003 File Manager
Current Path:
/usr/local/lib/python3.8/site-packages/salt/modules
usr
/
local
/
lib
/
python3.8
/
site-packages
/
salt
/
modules
/
📁
..
📄
__init__.py
(35 B)
📁
__pycache__
📄
acme.py
(12.74 KB)
📄
aix_group.py
(4.11 KB)
📄
aix_shadow.py
(1.93 KB)
📄
aixpkg.py
(10.91 KB)
📄
aliases.py
(5.07 KB)
📄
alternatives.py
(5.1 KB)
📄
ansiblegate.py
(11.38 KB)
📄
apache.py
(12.47 KB)
📄
apcups.py
(2.21 KB)
📄
apf.py
(3.09 KB)
📄
apkpkg.py
(16 KB)
📄
aptly.py
(15.28 KB)
📄
aptpkg.py
(102.35 KB)
📄
archive.py
(46.97 KB)
📄
arista_pyeapi.py
(22.06 KB)
📄
artifactory.py
(24.78 KB)
📄
at.py
(10.65 KB)
📄
at_solaris.py
(8.56 KB)
📄
augeas_cfg.py
(13.93 KB)
📄
aws_sqs.py
(6.55 KB)
📄
azurearm_compute.py
(19.55 KB)
📄
azurearm_dns.py
(14.7 KB)
📄
azurearm_network.py
(80.8 KB)
📄
azurearm_resource.py
(34.27 KB)
📄
bamboohr.py
(7.36 KB)
📄
baredoc.py
(11.13 KB)
📄
bcache.py
(28.97 KB)
📄
beacons.py
(27.89 KB)
📄
bigip.py
(69.11 KB)
📄
bluez_bluetooth.py
(6.76 KB)
📄
boto3_elasticache.py
(37.34 KB)
📄
boto3_elasticsearch.py
(53.17 KB)
📄
boto3_route53.py
(39.75 KB)
📄
boto3_sns.py
(12.93 KB)
📄
boto_apigateway.py
(61.86 KB)
📄
boto_asg.py
(35.7 KB)
📄
boto_cfn.py
(7.95 KB)
📄
boto_cloudfront.py
(12.75 KB)
📄
boto_cloudtrail.py
(14.45 KB)
📄
boto_cloudwatch.py
(10.99 KB)
📄
boto_cloudwatch_event.py
(9.48 KB)
📄
boto_cognitoidentity.py
(14.63 KB)
📄
boto_datapipeline.py
(6.94 KB)
📄
boto_dynamodb.py
(10.54 KB)
📄
boto_ec2.py
(79.29 KB)
📄
boto_efs.py
(14.05 KB)
📄
boto_elasticache.py
(23.69 KB)
📄
boto_elasticsearch_domain.py
(15.85 KB)
📄
boto_elb.py
(35.4 KB)
📄
boto_elbv2.py
(10.81 KB)
📄
boto_iam.py
(75.62 KB)
📄
boto_iot.py
(26.2 KB)
📄
boto_kinesis.py
(19.63 KB)
📄
boto_kms.py
(17.29 KB)
📄
boto_lambda.py
(35.05 KB)
📄
boto_rds.py
(34.92 KB)
📄
boto_route53.py
(32.55 KB)
📄
boto_s3.py
(4.24 KB)
📄
boto_s3_bucket.py
(31.8 KB)
📄
boto_secgroup.py
(25.22 KB)
📄
boto_sns.py
(7.22 KB)
📄
boto_sqs.py
(6.43 KB)
📄
boto_ssm.py
(3.65 KB)
📄
boto_vpc.py
(112.81 KB)
📄
bower.py
(5.89 KB)
📄
bridge.py
(10.86 KB)
📄
bsd_shadow.py
(6.92 KB)
📄
btrfs.py
(33.64 KB)
📄
cabal.py
(3.79 KB)
📄
capirca_acl.py
(40.04 KB)
📄
cassandra_cql.py
(39 KB)
📄
cassandra_mod.py
(3.97 KB)
📄
celery.py
(3.33 KB)
📄
ceph.py
(15.82 KB)
📄
chassis.py
(1.52 KB)
📄
chef.py
(4.66 KB)
📄
chocolatey.py
(39.34 KB)
📄
chronos.py
(2.89 KB)
📄
chroot.py
(11.51 KB)
📄
cimc.py
(23.02 KB)
📄
ciscoconfparse_mod.py
(14.79 KB)
📄
cisconso.py
(3.83 KB)
📄
cloud.py
(9.39 KB)
📄
cmdmod.py
(162.16 KB)
📄
composer.py
(10.31 KB)
📄
config.py
(16.85 KB)
📄
consul.py
(68.93 KB)
📄
container_resource.py
(13.36 KB)
📄
cp.py
(27.98 KB)
📄
cpan.py
(5.54 KB)
📄
cron.py
(26.8 KB)
📄
cryptdev.py
(10.08 KB)
📄
csf.py
(16.04 KB)
📄
cyg.py
(8.32 KB)
📄
daemontools.py
(5.41 KB)
📄
data.py
(3.83 KB)
📄
datadog_api.py
(7.64 KB)
📄
ddns.py
(7.04 KB)
📄
deb_apache.py
(7.41 KB)
📄
deb_postgres.py
(4.22 KB)
📄
debconfmod.py
(4.06 KB)
📄
debian_ip.py
(64.78 KB)
📄
debian_service.py
(6.6 KB)
📄
debuild_pkgbuild.py
(34.69 KB)
📄
defaults.py
(5.42 KB)
📄
devinfo.py
(9.05 KB)
📄
devmap.py
(627 B)
📄
dig.py
(7.45 KB)
📄
disk.py
(30.44 KB)
📄
djangomod.py
(7.53 KB)
📄
dnsmasq.py
(5.71 KB)
📄
dnsutil.py
(11.51 KB)
📄
dockercompose.py
(32.62 KB)
📄
dockermod.py
(224.97 KB)
📄
dpkg_lowpkg.py
(12.9 KB)
📄
drac.py
(10.97 KB)
📄
dracr.py
(38.53 KB)
📄
drbd.py
(7.19 KB)
📄
dummyproxy_pkg.py
(2.46 KB)
📄
dummyproxy_service.py
(2.91 KB)
📄
ebuildpkg.py
(38.74 KB)
📄
eix.py
(1.58 KB)
📄
elasticsearch.py
(51.44 KB)
📄
environ.py
(8.96 KB)
📄
eselect.py
(4.99 KB)
📄
esxcluster.py
(502 B)
📄
esxdatacenter.py
(514 B)
📄
esxi.py
(1.64 KB)
📄
esxvm.py
(481 B)
📄
etcd_mod.py
(7.02 KB)
📄
ethtool.py
(7.65 KB)
📄
event.py
(8.23 KB)
📄
extfs.py
(8.78 KB)
📄
file.py
(224.74 KB)
📄
firewalld.py
(20.51 KB)
📄
freebsd_sysctl.py
(4.76 KB)
📄
freebsd_update.py
(6.19 KB)
📄
freebsdjail.py
(7.16 KB)
📄
freebsdkmod.py
(6.17 KB)
📄
freebsdpkg.py
(17.04 KB)
📄
freebsdports.py
(13.13 KB)
📄
freebsdservice.py
(12.53 KB)
📄
freezer.py
(8.91 KB)
📄
gcp_addon.py
(4.07 KB)
📄
gem.py
(10.6 KB)
📄
genesis.py
(21.75 KB)
📄
gentoo_service.py
(9.18 KB)
📄
gentoolkitmod.py
(8.33 KB)
📄
git.py
(171.44 KB)
📄
github.py
(53.19 KB)
📄
glanceng.py
(4.69 KB)
📄
glassfish.py
(19.49 KB)
📄
glusterfs.py
(19.55 KB)
📄
gnomedesktop.py
(6.85 KB)
📄
google_chat.py
(1.52 KB)
📄
gpg.py
(39.99 KB)
📄
grafana4.py
(30.27 KB)
📄
grains.py
(23.67 KB)
📄
groupadd.py
(10.85 KB)
📄
grub_legacy.py
(3.08 KB)
📄
guestfs.py
(2.32 KB)
📄
hadoop.py
(3.76 KB)
📄
haproxyconn.py
(10.17 KB)
📄
hashutil.py
(6.77 KB)
📄
heat.py
(25.26 KB)
📄
helm.py
(39.27 KB)
📄
hg.py
(7.16 KB)
📄
highstate_doc.py
(22.76 KB)
📄
hosts.py
(10.47 KB)
📄
http.py
(3.75 KB)
📄
icinga2.py
(4.46 KB)
📄
idem.py
(1.75 KB)
📄
ifttt.py
(2.28 KB)
📄
ilo.py
(15.98 KB)
📄
incron.py
(7.68 KB)
📄
influxdb08mod.py
(15.07 KB)
📄
influxdbmod.py
(16.13 KB)
📄
infoblox.py
(17.53 KB)
📄
ini_manage.py
(14.63 KB)
📁
inspectlib
📄
inspector.py
(8.19 KB)
📄
introspect.py
(4.02 KB)
📄
iosconfig.py
(14.78 KB)
📄
ipmi.py
(25.45 KB)
📄
ipset.py
(17.97 KB)
📄
iptables.py
(57.33 KB)
📄
iwtools.py
(3.99 KB)
📄
jboss7.py
(20.51 KB)
📄
jboss7_cli.py
(15.23 KB)
📄
jenkinsmod.py
(11.9 KB)
📄
jinja.py
(2.66 KB)
📄
jira_mod.py
(7.07 KB)
📄
junos.py
(73.9 KB)
📄
k8s.py
(24.87 KB)
📄
kapacitor.py
(5.37 KB)
📄
kerberos.py
(5.42 KB)
📄
kernelpkg_linux_apt.py
(6.91 KB)
📄
kernelpkg_linux_yum.py
(7.46 KB)
📄
key.py
(1007 B)
📄
keyboard.py
(2.64 KB)
📄
keystone.py
(43.16 KB)
📄
keystoneng.py
(21.82 KB)
📄
keystore.py
(6.69 KB)
📄
kmod.py
(7.29 KB)
📄
kubeadm.py
(34.01 KB)
📄
kubernetesmod.py
(46.66 KB)
📄
launchctl_service.py
(9.73 KB)
📄
layman.py
(4.22 KB)
📄
ldap3.py
(18.81 KB)
📄
ldapmod.py
(5.9 KB)
📄
libcloud_compute.py
(23.51 KB)
📄
libcloud_dns.py
(9.76 KB)
📄
libcloud_loadbalancer.py
(13.17 KB)
📄
libcloud_storage.py
(12.19 KB)
📄
linux_acl.py
(7.7 KB)
📄
linux_ip.py
(5.44 KB)
📄
linux_lvm.py
(17.86 KB)
📄
linux_service.py
(4.64 KB)
📄
linux_shadow.py
(13.37 KB)
📄
linux_sysctl.py
(7.39 KB)
📄
localemod.py
(11.84 KB)
📄
locate.py
(2.58 KB)
📄
logadm.py
(9.57 KB)
📄
logmod.py
(1.24 KB)
📄
logrotate.py
(7.72 KB)
📄
lvs.py
(11.54 KB)
📄
lxc.py
(148.61 KB)
📄
lxd.py
(90.2 KB)
📄
mac_assistive.py
(6.36 KB)
📄
mac_brew_pkg.py
(19.82 KB)
📄
mac_desktop.py
(2.77 KB)
📄
mac_group.py
(6.34 KB)
📄
mac_keychain.py
(6.68 KB)
📄
mac_pkgutil.py
(2.84 KB)
📄
mac_portspkg.py
(11.36 KB)
📄
mac_power.py
(13.29 KB)
📄
mac_service.py
(19.64 KB)
📄
mac_shadow.py
(14.23 KB)
📄
mac_softwareupdate.py
(14.52 KB)
📄
mac_sysctl.py
(5.13 KB)
📄
mac_system.py
(15.2 KB)
📄
mac_timezone.py
(8.34 KB)
📄
mac_user.py
(16.36 KB)
📄
mac_xattr.py
(6.11 KB)
📄
macdefaults.py
(2.33 KB)
📄
macpackage.py
(6.94 KB)
📄
makeconf.py
(17.31 KB)
📄
mandrill.py
(6.31 KB)
📄
marathon.py
(5.36 KB)
📄
match.py
(10.28 KB)
📄
mattermost.py
(3.4 KB)
📄
mdadm_raid.py
(9.86 KB)
📄
mdata.py
(3.44 KB)
📄
memcached.py
(6.13 KB)
📄
mine.py
(18.79 KB)
📄
minion.py
(7.68 KB)
📄
mod_random.py
(6.72 KB)
📄
modjk.py
(12.48 KB)
📄
mongodb.py
(17.3 KB)
📄
monit.py
(5.51 KB)
📄
moosefs.py
(3.87 KB)
📄
mount.py
(56.18 KB)
📄
mssql.py
(14.64 KB)
📄
msteams.py
(2 KB)
📄
munin.py
(2.4 KB)
📄
mysql.py
(87.86 KB)
📄
nacl.py
(9.73 KB)
📄
nagios.py
(6.53 KB)
📄
nagios_rpc.py
(5.09 KB)
📄
namecheap_domains.py
(12.84 KB)
📄
namecheap_domains_dns.py
(5.93 KB)
📄
namecheap_domains_ns.py
(4.51 KB)
📄
namecheap_ssl.py
(25.72 KB)
📄
namecheap_users.py
(2.4 KB)
📄
napalm_bgp.py
(9.72 KB)
📄
napalm_formula.py
(11.33 KB)
📄
napalm_mod.py
(59.3 KB)
📄
napalm_netacl.py
(28.59 KB)
📄
napalm_network.py
(93.24 KB)
📄
napalm_ntp.py
(10.22 KB)
📄
napalm_probes.py
(13.25 KB)
📄
napalm_route.py
(5.09 KB)
📄
napalm_snmp.py
(7.05 KB)
📄
napalm_users.py
(6.49 KB)
📄
napalm_yang_mod.py
(20.28 KB)
📄
netaddress.py
(1.6 KB)
📄
netbox.py
(32.22 KB)
📄
netbsd_sysctl.py
(3.97 KB)
📄
netbsdservice.py
(6.49 KB)
📄
netmiko_mod.py
(19.63 KB)
📄
netscaler.py
(27.02 KB)
📄
network.py
(62.75 KB)
📄
neutron.py
(44.93 KB)
📄
neutronng.py
(15.02 KB)
📄
nexus.py
(22.95 KB)
📄
nfs3.py
(3.9 KB)
📄
nftables.py
(33.58 KB)
📄
nginx.py
(3.83 KB)
📄
nilrt_ip.py
