ansible / ansible.builtin / v2.9.13 / module / lxd_container Manage LXD Containers | "added in version" 2.2 of ansible.builtin" Authors: Hiroaki Nakamura (@hnakamur) preview | supported by communityansible.builtin.lxd_container (v2.9.13) — module
pip
Install with pip install ansible==2.9.13
Management of LXD containers
# An example for creating a Ubuntu container and install python - hosts: localhost connection: local tasks: - name: Create a started container lxd_container: name: mycontainer state: started source: type: image mode: pull server: https://images.linuxcontainers.org protocol: lxd # if you get a 404, try setting protocol: simplestreams alias: ubuntu/xenial/amd64 profiles: ["default"] wait_for_ipv4_addresses: true timeout: 600 - name: check python is installed in container delegate_to: mycontainer raw: dpkg -s python register: python_install_check failed_when: python_install_check.rc not in [0, 1] changed_when: false - name: install python in container delegate_to: mycontainer raw: apt-get install -y python when: python_install_check.rc == 1
# An example for creating an Ubuntu 14.04 container using an image fingerprint. # This requires changing 'server' and 'protocol' key values, replacing the # 'alias' key with with 'fingerprint' and supplying an appropriate value that # matches the container image you wish to use. - hosts: localhost connection: local tasks: - name: Create a started container lxd_container: name: mycontainer state: started source: type: image mode: pull # Provides current (and older) Ubuntu images with listed fingerprints server: https://cloud-images.ubuntu.com/releases # Protocol used by 'ubuntu' remote (as shown by 'lxc remote list') protocol: simplestreams # This provides an Ubuntu 14.04 LTS amd64 image from 20150814. fingerprint: e9a8bdfab6dc profiles: ["default"] wait_for_ipv4_addresses: true timeout: 600
# An example for deleting a container - hosts: localhost connection: local tasks: - name: Delete a container lxd_container: name: mycontainer state: absent
# An example for restarting a container - hosts: localhost connection: local tasks: - name: Restart a container lxd_container: name: mycontainer state: restarted
# An example for restarting a container using https to connect to the LXD server - hosts: localhost connection: local tasks: - name: Restart a container lxd_container: url: https://127.0.0.1:8443 # These client_cert and client_key values are equal to the default values. #client_cert: "{{ lookup('env', 'HOME') }}/.config/lxc/client.crt" #client_key: "{{ lookup('env', 'HOME') }}/.config/lxc/client.key" trust_password: mypassword name: mycontainer state: restarted
# Note your container must be in the inventory for the below example. # # [containers] # mycontainer ansible_connection=lxd # - hosts: - mycontainer tasks: - name: copy /etc/hosts in the created container to localhost with name "mycontainer-hosts" fetch: src: /etc/hosts dest: /tmp/mycontainer-hosts flat: true
url: default: unix:/var/lib/lxd/unix.socket description: - The unix domain socket path or the https URL for the LXD server. required: false name: description: - Name of a container. required: true state: choices: - started - stopped - restarted - absent - frozen default: started description: - Define the state of a container. required: false config: description: - 'The config for the container (e.g. {"limits.cpu": "2"}). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)' - If the container already exists and its "config" value in metadata obtained from GET /1.0/containers/<name> U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#10containersname) are different, they this module tries to apply the configurations. - The key starts with 'volatile.' are ignored for this comparison. - Not all config values are supported to apply the existing container. Maybe you need to delete and recreate a container. required: false source: description: - 'The source for the container (e.g. { "type": "image", "mode": "pull", "server": "https://images.linuxcontainers.org", "protocol": "lxd", "alias": "ubuntu/xenial/amd64" }).' - See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1) for complete API documentation. - 'Note that C(protocol) accepts two choices: C(lxd) or C(simplestreams)' required: false devices: description: - 'The devices for the container (e.g. { "rootfs": { "path": "/dev/kvm", "type": "unix-char" }). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)' required: false timeout: default: 30 description: - A timeout for changing the state of the container. - This is also used as a timeout for waiting until IPv4 addresses are set to the all network interfaces in the container after starting or restarting. required: false snap_url: default: unix:/var/snap/lxd/common/lxd/unix.socket description: - The unix domain socket path when LXD is installed by snap package manager. required: false version_added: '2.8' version_added_collection: ansible.builtin ephemeral: description: - Whether or not the container is ephemeral (e.g. true or false). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1) required: false type: bool client_key: aliases: - key_file default: '"{}/.config/lxc/client.key" .format(os.environ["HOME"])' description: - The client certificate key file path. required: false force_stop: default: false description: - If this is true, the C(lxd_container) forces to stop the container when it stops or restarts the container. required: false type: bool client_cert: aliases: - cert_file default: '"{}/.config/lxc/client.crt" .format(os.environ["HOME"])' description: - The client certificate file path. required: false architecture: description: - The architecture for the container (e.g. "x86_64" or "i686"). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1) required: false trust_password: description: - The client trusted password. - You need to set this password on the LXD server before running this module using the following command. lxc config set core.trust_password <some random password> See U(https://www.stgraber.org/2016/04/18/lxd-api-direct-interaction/) - If trust_password is set, this module send a request for authentication before sending any requests. required: false wait_for_ipv4_addresses: default: false description: - If this is true, the C(lxd_container) waits until IPv4 addresses are set to the all network interfaces in the container after starting or restarting. required: false type: bool
actions: description: List of actions performed for the container. returned: success sample: '["create", "start"]' type: list addresses: description: Mapping from the network device name to a list of IPv4 addresses in the container returned: when state is started or restarted sample: eth0: - 10.155.92.191 type: dict logs: description: The logs of requests and responses. returned: when ansible-playbook is invoked with -vvvv. sample: (too long to be placed here) type: list old_state: description: The old state of the container returned: when state is started or restarted sample: stopped type: str