Try SpotterManage LXD Containers
| "added in version" 2.2 of ansible.builtin"
Authors: Hiroaki Nakamura (@hnakamur)
preview | supported by community
pipInstall with pip install ansible==2.9.27
Management of LXD containers
# An example for creating a Ubuntu container and install python
- hosts: localhost
connection: local
tasks:
- name: Create a started container
lxd_container:
name: mycontainer
state: started
source:
type: image
mode: pull
server: https://images.linuxcontainers.org
protocol: lxd # if you get a 404, try setting protocol: simplestreams
alias: ubuntu/xenial/amd64
profiles: ["default"]
wait_for_ipv4_addresses: true
timeout: 600
- name: check python is installed in container
delegate_to: mycontainer
raw: dpkg -s python
register: python_install_check
failed_when: python_install_check.rc not in [0, 1]
changed_when: false
- name: install python in container
delegate_to: mycontainer
raw: apt-get install -y python
when: python_install_check.rc == 1
# An example for creating an Ubuntu 14.04 container using an image fingerprint.
# This requires changing 'server' and 'protocol' key values, replacing the
# 'alias' key with with 'fingerprint' and supplying an appropriate value that
# matches the container image you wish to use.
- hosts: localhost
connection: local
tasks:
- name: Create a started container
lxd_container:
name: mycontainer
state: started
source:
type: image
mode: pull
# Provides current (and older) Ubuntu images with listed fingerprints
server: https://cloud-images.ubuntu.com/releases
# Protocol used by 'ubuntu' remote (as shown by 'lxc remote list')
protocol: simplestreams
# This provides an Ubuntu 14.04 LTS amd64 image from 20150814.
fingerprint: e9a8bdfab6dc
profiles: ["default"]
wait_for_ipv4_addresses: true
timeout: 600
# An example for deleting a container
- hosts: localhost
connection: local
tasks:
- name: Delete a container
lxd_container:
name: mycontainer
state: absent
# An example for restarting a container
- hosts: localhost
connection: local
tasks:
- name: Restart a container
lxd_container:
name: mycontainer
state: restarted
# An example for restarting a container using https to connect to the LXD server
- hosts: localhost
connection: local
tasks:
- name: Restart a container
lxd_container:
url: https://127.0.0.1:8443
# These client_cert and client_key values are equal to the default values.
#client_cert: "{{ lookup('env', 'HOME') }}/.config/lxc/client.crt"
#client_key: "{{ lookup('env', 'HOME') }}/.config/lxc/client.key"
trust_password: mypassword
name: mycontainer
state: restarted
# Note your container must be in the inventory for the below example.
#
# [containers]
# mycontainer ansible_connection=lxd
#
- hosts:
- mycontainer
tasks:
- name: copy /etc/hosts in the created container to localhost with name "mycontainer-hosts"
fetch:
src: /etc/hosts
dest: /tmp/mycontainer-hosts
flat: true
url:
default: unix:/var/lib/lxd/unix.socket
description:
- The unix domain socket path or the https URL for the LXD server.
required: false
name:
description:
- Name of a container.
required: true
state:
choices:
- started
- stopped
- restarted
- absent
- frozen
default: started
description:
- Define the state of a container.
required: false
config:
description:
- 'The config for the container (e.g. {"limits.cpu": "2"}). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)'
- If the container already exists and its "config" value in metadata obtained from
GET /1.0/containers/<name> U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#10containersname)
are different, they this module tries to apply the configurations.
- The key starts with 'volatile.' are ignored for this comparison.
- Not all config values are supported to apply the existing container. Maybe you need
to delete and recreate a container.
required: false
source:
description:
- 'The source for the container (e.g. { "type": "image", "mode": "pull", "server":
"https://images.linuxcontainers.org", "protocol": "lxd", "alias": "ubuntu/xenial/amd64"
}).'
- See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1) for complete
API documentation.
- 'Note that C(protocol) accepts two choices: C(lxd) or C(simplestreams)'
required: false
devices:
description:
- 'The devices for the container (e.g. { "rootfs": { "path": "/dev/kvm", "type": "unix-char"
}). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)'
required: false
timeout:
default: 30
description:
- A timeout for changing the state of the container.
- This is also used as a timeout for waiting until IPv4 addresses are set to the all
network interfaces in the container after starting or restarting.
required: false
snap_url:
default: unix:/var/snap/lxd/common/lxd/unix.socket
description:
- The unix domain socket path when LXD is installed by snap package manager.
required: false
version_added: '2.8'
version_added_collection: ansible.builtin
ephemeral:
description:
- Whether or not the container is ephemeral (e.g. true or false). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
required: false
type: bool
client_key:
aliases:
- key_file
default: '"{}/.config/lxc/client.key" .format(os.environ["HOME"])'
description:
- The client certificate key file path.
required: false
force_stop:
default: false
description:
- If this is true, the C(lxd_container) forces to stop the container when it stops
or restarts the container.
required: false
type: bool
client_cert:
aliases:
- cert_file
default: '"{}/.config/lxc/client.crt" .format(os.environ["HOME"])'
description:
- The client certificate file path.
required: false
architecture:
description:
- The architecture for the container (e.g. "x86_64" or "i686"). See U(https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1)
required: false
trust_password:
description:
- The client trusted password.
- You need to set this password on the LXD server before running this module using
the following command. lxc config set core.trust_password <some random password>
See U(https://www.stgraber.org/2016/04/18/lxd-api-direct-interaction/)
- If trust_password is set, this module send a request for authentication before sending
any requests.
required: false
wait_for_ipv4_addresses:
default: false
description:
- If this is true, the C(lxd_container) waits until IPv4 addresses are set to the
all network interfaces in the container after starting or restarting.
required: false
type: bool
actions:
description: List of actions performed for the container.
returned: success
sample: '["create", "start"]'
type: list
addresses:
description: Mapping from the network device name to a list of IPv4 addresses in
the container
returned: when state is started or restarted
sample:
eth0:
- 10.155.92.191
type: dict
logs:
description: The logs of requests and responses.
returned: when ansible-playbook is invoked with -vvvv.
sample: (too long to be placed here)
type: list
old_state:
description: The old state of the container
returned: when state is started or restarted
sample: stopped
type: str