(36.18 KB)
📄
nix.py
(8.03 KB)
📄
nova.py
(19.61 KB)
📄
npm.py
(10.35 KB)
📄
nspawn.py
(41.35 KB)
📄
nxos.py
(24.67 KB)
📄
nxos_api.py
(14.66 KB)
📄
nxos_upgrade.py
(14.74 KB)
📄
omapi.py
(3.6 KB)
📄
openbsd_sysctl.py
(3.74 KB)
📄
openbsdpkg.py
(11 KB)
📄
openbsdrcctl_service.py
(6.25 KB)
📄
openbsdservice.py
(8.31 KB)
📄
openscap.py
(2.81 KB)
📄
openstack_config.py
(3.5 KB)
📄
openstack_mng.py
(2.71 KB)
📄
openvswitch.py
(11.75 KB)
📄
opkg.py
(49.72 KB)
📄
opsgenie.py
(3.29 KB)
📄
oracle.py
(5.83 KB)
📄
osquery.py
(24.93 KB)
📄
out.py
(2.53 KB)
📄
pacmanpkg.py
(31.99 KB)
📄
pagerduty.py
(4.7 KB)
📄
pagerduty_util.py
(13.49 KB)
📄
pam.py
(2.01 KB)
📄
panos.py
(61.05 KB)
📄
parallels.py
(19.85 KB)
📄
parted_partition.py
(21.53 KB)
📄
pcs.py
(14.11 KB)
📄
pdbedit.py
(10.72 KB)
📄
pecl.py
(3.79 KB)
📄
peeringdb.py
(8.39 KB)
📄
pf.py
(9.51 KB)
📄
philips_hue.py
(1.55 KB)
📄
pillar.py
(21.29 KB)
📄
pip.py
(51.76 KB)
📄
pkg_resource.py
(11.89 KB)
📄
pkgin.py
(17.35 KB)
📄
pkgng.py
(61.1 KB)
📄
pkgutil.py
(9.88 KB)
📄
portage_config.py
(22.77 KB)
📄
postfix.py
(16.24 KB)
📄
postgres.py
(88.31 KB)
📄
poudriere.py
(7.85 KB)
📄
powerpath.py
(2.57 KB)
📄
proxy.py
(11.49 KB)
📄
ps.py
(19.45 KB)
📄
publish.py
(10.22 KB)
📄
puppet.py
(11.69 KB)
📄
purefa.py
(33.03 KB)
📄
purefb.py
(13.65 KB)
📄
pushbullet.py
(1.88 KB)
📄
pushover_notify.py
(3.48 KB)
📄
pw_group.py
(4.4 KB)
📄
pw_user.py
(12.47 KB)
📄
pyenv.py
(6.93 KB)
📄
qemu_img.py
(1.53 KB)
📄
qemu_nbd.py
(3.28 KB)
📄
quota.py
(6.43 KB)
📄
rabbitmq.py
(38.44 KB)
📄
rallydev.py
(6.09 KB)
📄
random_org.py
(23.76 KB)
📄
rbac_solaris.py
(16.15 KB)
📄
rbenv.py
(10.75 KB)
📄
rdp.py
(6.08 KB)
📄
rebootmgr.py
(7.66 KB)
📄
redismod.py
(16.36 KB)
📄
reg.py
(16.36 KB)
📄
rest_pkg.py
(2.26 KB)
📄
rest_sample_utils.py
(558 B)
📄
rest_service.py
(3.63 KB)
📄
restartcheck.py
(24.1 KB)
📄
ret.py
(1.27 KB)
📄
rh_ip.py
(38.01 KB)
📄
rh_service.py
(16.61 KB)
📄
riak.py
(5.19 KB)
📄
rpm_lowpkg.py
(27.61 KB)
📄
rpmbuild_pkgbuild.py
(24.53 KB)
📄
rsync.py
(8.04 KB)
📄
runit.py
(17.14 KB)
📄
rvm.py
(11.1 KB)
📄
s3.py
(9.93 KB)
📄
s6.py
(3.62 KB)
📄
salt_proxy.py
(4.48 KB)
📄
salt_version.py
(4.29 KB)
📄
saltcheck.py
(46.11 KB)
📄
saltcloudmod.py
(954 B)
📄
saltutil.py
(56.5 KB)
📄
schedule.py
(43.35 KB)
📄
scp_mod.py
(6.22 KB)
📄
scsi.py
(2.66 KB)
📄
sdb.py
(2.45 KB)
📄
seed.py
(8.87 KB)
📄
selinux.py
(23.83 KB)
📄
sensehat.py
(7.79 KB)
📄
sensors.py
(1.3 KB)
📄
serverdensity_device.py
(8.1 KB)
📄
servicenow.py
(4.38 KB)
📄
slack_notify.py
(7.83 KB)
📄
slackware_service.py
(6.89 KB)
📄
slsutil.py
(19.05 KB)
📄
smartos_imgadm.py
(12.09 KB)
📄
smartos_nictagadm.py
(6.51 KB)
📄
smartos_virt.py
(5.21 KB)
📄
smartos_vmadm.py
(26.37 KB)
📄
smbios.py
(10.06 KB)
📄
smf_service.py
(8.52 KB)
📄
smtp.py
(5.41 KB)
📄
snapper.py
(27.14 KB)
📄
solaris_fmadm.py
(11.27 KB)
📄
solaris_group.py
(2.8 KB)
📄
solaris_shadow.py
(7.98 KB)
📄
solaris_system.py
(3.72 KB)
📄
solaris_user.py
(11.06 KB)
📄
solarisipspkg.py
(18.7 KB)
📄
solarispkg.py
(15.42 KB)
📄
solr.py
(45.54 KB)
📄
solrcloud.py
(14.63 KB)
📄
splunk.py
(8.15 KB)
📄
splunk_search.py
(8.76 KB)
📄
sqlite3.py
(2.54 KB)
📄
ssh.py
(43.15 KB)
📄
ssh_pkg.py
(1.08 KB)
📄
ssh_service.py
(3.39 KB)
📄
state.py
(78.55 KB)
📄
status.py
(57.34 KB)
📄
statuspage.py
(14.67 KB)
📄
supervisord.py
(11.15 KB)
📄
suse_apache.py
(2.45 KB)
📄
svn.py
(10.75 KB)
📄
swarm.py
(13.5 KB)
📄
swift.py
(5.55 KB)
📄
sysbench.py
(6.62 KB)
📄
sysfs.py
(6.61 KB)
📄
syslog_ng.py
(31.55 KB)
📄
sysmod.py
(22.59 KB)
📄
sysrc.py
(3.38 KB)
📄
system.py
(19.28 KB)
📄
system_profiler.py
(3.54 KB)
📄
systemd_service.py
(46.19 KB)
📄
telegram.py
(3.28 KB)
📄
telemetry.py
(12.9 KB)
📄
temp.py
(831 B)
📄
test.py
(14.71 KB)
📄
test_virtual.py
(194 B)
📄
testinframod.py
(9.92 KB)
📄
textfsm_mod.py
(16.22 KB)
📄
timezone.py
(19.89 KB)
📄
tls.py
(58.68 KB)
📄
tomcat.py
(18.59 KB)
📄
trafficserver.py
(10.44 KB)
📄
transactional_update.py
(42 KB)
📄
travisci.py
(2.08 KB)
📄
tuned.py
(2.34 KB)
📄
twilio_notify.py
(2.95 KB)
📄
udev.py
(3.72 KB)
📄
upstart_service.py
(16.92 KB)
📄
uptime.py
(3.23 KB)
📄
useradd.py
(22.3 KB)
📄
uwsgi.py
(996 B)
📄
vagrant.py
(20.4 KB)
📄
varnish.py
(3.08 KB)
📄
vault.py
(13.48 KB)
📄
vbox_guest.py
(10.55 KB)
📄
vboxmanage.py
(14.72 KB)
📄
vcenter.py
(455 B)
📄
victorops.py
(6.54 KB)
📄
virt.py
(290.11 KB)
📄
virtualenv_mod.py
(15.08 KB)
📄
vmctl.py
(9.6 KB)
📄
vsphere.py
(376.7 KB)
📄
webutil.py
(3.66 KB)
📄
win_auditpol.py
(4.74 KB)
📄
win_autoruns.py
(2.29 KB)
📄
win_certutil.py
(3.27 KB)
📄
win_dacl.py
(32.27 KB)
📄
win_disk.py
(1.8 KB)
📄
win_dism.py
(18.26 KB)
📄
win_dns_client.py
(4.19 KB)
📄
win_dsc.py
(26.56 KB)
📄
win_file.py
(59.46 KB)
📄
win_firewall.py
(20.15 KB)
📄
win_groupadd.py
(11.27 KB)
📄
win_iis.py
(68.76 KB)
📄
win_ip.py
(11.43 KB)
📄
win_lgpo.py
(491.78 KB)
📄
win_license.py
(2.72 KB)
📄
win_network.py
(14.02 KB)
📄
win_ntp.py
(1.8 KB)
📄
win_path.py
(11.12 KB)
📄
win_pkg.py
(84.64 KB)
📄
win_pki.py
(15.8 KB)
📄
win_powercfg.py
(9.85 KB)
📄
win_psget.py
(8.97 KB)
📄
win_servermanager.py
(14.33 KB)
📄
win_service.py
(32.7 KB)
📄
win_shadow.py
(3.03 KB)
📄
win_smtp_server.py
(17.67 KB)
📄
win_snmp.py
(13.38 KB)
📄
win_status.py
(17.04 KB)
📄
win_system.py
(40.62 KB)
📄
win_task.py
(78.46 KB)
📄
win_timezone.py
(13.27 KB)
📄
win_useradd.py
(27.53 KB)
📄
win_wua.py
(38.29 KB)
📄
win_wusa.py
(5.88 KB)
📄
winrepo.py
(6.3 KB)
📄
wordpress.py
(4.71 KB)
📄
x509.py
(62.22 KB)
📄
xapi_virt.py
(24.08 KB)
📄
xbpspkg.py
(15.89 KB)
📄
xfs.py
(15.33 KB)
📄
xml.py
(2.14 KB)
📄
xmpp.py
(5.28 KB)
📄
yumpkg.py
(112.71 KB)
📄
zabbix.py
(94.11 KB)
📄
zcbuildout.py
(28.19 KB)
📄
zenoss.py
(5.64 KB)
📄
zfs.py
(34.49 KB)
📄
zk_concurrency.py
(11.19 KB)
📄
znc.py
(2.26 KB)
📄
zoneadm.py
(15.11 KB)
📄
zonecfg.py
(21.91 KB)
📄
zookeeper.py
(14.72 KB)
📄
zpool.py
(44.02 KB)
📄
zypperpkg.py
(90.34 KB)
Editing: lxd.py
""" Module for managing the LXD daemon and its containers. .. versionadded:: 2019.2.0 `LXD(1)`_ is a container "hypervisor". This execution module provides several functions to help manage it and its containers. .. note:: - `pylxd(2)`_ version >=2.2.5 is required to let this work, currently only available via pip. To install on Ubuntu: $ apt-get install libssl-dev python-pip $ pip install -U pylxd - you need lxd installed on the minion for the init() and version() methods. - for the config_get() and config_get() methods you need to have lxd-client installed. .. _LXD(1): https://linuxcontainers.org/lxd/ .. _pylxd(2): https://github.com/lxc/pylxd/blob/master/doc/source/installation.rst :maintainer: René Jochum <rene@jochums.at> :maturity: new :depends: python-pylxd :platform: Linux """ import logging import os from datetime import datetime import salt.utils.decorators.path import salt.utils.files from salt.exceptions import CommandExecutionError, SaltInvocationError from salt.utils.versions import LooseVersion try: import pylxd HAS_PYLXD = True import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) except ImportError: HAS_PYLXD = False log = logging.getLogger(__name__) __docformat__ = "restructuredtext en" _pylxd_minimal_version = "2.2.5" # Keep in sync with: https://github.com/lxc/lxd/blob/master/shared/osarch/architectures.go _architectures = { "unknown": "0", "i686": "1", "x86_64": "2", "armv7l": "3", "aarch64": "4", "ppc": "5", "ppc64": "6", "ppc64le": "7", "s390x": "8", } # Keep in sync with: https://github.com/lxc/lxd/blob/master/shared/api/status_code.go CONTAINER_STATUS_RUNNING = 103 __virtualname__ = "lxd" _connection_pool = {} def __virtual__(): if HAS_PYLXD: if LooseVersion(pylxd_version()) < LooseVersion(_pylxd_minimal_version): return ( False, 'The lxd execution module cannot be loaded: pylxd "{}" is ' 'not supported, you need at least pylxd "{}"'.format( pylxd_version(), _pylxd_minimal_version ), ) return __virtualname__ return ( False, "The lxd execution module cannot be loaded: " "the pylxd python module is not available.", ) ################ # LXD Management ################ @salt.utils.decorators.path.which("lxd") def version(): """ Returns the actual lxd version. CLI Example: .. code-block:: bash salt '*' lxd.version """ return __salt__["cmd.run"]("lxd --version") def pylxd_version(): """ Returns the actual pylxd version. CLI Example: .. code-block:: bash salt '*' lxd.pylxd_version """ return pylxd.