
_raw
: False
Return the raw pylxd object or a dict of it?

CLI Examples:

..code-block:: bash

$ salt '*' lxd.image_get <fingerprint>
salt.modules.lxd.image_get_by_alias(alias, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Get an image by an alias

alias :
The alias of the image to retrieve
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
_raw
: False
Return the raw pylxd object or a dict of it?

CLI Examples:

..code-block:: bash

$ salt '*' lxd.image_get_by_alias xenial/amd64
salt.modules.lxd.image_list(list_aliases=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Lists all images from the LXD.

list_aliases :

Return a dict with the fingerprint as key and a list of aliases as value instead.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

$ salt '*' lxd.image_list true --out=json
$ salt '*' lxd.image_list --out=json
salt.modules.lxd.init(storage_backend=u'dir', trust_password=None, network_address=None, network_port=None, storage_create_device=None, storage_create_loop=None, storage_pool=None)

Calls lxd init --auto -- opts

storage_backend :
Storage backend to use (zfs or dir, default: dir)
trust_password :
Password required to add new clients
network_address
: None
Address to bind LXD to (default: none)
network_port
: None
Port to bind LXD to (Default: 8443)
storage_create_device
: None
Setup device based storage using this DEVICE
storage_create_loop
: None
Setup loop based storage with this SIZE in GB
storage_pool
: None
Storage pool to use or create

CLI Examples:

To listen on all IPv4/IPv6 Addresses:

salt '*' lxd.init dir PaSsW0rD [::]

To not listen on Network:

salt '*' lxd.init
salt.modules.lxd.normalize_input_values(config, devices)

normalize config input so returns can be put into mongodb, which doesn't like .

This is not meant to be used on the commandline.

CLI Examples:

salt '*' lxd.normalize_input_values config={} devices={}
salt.modules.lxd.profile_config_delete(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a profile config item.

name :
The name of the profile to delete the config item.
config_key :
The config key for the value to retrieve.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_config_delete autostart boot.autostart.delay
salt.modules.lxd.profile_config_get(name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a profile config item.

name :
The name of the profile to get the config item from.
config_key :
The key for the item to retrieve.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_config_get autostart boot.autostart
salt.modules.lxd.profile_config_set(name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True)

Set a profile config item.

name :
The name of the profile to set the config item to.
config_key :
The items key.
config_value :
Its items value.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_config_set autostart boot.autostart 0
salt.modules.lxd.profile_create(name, config=None, devices=None, description=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Creates a profile.

name :
The name of the profile to get.
config :

A config dict or None (None = unset).

Can also be a list:
[{'key': 'boot.autostart', 'value': 1},
{'key': 'security.privileged', 'value': '1'}]
devices :
A device dict or None (None = unset).
description :
A description string or None (None = unset).
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

$ salt '*' lxd.profile_create autostart config="{boot.autostart: 1, boot.autostart.delay: 2, boot.autostart.priority: 1}"
$ salt '*' lxd.profile_create shared_mounts devices="{shared_mount: {type: 'disk', source: '/home/shared', path: '/home/shared'}}"

See the lxd-docs for the details about the config and devices dicts.

salt.modules.lxd.profile_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True)

Deletes a profile.

name :
The name of the profile to delete.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_delete shared_mounts
salt.modules.lxd.profile_device_delete(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a profile device.

name :
The name of the profile to delete the device.
device_name :
The name of the device to delete.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_device_delete autostart eth1
salt.modules.lxd.profile_device_get(name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True)

Get a profile device.

name :
The name of the profile to get the device from.
device_name :
The name of the device to retrieve.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_device_get default eth0
salt.modules.lxd.profile_device_set(name, device_name, device_type=u'disk', remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs)

Set a profile device.

name :
The name of the profile to set the device to.
device_name :
The name of the device to set.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Example:

$ salt '*' lxd.profile_device_set autostart eth1 nic nictype=bridged parent=lxdbr0
salt.modules.lxd.profile_get(name, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False)

Gets a profile from the LXD

name :
The name of the profile to get.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.
_raw :
Return the pylxd object, this is internal and by states in use.

CLI Examples:

$ salt '*' lxd.profile_get autostart
salt.modules.lxd.profile_list(list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True)

Lists all profiles from the LXD.

list_names :

Return a list of names instead of full blown dicts.
remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

CLI Examples:

salt '*' lxd.profile_list true --out=json
salt '*' lxd.profile_list --out=json
salt.modules.lxd.pylxd_client_get(remote_addr=None, cert=None, key=None, verify_cert=True)

Get an pyxld client, this is not ment to be runned over the CLI.

remote_addr :

An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address!

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normaly uses self-signed certificates.

See the requests-docs for the SSL stuff.

salt.modules.lxd.pylxd_save_object(obj)
Saves an object (profile/image/container) and
translate its execpetion on failure
obj :
The object to save

This is an internal method, no CLI Example.

salt.modules.lxd.pylxd_version()

Returns the actual pylxd version.

CLI Example:

salt '*' lxd.pylxd_version
salt.modules.lxd.snapshots_all(container, remote_addr=None, cert=None, key=None, verify_cert=True)

Get all snapshots for a container

container :
The name of the container to get.
remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Verify the ssl certificate. Default: True

CLI Examples:

$ salt '*' lxd.snapshots_all test-container
salt.modules.lxd.snapshots_create(container, name=None, remote_addr=None, cert=None, key=None, verify_cert=True)

Create a snapshot for a container

container :
The name of the container to get.
name :
The name of the snapshot.
remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Verify the ssl certificate. Default: True

CLI Examples:

$ salt '*' lxd.snapshots_create test-container test-snapshot
salt.modules.lxd.snapshots_delete(container, name, remote_addr=None, cert=None, key=None, verify_cert=True)

Delete a snapshot for a container

container :
The name of the container to get.
name :
The name of the snapshot.
remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Verify the ssl certificate. Default: True

CLI Examples:

$ salt '*' lxd.snapshots_delete test-container test-snapshot
salt.modules.lxd.snapshots_get(container, name, remote_addr=None, cert=None, key=None, verify_cert=True)

Get information about snapshot for a container

container :
The name of the container to get.
name :
The name of the snapshot.
remote_addr :

An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined.

Examples:
https://myserver.lan:8443 /var/lib/mysocket.sock
cert :

PEM Formatted SSL Certificate.

Examples:
~/.config/lxc/client.crt
key :

PEM Formatted SSL Key.

Examples:
~/.config/lxc/client.key
verify_cert
: True
Verify the ssl certificate. Default: True

CLI Examples:

$ salt '*' lxd.snapshots_get test-container test-snapshot
salt.modules.lxd.sync_config_devices(obj, newconfig, newdevices, test=False)

Syncs the given config and devices with the object (a profile or a container) returns a changes dict with all changes made.

obj :
The object to sync with / or just test with.
newconfig:
The new config to check with the obj.
newdevices:
The new devices to check with the obj.
test:
Wherever to not change anything and give "Would change" message.
salt.modules.lxd.version()

Returns the actual lxd version.

CLI Example:

salt '*' lxd.version