__version__ @salt.utils.decorators.path.which("lxd") def init( storage_backend="dir", trust_password=None, network_address=None, network_port=None, storage_create_device=None, storage_create_loop=None, storage_pool=None, ): """ Calls lxd init --auto -- opts storage_backend : Storage backend to use (zfs or dir, default: dir) trust_password : Password required to add new clients network_address : None Address to bind LXD to (default: none) network_port : None Port to bind LXD to (Default: 8443) storage_create_device : None Setup device based storage using this DEVICE storage_create_loop : None Setup loop based storage with this SIZE in GB storage_pool : None Storage pool to use or create CLI Examples: To listen on all IPv4/IPv6 Addresses: .. code-block:: bash salt '*' lxd.init dir PaSsW0rD [::] To not listen on Network: .. code-block:: bash salt '*' lxd.init """ cmd = 'lxd init --auto --storage-backend="{}"'.format(storage_backend) if trust_password is not None: cmd = cmd + ' --trust-password="{}"'.format(trust_password) if network_address is not None: cmd = cmd + ' --network-address="{}"'.format(network_address) if network_port is not None: cmd = cmd + ' --network-port="{}"'.format(network_port) if storage_create_device is not None: cmd = cmd + ' --storage-create-device="{}"'.format(storage_create_device) if storage_create_loop is not None: cmd = cmd + ' --storage-create-loop="{}"'.format(storage_create_loop) if storage_pool is not None: cmd = cmd + ' --storage-pool="{}"'.format(storage_pool) try: output = __salt__["cmd.run"](cmd) except ValueError as e: raise CommandExecutionError( "Failed to call: '{}', error was: {}".format(cmd, str(e)), ) if "error:" in output: raise CommandExecutionError( output[output.index("error:") + 7 :], ) return output @salt.utils.decorators.path.which("lxd") @salt.utils.decorators.path.which("lxc") def config_set(key, value): """ Set an LXD daemon config option CLI Examples: To listen on IPv4 and IPv6 port 8443, you can omit the :8443 its the default: .. code-block:: bash salt '*' lxd.config_set core.https_address [::]:8443 To set the server trust password: .. code-block:: bash salt '*' lxd.config_set core.trust_password blah """ cmd = 'lxc config set "{}" "{}"'.format( key, value, ) output = __salt__["cmd.run"](cmd) if "error:" in output: raise CommandExecutionError( output[output.index("error:") + 7 :], ) return ('Config value "{}" successfully set.'.format(key),) @salt.utils.decorators.path.which("lxd") @salt.utils.decorators.path.which("lxc") def config_get(key): """ Get an LXD daemon config option key : The key of the config value to retrieve CLI Examples: .. code-block:: bash salt '*' lxd.config_get core.https_address """ cmd = 'lxc config get "{}"'.format(key) output = __salt__["cmd.run"](cmd) if "error:" in output: raise CommandExecutionError( output[output.index("error:") + 7 :], ) return output ####################### # Connection Management ####################### def pylxd_client_get(remote_addr=None, cert=None, key=None, verify_cert=True): """ Get an pyxld client, this is not meant to be run over the CLI. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. See the `requests-docs`_ for the SSL stuff. .. _requests-docs: http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification """ pool_key = "|".join( ( str(remote_addr), str(cert), str(key), str(verify_cert), ) ) if pool_key in _connection_pool: log.debug('Returning the client "%s" from our connection pool', remote_addr) return _connection_pool[pool_key] try: if remote_addr is None or remote_addr == "/var/lib/lxd/unix.socket": log.debug("Trying to connect to the local unix socket") client = pylxd.Client() else: if remote_addr.startswith("/"): client = pylxd.Client(remote_addr) else: if cert is None or key is None: raise SaltInvocationError( "You have to give a Cert and Key file for remote endpoints." ) cert = os.path.expanduser(cert) key = os.path.expanduser(key) if not os.path.isfile(cert): raise SaltInvocationError( 'You have given an invalid cert path: "{}", the ' "file does not exist or is not a file.".format(cert) ) if not os.path.isfile(key): raise SaltInvocationError( 'You have given an invalid key path: "{}", the ' "file does not exists or is not a file.".format(key) ) log.debug( 'Trying to connect to "%s" with cert "%s", key "%s" and ' 'verify_cert "%s"', remote_addr, cert, key, verify_cert, ) client = pylxd.Client( endpoint=remote_addr, cert=( cert, key, ), verify=verify_cert, ) except pylxd.exceptions.ClientConnectionFailed: raise CommandExecutionError("Failed to connect to '{}'".format(remote_addr)) except TypeError as e: # Happens when the verification failed. raise CommandExecutionError( 'Failed to connect to "{}", looks like the SSL verification ' "failed, error was: {}".format(remote_addr, str(e)) ) _connection_pool[pool_key] = client return client def pylxd_save_object(obj): """Saves an object (profile/image/container) and translate its execpetion on failure obj : The object to save This is an internal method, no CLI Example. """ try: obj.save(wait=True) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) return True def authenticate(remote_addr, password, cert, key, verify_cert=True): """ Authenticate with a remote LXDaemon. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 password : The password of the remote. cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false See the `requests-docs`_ for the SSL stuff. .. _requests-docs: http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) if client.trusted: return True try: client.authenticate(password) except pylxd.exceptions.LXDAPIException as e: # Wrong password raise CommandExecutionError(str(e)) return client.trusted ###################### # Container Management ###################### def container_list( list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Lists containers list_names : False Only return a list of names when True remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: Full dict with all available information: .. code-block:: bash salt '*' lxd.container_list For a list of names: .. code-block:: bash salt '*' lxd.container_list true See also `container-attributes`_. .. _container-attributes: https://github.com/lxc/pylxd/blob/master/doc/source/containers.rst#container-attributes """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) containers = client.containers.all() if list_names: return [c.name for c in containers] return map(_pylxd_model_to_dict, containers) def container_create( name, source, profiles=None, config=None, devices=None, architecture="x86_64", ephemeral=False, wait=True, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False, ): """ Create a container name : The name of the container source : Can be either a string containing an image alias: "xenial/amd64" or an dict with type "image" with alias: {"type": "image", "alias": "xenial/amd64"} or image with "fingerprint": {"type": "image", "fingerprint": "SHA-256"} or image with "properties": {"type": "image", "properties": { "os": "ubuntu", "release": "14.04", "architecture": "x86_64"}} or none: {"type": "none"} or copy: {"type": "copy", "source": "my-old-container"} profiles : ['default'] List of profiles to apply on this container config : A config dict or None (None = unset). Can also be a list: [{'key': 'boot.autostart', 'value': 1}, {'key': 'security.privileged', 'value': '1'}] devices : A device dict or None (None = unset). architecture : 'x86_64' Can be one of the following: * unknown * i686 * x86_64 * armv7l * aarch64 * ppc * ppc64 * ppc64le * s390x ephemeral : False Destroy this container after stop? remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : False Return the raw pyxld object or a dict? CLI Examples: .. code-block:: bash salt '*' lxd.container_create test xenial/amd64 See also the `rest-api-docs`_. .. _rest-api-docs: https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1 """ if profiles is None: profiles = ["default"] if config is None: config = {} if devices is None: devices = {} client = pylxd_client_get(remote_addr, cert, key, verify_cert) if not isinstance(profiles, (list, tuple, set)): raise SaltInvocationError("'profiles' must be formatted as list/tuple/set.") if architecture not in _architectures: raise SaltInvocationError( "Unknown architecture '{}' given for the container '{}'".format( architecture, name ) ) if isinstance(source, str): source = {"type": "image", "alias": source} config, devices = normalize_input_values(config, devices) try: container = client.containers.create( { "name": name, "architecture": _architectures[architecture], "profiles": profiles, "source": source, "config": config, "ephemeral": ephemeral, }, wait=wait, ) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) if not wait: return container.json()["operation"] # Add devices if not wait and devices have been given. if devices: for dn, dargs in devices.items(): container_device_add(name, dn, **dargs) if _raw: return container return _pylxd_model_to_dict(container) def container_get( name=None, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Gets a container from the LXD name : The name of the container to get. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : Return the pylxd object, this is internal and by states in use. """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) if name is None: containers = client.containers.all() if _raw: return containers else: containers = [] try: containers = [client.containers.get(name)] except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Container '{}' not found".format(name)) if _raw: return containers[0] infos = [] for container in containers: infos.append(dict([(container.name, _pylxd_model_to_dict(container))])) return infos def container_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Delete a container name : Name of the container to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.delete(wait=True) return True def container_rename( name, newname, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Rename a container name : Name of the container to Rename newname : The new name of the container remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) if container.status_code == CONTAINER_STATUS_RUNNING: raise SaltInvocationError( "Can't rename the running container '{}'.".format(name) ) container.rename(newname, wait=True) return _pylxd_model_to_dict(container) def container_state(name=None, remote_addr=None, cert=None, key=None, verify_cert=True): """ Get container state remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) if name is None: containers = client.containers.all() else: try: containers = [client.containers.get(name)] except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Container '{}' not found".format(name)) states = [] for container in containers: state = {} state = container.state() states.append( dict( [ ( container.name, { k: getattr(state, k) for k in dir(state) if not k.startswith("_") }, ) ] ) ) return states def container_start(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Start a container name : Name of the container to start remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.start(wait=True) return _pylxd_model_to_dict(container) def container_stop( name, timeout=30, force=True, remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Stop a container name : Name of the container to stop remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.stop(timeout, force, wait=True) return _pylxd_model_to_dict(container) def container_restart(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Restart a container name : Name of the container to restart remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.restart(wait=True) return _pylxd_model_to_dict(container) def container_freeze(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Freeze a container name : Name of the container to freeze remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.freeze(wait=True) return _pylxd_model_to_dict(container) def container_unfreeze(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Unfreeze a container name : Name of the container to unfreeze remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.unfreeze(wait=True) return _pylxd_model_to_dict(container) def container_migrate( name, stop_and_start=False, remote_addr=None, cert=None, key=None, verify_cert=True, src_remote_addr=None, src_cert=None, src_key=None, src_verify_cert=None, ): """Migrate a container. If the container is running, it either must be shut down first (use stop_and_start=True) or criu must be installed on the source and destination machines. For this operation both certs need to be authenticated, use :mod:`lxd.authenticate <salt.modules.lxd.authenticate` to authenticate your cert(s). name : Name of the container to migrate stop_and_start : Stop the container on the source and start it on dest remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash # Authorize salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false salt '*' lxd.authenticate https://srv02:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false # Migrate phpmyadmin from srv01 to srv02 salt '*' lxd.container_migrate phpmyadmin stop_and_start=true remote_addr=https://srv02:8443 cert=~/.config/lxc/client.crt key=~/.config/lxc/client.key verify_cert=False src_remote_addr=https://srv01:8443 """ if src_cert is None: src_cert = cert if src_key is None: src_key = key if src_verify_cert is None: src_verify_cert = verify_cert container = container_get( name, src_remote_addr, src_cert, src_key, src_verify_cert, _raw=True ) dest_client = pylxd_client_get(remote_addr, cert, key, verify_cert) for pname in container.profiles: try: dest_client.profiles.get(pname) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError( "not all the profiles from the source exist on the target" ) was_running = container.status_code == CONTAINER_STATUS_RUNNING if stop_and_start and was_running: container.stop(wait=True) try: dest_container = container.migrate(dest_client, wait=True) dest_container.profiles = container.profiles dest_container.save() except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Remove the source container container.delete(wait=True) if stop_and_start and was_running: dest_container.start(wait=True) return _pylxd_model_to_dict(dest_container) def container_config_get( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Get a container config value name : Name of the container config_key : The config key to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(container, "config", config_key) def container_config_set( name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Set a container config value name : Name of the container config_key : The config key to set config_value : The config value to set remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _set_property_dict_item(container, "config", config_key, config_value) def container_config_delete( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Delete a container config value name : Name of the container config_key : The config key to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(container, "config", config_key) def container_device_get( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Get a container device name : Name of the container device_name : The device name to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(container, "devices", device_name) def container_device_add( name, device_name, device_type="disk", remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs ): """ Add a container device name : Name of the container device_name : The device name to add device_type : Type of the device ** kwargs : Additional device args remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) kwargs["type"] = device_type return _set_property_dict_item(container, "devices", device_name, kwargs) def container_device_delete( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Delete a container device name : Name of the container device_name : The device name to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(container, "devices", device_name) def container_file_put( name, src, dst, recursive=False, overwrite=False, mode=None, uid=None, gid=None, saltenv="base", remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Put a file into a container name : Name of the container src : The source file or directory dst : The destination file or directory recursive : Decent into src directory overwrite : Replace destination if it exists mode : Set file mode to octal number uid : Set file uid (owner) gid : Set file gid (group) remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.container_file_put <container name> /var/tmp/foo /var/tmp/ """ # Possibilities: # (src, dst, dir, dir1, and dir2 are directories) # cp /src/file1 /dst/file1 # cp /src/file1 /dst/file2 # cp /src/file1 /dst # cp /src/file1 /dst/ # cp -r /src/dir /dst/ # cp -r /src/dir/ /dst/ # cp -r /src/dir1 /dst/dir2 (which is not /src/dir1 /dst/dir2/) # cp -r /src/dir1 /dst/dir2/ # Fix mode. Salt commandline doesn't use octals, so 0600 will be # the decimal integer 600 (and not the octal 0600). So, it it's # and integer, handle it as if it where a octal representation. mode = str(mode) if not mode.startswith("0"): mode = "0{}".format(mode) container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) src = os.path.expanduser(src) if not os.path.isabs(src): if src.find("://") >= 0: cached_file = __salt__["cp.cache_file"](src, saltenv=saltenv) if not cached_file: raise SaltInvocationError("File '{}' not found".format(src)) if not os.path.isabs(cached_file): raise SaltInvocationError("File path must be absolute.") src = cached_file # Make sure that src doesn't end with '/', unless it's '/' src = src.rstrip(os.path.sep) if not src: src = os.path.sep if not os.path.exists(src): raise CommandExecutionError("No such file or directory '{}'".format(src)) if os.path.isdir(src) and not recursive: raise SaltInvocationError( "Cannot copy overwriting a directory without recursive flag set to true!" ) try: dst_is_directory = False container.files.get(os.path.join(dst, ".")) except pylxd.exceptions.NotFound: pass except pylxd.exceptions.LXDAPIException as why: if str(why).find("Is a directory") >= 0: dst_is_directory = True if os.path.isfile(src): # Source is a file if dst_is_directory: dst = os.path.join(dst, os.path.basename(src)) if not overwrite: found = True try: container.files.get(os.path.join(dst)) except pylxd.exceptions.NotFound: found = False except pylxd.exceptions.LXDAPIException as why: if str(why).find("not found") >= 0: # Old version of pylxd found = False else: raise if found: raise SaltInvocationError( "Destination exists and overwrite is false" ) if mode is not None or uid is not None or gid is not None: # Need to get file stats stat = os.stat(src) if mode is None: mode = oct(stat.st_mode) if uid is None: uid = stat.st_uid if gid is None: gid = stat.st_gid with salt.utils.files.fopen(src, "rb") as src_fp: container.files.put(dst, src_fp.read(), mode=mode, uid=uid, gid=gid) return True elif not os.path.isdir(src): raise SaltInvocationError("Source is neither file nor directory") # Source is a directory # idx for dstdir = dst + src[idx:] if dst.endswith(os.sep): idx = len(os.path.dirname(src)) elif dst_is_directory: idx = len(src) else: # Destination is not a directory and doesn't end with '/' # Check that the parent directory of dst exists # and is a directory try: container.files.get(os.path.join(os.path.dirname(dst), ".")) except pylxd.exceptions.NotFound: pass except pylxd.exceptions.LXDAPIException as why: if str(why).find("Is a directory") >= 0: dst_is_directory = True # destination is non-existent # cp -r /src/dir1 /scr/dir1 # cp -r /src/dir1 /scr/dir2 idx = len(src) overwrite = True # Copy src directory recursive if not overwrite: raise SaltInvocationError("Destination exists and overwrite is false") # Collect all directories first, to create them in one call # (for performance reasons) dstdirs = [] for path, _, files in os.walk(src): dstdir = os.path.join(dst, path[idx:].lstrip(os.path.sep)) dstdirs.append(dstdir) container.execute(["mkdir", "-p"] + dstdirs) set_mode = mode set_uid = uid set_gid = gid # Now transfer the files for path, _, files in os.walk(src): dstdir = os.path.join(dst, path[idx:].lstrip(os.path.sep)) for name in files: src_name = os.path.join(path, name) dst_name = os.path.join(dstdir, name) if mode is not None or uid is not None or gid is not None: # Need to get file stats stat = os.stat(src_name) if mode is None: set_mode = oct(stat.st_mode) if uid is None: set_uid = stat.st_uid if gid is None: set_gid = stat.st_gid with salt.utils.files.fopen(src_name, "rb") as src_fp: container.files.put( dst_name, src_fp.read(), mode=set_mode, uid=set_uid, gid=set_gid ) return True def container_file_get( name, src, dst, overwrite=False, mode=None, uid=None, gid=None, remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Get a file from a container name : Name of the container src : The source file or directory dst : The destination file or directory mode : Set file mode to octal number uid : Set file uid (owner) gid : Set file gid (group) remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ # Fix mode. Salt commandline doesn't use octals, so 0600 will be # the decimal integer 600 (and not the octal 0600). So, it it's # and integer, handle it as if it where a octal representation. # Do only if mode is not None, otherwise we get 0None if mode is not None: mode = str(mode) if not mode.startswith("0"): mode = "0{}".format(mode) container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) dst = os.path.expanduser(dst) if not os.path.isabs(dst): raise SaltInvocationError("File path must be absolute.") if os.path.isdir(dst): dst = os.path.join(dst, os.path.basename(src)) elif not os.path.isdir(os.path.dirname(dst)): raise SaltInvocationError("Parent directory for destination doesn't exist.") if os.path.exists(dst): if not overwrite: raise SaltInvocationError("Destination exists and overwrite is false.") if not os.path.isfile(dst): raise SaltInvocationError("Destination exists but is not a file.") else: dst_path = os.path.dirname(dst) if not os.path.isdir(dst_path): raise CommandExecutionError( "No such file or directory '{}'".format(dst_path) ) # Seems to be duplicate of line 1794, produces /path/file_name/file_name # dst = os.path.join(dst, os.path.basename(src)) with salt.utils.files.fopen(dst, "wb") as df: df.write(container.files.get(src)) if mode: os.chmod(dst, mode) if uid or uid == "0": uid = int(uid) else: uid = -1 if gid or gid == "0": gid = int(gid) else: gid = -1 if uid != -1 or gid != -1: os.chown(dst, uid, gid) return True def container_execute( name, cmd, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Execute a command list on a container. name : Name of the container cmd : Command to be executed (as a list) Example : '["ls", "-l"]' remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.container_execute <container name> '["ls", "-l"]' """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) try: result = container.execute(cmd) saltresult = {} if not hasattr(result, "exit_code"): saltresult = dict( exit_code=0, stdout=result[0], stderr=result[1], ) else: saltresult = dict( exit_code=result.exit_code, stdout=result.stdout, stderr=result.stderr, ) except pylxd.exceptions.NotFound as e: # TODO: Using exit_code 0 here is not always right, # in the most cases the command worked ok though. # See: https://github.com/lxc/pylxd/issues/280 saltresult = dict(exit_code=0, stdout="", stderr=str(e)) if int(saltresult["exit_code"]) > 0: saltresult["result"] = False else: saltresult["result"] = True return saltresult #################### # Profile Management #################### def profile_list( list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True ): """Lists all profiles from the LXD. list_names : Return a list of names instead of full blown dicts. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.profile_list true --out=json salt '*' lxd.profile_list --out=json """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) profiles = client.profiles.all() if list_names: return [p.name for p in profiles] return map(_pylxd_model_to_dict, profiles) def profile_create( name, config=None, devices=None, description=None, remote_addr=None, cert=None, key=None, verify_cert=True, ): """Creates a profile. name : The name of the profile to get. config : A config dict or None (None = unset). Can also be a list: [{'key': 'boot.autostart', 'value': 1}, {'key': 'security.privileged', 'value': '1'}] devices : A device dict or None (None = unset). description : A description string or None (None = unset). remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.profile_create autostart config="{boot.autostart: 1, boot.autostart.delay: 2, boot.autostart.priority: 1}" salt '*' lxd.profile_create shared_mounts devices="{shared_mount: {type: 'disk', source: '/home/shared', path: '/home/shared'}}" See the `lxd-docs`_ for the details about the config and devices dicts. .. _lxd-docs: https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-10 """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) config, devices = normalize_input_values(config, devices) try: profile = client.profiles.create(name, config, devices) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) if description is not None: profile.description = description pylxd_save_object(profile) return _pylxd_model_to_dict(profile) def profile_get( name, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Gets a profile from the LXD name : The name of the profile to get. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : Return the pylxd object, this is internal and by states in use. CLI Examples: .. code-block:: bash salt '*' lxd.profile_get autostart """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) profile = None try: profile = client.profiles.get(name) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Profile '{}' not found".format(name)) if _raw: return profile return _pylxd_model_to_dict(profile) def profile_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True): """Deletes a profile. name : The name of the profile to delete. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_delete shared_mounts """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) profile.delete() return True def profile_config_get( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """Get a profile config item. name : The name of the profile to get the config item from. config_key : The key for the item to retrieve. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_config_get autostart boot.autostart """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(profile, "config", config_key) def profile_config_set( name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True, ): """Set a profile config item. name : The name of the profile to set the config item to. config_key : The items key. config_value : Its items value. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_config_set autostart boot.autostart 0 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _set_property_dict_item(profile, "config", config_key, config_value) def profile_config_delete( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """Delete a profile config item. name : The name of the profile to delete the config item. config_key : The config key for the value to retrieve. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_config_delete autostart boot.autostart.delay """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(profile, "config", config_key) def profile_device_get( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """Get a profile device. name : The name of the profile to get the device from. device_name : The name of the device to retrieve. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_device_get default eth0 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(profile, "devices", device_name) def profile_device_set( name, device_name, device_type="disk", remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs ): """Set a profile device. name : The name of the profile to set the device to. device_name : The name of the device to set. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_device_set autostart eth1 nic nictype=bridged parent=lxdbr0 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) kwargs["type"] = device_type for k, v in kwargs.items(): kwargs[k] = str(v) return _set_property_dict_item(profile, "devices", device_name, kwargs) def profile_device_delete( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """Delete a profile device. name : The name of the profile to delete the device. device_name : The name of the device to delete. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_device_delete autostart eth1 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(profile, "devices", device_name) ################## # Image Management ################## def image_list( list_aliases=False, remote_addr=None, cert=None, key=None, verify_cert=True ): """Lists all images from the LXD. list_aliases : Return a dict with the fingerprint as key and a list of aliases as value instead. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_list true --out=json salt '*' lxd.image_list --out=json """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) images = client.images.all() if list_aliases: return {i.fingerprint: [a["name"] for a in i.aliases] for i in images} return map(_pylxd_model_to_dict, images) def image_get( fingerprint, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Get an image by its fingerprint fingerprint : The fingerprint of the image to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : False Return the raw pylxd object or a dict of it? CLI Examples: .. code-block:: bash salt '*' lxd.image_get <fingerprint> """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) image = None try: image = client.images.get(fingerprint) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError( "Image with fingerprint '{}' not found".format(fingerprint) ) if _raw: return image return _pylxd_model_to_dict(image) def image_get_by_alias( alias, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Get an image by an alias alias : The alias of the image to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : False Return the raw pylxd object or a dict of it? CLI Examples: .. code-block:: bash salt '*' lxd.image_get_by_alias xenial/amd64 """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) image = None try: image = client.images.get_by_alias(alias) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Image with alias '{}' not found".format(alias)) if _raw: return image return _pylxd_model_to_dict(image) def image_delete(image, remote_addr=None, cert=None, key=None, verify_cert=True): """Delete an image by an alias or fingerprint name : The alias or fingerprint of the image to delete, can be a obj for the states. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_delete xenial/amd64 """ image = _verify_image(image, remote_addr, cert, key, verify_cert) image.delete() return True def image_from_simplestreams( server, alias, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False, ): """Create an image from simplestreams server : Simplestreams server URI alias : The alias of the image to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : False Make this image public available auto_update : False Should LXD auto update that image? _raw : False Return the raw pylxd object or a dict of the image? CLI Examples: .. code-block:: bash salt '*' lxd.image_from_simplestreams "https://cloud-images.ubuntu.com/releases" "trusty/amd64" aliases='["t", "trusty/amd64"]' auto_update=True """ if aliases is None: aliases = [] client = pylxd_client_get(remote_addr, cert, key, verify_cert) try: image = client.images.create_from_simplestreams( server, alias, public=public, auto_update=auto_update ) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Aliases support for alias in aliases: image_alias_add(image, alias) if _raw: return image return _pylxd_model_to_dict(image) def image_from_url( url, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False, ): """Create an image from an url url : The URL from where to download the image remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : False Make this image public available auto_update : False Should LXD auto update that image? _raw : False Return the raw pylxd object or a dict of the image? CLI Examples: .. code-block:: bash salt '*' lxd.image_from_url https://dl.stgraber.org/lxd aliases='["busybox-amd64"]' """ if aliases is None: aliases = [] client = pylxd_client_get(remote_addr, cert, key, verify_cert) try: image = client.images.create_from_url( url, public=public, auto_update=auto_update ) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Aliases support for alias in aliases: image_alias_add(image, alias) if _raw: return image return _pylxd_model_to_dict(image) def image_from_file( filename, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, saltenv="base", _raw=False, ): """Create an image from a file filename : The filename of the rootfs remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : False Make this image public available saltenv : base The saltenv to use for salt:// copies _raw : False Return the raw pylxd object or a dict of the image? CLI Examples: .. code-block:: bash salt '*' lxd.image_from_file salt://lxd/files/busybox.tar.xz aliases=["busybox-amd64"] """ if aliases is None: aliases = [] cached_file = __salt__["cp.cache_file"](filename, saltenv=saltenv) data = b"" with salt.utils.files.fopen(cached_file, "r+b") as fp: data = fp.read() client = pylxd_client_get(remote_addr, cert, key, verify_cert) try: image = client.images.create(data, public=public, wait=True) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Aliases support for alias in aliases: image_alias_add(image, alias) if _raw: return image return _pylxd_model_to_dict(image) def image_copy_lxd( source, src_remote_addr, src_cert, src_key, src_verify_cert, remote_addr, cert, key, verify_cert=True, aliases=None, public=None, auto_update=None, _raw=False, ): """Copy an image from another LXD instance source : An alias or a fingerprint of the source. src_remote_addr : An URL to the source remote daemon Examples: https://mysourceserver.lan:8443 src_cert : PEM Formatted SSL Certificate for the source Examples: ~/.config/lxc/client.crt src_key : PEM Formatted SSL Key for the source Examples: ~/.config/lxc/client.key src_verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. remote_addr : Address of the destination daemon Examples: https://mydestserver.lan:8443 cert : PEM Formatted SSL Certificate for the destination Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key for the destination Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : None Make this image public available, None = copy source auto_update : None Wherever to auto-update from the original source, None = copy source _raw : False Return the raw pylxd object or a dict of the destination image? CLI Examples: .. code-block:: bash salt '*' lxd.image_copy_lxd xenial/amd64 https://srv01:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false https://srv02:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false aliases="['xenial/amd64']" """ if aliases is None: aliases = [] log.debug( 'Trying to copy the image "%s" from "%s" to "%s"', source, src_remote_addr, remote_addr, ) # This will fail with a SaltInvocationError if # the image doesn't exists on the source and with a CommandExecutionError # on connection problems. src_image = None try: src_image = image_get_by_alias( source, src_remote_addr, src_cert, src_key, src_verify_cert, _raw=True ) except SaltInvocationError: src_image = image_get( source, src_remote_addr, src_cert, src_key, src_verify_cert, _raw=True ) # Will fail with a CommandExecutionError on connection problems. dest_client = pylxd_client_get(remote_addr, cert, key, verify_cert) dest_image = src_image.copy( dest_client, public=public, auto_update=auto_update, wait=True ) # Aliases support for alias in aliases: image_alias_add(dest_image, alias) if _raw: return dest_image return _pylxd_model_to_dict(dest_image) def image_alias_add( image, alias, description="", remote_addr=None, cert=None, key=None, verify_cert=True, ): """Create an alias on the given image image : An image alias, a fingerprint or a image object alias : The alias to add description : Description of the alias remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64" """ image = _verify_image(image, remote_addr, cert, key, verify_cert) for alias_info in image.aliases: if alias_info["name"] == alias: return True image.add_alias(alias, description) return True def image_alias_delete( image, alias, remote_addr=None, cert=None, key=None, verify_cert=True ): """Delete an alias (this is currently not restricted to the image) image : An image alias, a fingerprint or a image object alias : The alias to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64" """ image = _verify_image(image, remote_addr, cert, key, verify_cert) try: image.delete_alias(alias) except pylxd.exceptions.LXDAPIException: return False return True ##################### # Snapshot Management ##################### def snapshots_all(container, remote_addr=None, cert=None, key=None, verify_cert=True): """ Get all snapshots for a container container : The name of the container to get. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_all test-container """ containers = container_get( container, remote_addr, cert, key, verify_cert, _raw=True ) if container: containers = [containers] ret = {} for cont in containers: ret.update({cont.name: [{"name": c.name} for c in cont.snapshots.all()]}) return ret def snapshots_create( container, name=None, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Create a snapshot for a container container : The name of the container to get. name : The name of the snapshot. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_create test-container test-snapshot """ cont = container_get(container, remote_addr, cert, key, verify_cert, _raw=True) if not name: name = datetime.now().strftime("%Y%m%d%H%M%S") cont.snapshots.create(name) for c in snapshots_all(container).get(container): if c.get("name") == name: return {"name": name} return {"name": False} def snapshots_delete( container, name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Delete a snapshot for a container container : The name of the container to get. name : The name of the snapshot. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_delete test-container test-snapshot """ cont = container_get(container, remote_addr, cert, key, verify_cert, _raw=True) try: for s in cont.snapshots.all(): if s.name == name: s.delete() return True except pylxd.exceptions.LXDAPIException: pass return False def snapshots_get( container, name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Get information about snapshot for a container container : The name of the container to get. name : The name of the snapshot. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_get test-container test-snapshot """ container = container_get(container, remote_addr, cert, key, verify_cert, _raw=True) return container.snapshots.get(name) ################ # Helper Methods ################ def normalize_input_values(config, devices): """ normalize config input so returns can be put into mongodb, which doesn't like `.` This is not meant to be used on the commandline. CLI Examples: .. code-block:: bash salt '*' lxd.normalize_input_values config={} devices={} """ if isinstance(config, list): if config and "key" in config[0] and "value" in config[0]: config = {d["key"]: d["value"] for d in config} else: config = {} if isinstance(config, str): raise SaltInvocationError("config can't be a string, validate your YAML input.") if isinstance(devices, str): raise SaltInvocationError( "devices can't be a string, validate your YAML input." ) # Golangs wants strings if config is not None: for k, v in config.items(): config[k] = str(v) if devices is not None: for dn in devices: for k, v in devices[dn].items(): devices[dn][k] = v return ( config, devices, ) def sync_config_devices(obj, newconfig, newdevices, test=False): """Syncs the given config and devices with the object (a profile or a container) returns a changes dict with all changes made. obj : The object to sync with / or just test with. newconfig: The new config to check with the obj. newdevices: The new devices to check with the obj. test: Wherever to not change anything and give "Would change" message. """ changes = {} # # config changes # if newconfig is None: newconfig = {} newconfig = dict( list(zip(map(str, newconfig.keys()), map(str, newconfig.values()))) ) cck = set(newconfig.keys()) obj.config = dict( list(zip(map(str, obj.config.keys()), map(str, obj.config.values()))) ) ock = set(obj.config.keys()) config_changes = {} # Removed keys for k in ock.difference(cck): # Ignore LXD internals. if k.startswith("volatile.") or k.startswith("image."): continue if not test: config_changes[k] = 'Removed config key "{}", its value was "{}"'.format( k, obj.config[k] ) del obj.config[k] else: config_changes[k] = 'Would remove config key "{} with value "{}"'.format( k, obj.config[k] ) # same keys for k in cck.intersection(ock): # Ignore LXD internals. if k.startswith("volatile.") or k.startswith("image."): continue if newconfig[k] != obj.config[k]: if not test: config_changes[ k ] = 'Changed config key "{}" to "{}", its value was "{}"'.format( k, newconfig[k], obj.config[k] ) obj.config[k] = newconfig[k] else: config_changes[ k ] = 'Would change config key "{}" to "{}", its current value is "{}"'.format( k, newconfig[k], obj.config[k] ) # New keys for k in cck.difference(ock): # Ignore LXD internals. if k.startswith("volatile.") or k.startswith("image."): continue if not test: config_changes[k] = 'Added config key "{}" = "{}"'.format(k, newconfig[k]) obj.config[k] = newconfig[k] else: config_changes[k] = 'Would add config key "{}" = "{}"'.format( k, newconfig[k] ) if config_changes: changes["config"] = config_changes # # devices changes # if newdevices is None: newdevices = {} dk = set(obj.devices.keys()) ndk = set(newdevices.keys()) devices_changes = {} # Removed devices for k in dk.difference(ndk): # Ignore LXD internals. if k == "root": continue if not test: devices_changes[k] = 'Removed device "{}"'.format(k) del obj.devices[k] else: devices_changes[k] = 'Would remove device "{}"'.format(k) # Changed devices for k, v in obj.devices.items(): # Ignore LXD internals also for new devices. if k == "root": continue if k not in newdevices: # In test mode we don't delete devices above. continue if newdevices[k] != v: if not test: devices_changes[k] = 'Changed device "{}"'.format(k) obj.devices[k] = newdevices[k] else: devices_changes[k] = 'Would change device "{}"'.format(k) # New devices for k in ndk.difference(dk): # Ignore LXD internals. if k == "root": continue if not test: devices_changes[k] = 'Added device "{}"'.format(k) obj.devices[k] = newdevices[k] else: devices_changes[k] = 'Would add device "{}"'.format(k) if devices_changes: changes["devices"] = devices_changes return changes def _set_property_dict_item(obj, prop, key, value): """Sets the dict item key of the attr from obj. Basicaly it does getattr(obj, prop)[key] = value. For the disk device we added some checks to make device changes on the CLI saver. """ attr = getattr(obj, prop) if prop == "devices": device_type = value["type"] if device_type == "disk": if "path" not in value: raise SaltInvocationError("path must be given as parameter") if value["path"] != "/" and "source" not in value: raise SaltInvocationError("source must be given as parameter") for k in value.keys(): if k.startswith("__"): del value[k] attr[key] = value else: # config attr[key] = str(value) pylxd_save_object(obj) return _pylxd_model_to_dict(obj) def _get_property_dict_item(obj, prop, key): attr = getattr(obj, prop) if key not in attr: raise SaltInvocationError("'{}' doesn't exists".format(key)) return attr[key] def _delete_property_dict_item(obj, prop, key): attr = getattr(obj, prop) if key not in attr: raise SaltInvocationError("'{}' doesn't exists".format(key)) del attr[key] pylxd_save_object(obj) return True def _verify_image(image, remote_addr=None, cert=None, key=None, verify_cert=True): # Get image by alias/fingerprint or check for fingerprint attribute if isinstance(image, str): name = image # This will fail with a SaltInvocationError if # the image doesn't exists on the source and with a # CommandExecutionError on connection problems. image = None try: image = image_get_by_alias( name, remote_addr, cert, key, verify_cert, _raw=True ) except SaltInvocationError: image = image_get(name, remote_addr, cert, key, verify_cert, _raw=True) elif not hasattr(image, "fingerprint"): raise SaltInvocationError("Invalid image '{}'".format(image)) return image def _pylxd_model_to_dict(obj): """Translates a plyxd model object to a dict""" marshalled = {} for key in obj.__attributes__.keys(): if hasattr(obj, key): marshalled[key] = getattr(obj, key) return marshalled # # Monkey patching for missing functionality in pylxd # if HAS_PYLXD: import pylxd.exceptions # NOQA if not hasattr(pylxd.exceptions, "NotFound"): # Old version of pylxd class NotFound(pylxd.exceptions.LXDAPIException): """An exception raised when an object is not found.""" pylxd.exceptions.NotFound = NotFound try: from pylxd.container import Container except ImportError: from pylxd.models.container import Container class FilesManager(Container.FilesManager): def put(self, filepath, data, mode=None, uid=None, gid=None): headers = {} if mode is not None: if isinstance(mode, int): mode = oct(mode) elif not mode.startswith("0"): mode = "0{}".format(mode) headers["X-LXD-mode"] = mode if uid is not None: headers["X-LXD-uid"] = str(uid) if gid is not None: headers["X-LXD-gid"] = str(gid) response = self._client.api.containers[self._container.name].files.post( params={"path": filepath}, data=data, headers=headers ) return response.status_code == 200 Container.FilesManager = FilesManager
Upload File
Create Folder