golden hour
/opt/saltstack/salt/lib/python3.10/site-packages/salt/modules
⬆️ Go Up
Upload
File/Folder
Size
Actions
__init__.py
35 B
Del
OK
__pycache__
-
Del
OK
acme.py
12.74 KB
Del
OK
aix_group.py
4.12 KB
Del
OK
aix_shadow.py
1.93 KB
Del
OK
aixpkg.py
24.15 KB
Del
OK
aliases.py
5.07 KB
Del
OK
alternatives.py
5.71 KB
Del
OK
ansiblegate.py
19.51 KB
Del
OK
apache.py
12.47 KB
Del
OK
apcups.py
2.15 KB
Del
OK
apf.py
3.09 KB
Del
OK
apkpkg.py
16 KB
Del
OK
aptly.py
15.28 KB
Del
OK
aptpkg.py
116.64 KB
Del
OK
archive.py
48.63 KB
Del
OK
arista_pyeapi.py
22.06 KB
Del
OK
artifactory.py
24.78 KB
Del
OK
at.py
10.72 KB
Del
OK
at_solaris.py
8.51 KB
Del
OK
augeas_cfg.py
13.93 KB
Del
OK
aws_sqs.py
6.55 KB
Del
OK
azurearm_compute.py
20.8 KB
Del
OK
azurearm_dns.py
15.8 KB
Del
OK
azurearm_network.py
82.99 KB
Del
OK
azurearm_resource.py
35.75 KB
Del
OK
bamboohr.py
7.36 KB
Del
OK
baredoc.py
11.13 KB
Del
OK
bcache.py
28.97 KB
Del
OK
beacons.py
27.82 KB
Del
OK
bigip.py
69.11 KB
Del
OK
bluez_bluetooth.py
6.76 KB
Del
OK
boto3_elasticache.py
37.34 KB
Del
OK
boto3_elasticsearch.py
53.17 KB
Del
OK
boto3_route53.py
39.82 KB
Del
OK
boto3_sns.py
12.93 KB
Del
OK
boto_apigateway.py
61.86 KB
Del
OK
boto_asg.py
35.69 KB
Del
OK
boto_cfn.py
7.95 KB
Del
OK
boto_cloudfront.py
12.75 KB
Del
OK
boto_cloudtrail.py
14.45 KB
Del
OK
boto_cloudwatch.py
10.99 KB
Del
OK
boto_cloudwatch_event.py
9.48 KB
Del
OK
boto_cognitoidentity.py
14.63 KB
Del
OK
boto_datapipeline.py
6.94 KB
Del
OK
boto_dynamodb.py
14.98 KB
Del
OK
boto_ec2.py
79.27 KB
Del
OK
boto_efs.py
14.05 KB
Del
OK
boto_elasticache.py
23.69 KB
Del
OK
boto_elasticsearch_domain.py
15.85 KB
Del
OK
boto_elb.py
35.53 KB
Del
OK
boto_elbv2.py
10.78 KB
Del
OK
boto_iam.py
75.62 KB
Del
OK
boto_iot.py
26.2 KB
Del
OK
boto_kinesis.py
19.62 KB
Del
OK
boto_kms.py
17.29 KB
Del
OK
boto_lambda.py
35.05 KB
Del
OK
boto_rds.py
34.92 KB
Del
OK
boto_route53.py
32.55 KB
Del
OK
boto_s3.py
4.24 KB
Del
OK
boto_s3_bucket.py
31.8 KB
Del
OK
boto_secgroup.py
25.22 KB
Del
OK
boto_sns.py
7.22 KB
Del
OK
boto_sqs.py
6.43 KB
Del
OK
boto_ssm.py
3.63 KB
Del
OK
boto_vpc.py
113.08 KB
Del
OK
bower.py
5.85 KB
Del
OK
bridge.py
10.81 KB
Del
OK
bsd_shadow.py
6.25 KB
Del
OK
btrfs.py
33.66 KB
Del
OK
cabal.py
3.79 KB
Del
OK
capirca_acl.py
40.04 KB
Del
OK
cassandra_cql.py
54.16 KB
Del
OK
cassandra_mod.py
4.3 KB
Del
OK
celery.py
3.33 KB
Del
OK
ceph.py
15.82 KB
Del
OK
chassis.py
1.52 KB
Del
OK
chef.py
4.66 KB
Del
OK
chocolatey.py
41.55 KB
Del
OK
chronos.py
2.89 KB
Del
OK
chroot.py
11.73 KB
Del
OK
cimc.py
23.02 KB
Del
OK
ciscoconfparse_mod.py
14.79 KB
Del
OK
cisconso.py
3.83 KB
Del
OK
cloud.py
9.39 KB
Del
OK
cmdmod.py
163.73 KB
Del
OK
composer.py
10.31 KB
Del
OK
config.py
16.98 KB
Del
OK
consul.py
69.3 KB
Del
OK
container_resource.py
12.94 KB
Del
OK
cp.py
31.98 KB
Del
OK
cpan.py
5.54 KB
Del
OK
cron.py
28.09 KB
Del
OK
cryptdev.py
10.08 KB
Del
OK
csf.py
16.04 KB
Del
OK
cyg.py
8.32 KB
Del
OK
daemontools.py
5.41 KB
Del
OK
data.py
3.85 KB
Del
OK
datadog_api.py
7.76 KB
Del
OK
ddns.py
7.12 KB
Del
OK
deb_apache.py
7.41 KB
Del
OK
deb_postgres.py
4.18 KB
Del
OK
debconfmod.py
4.06 KB
Del
OK
debian_ip.py
64.91 KB
Del
OK
debian_service.py
6.55 KB
Del
OK
debuild_pkgbuild.py
34.68 KB
Del
OK
defaults.py
6.55 KB
Del
OK
devinfo.py
9.07 KB
Del
OK
devmap.py
627 B
Del
OK
dig.py
8.75 KB
Del
OK
disk.py
30.82 KB
Del
OK
djangomod.py
7.53 KB
Del
OK
dnsmasq.py
5.71 KB
Del
OK
dnsutil.py
11.51 KB
Del
OK
dockercompose.py
32.62 KB
Del
OK
dockermod.py
224.85 KB
Del
OK
dpkg_lowpkg.py
12.94 KB
Del
OK
drac.py
10.97 KB
Del
OK
dracr.py
38.53 KB
Del
OK
drbd.py
7.19 KB
Del
OK
dummyproxy_pkg.py
2.46 KB
Del
OK
dummyproxy_service.py
2.91 KB
Del
OK
ebuildpkg.py
38.74 KB
Del
OK
eix.py
1.58 KB
Del
OK
elasticsearch.py
51.44 KB
Del
OK
environ.py
8.96 KB
Del
OK
eselect.py
4.99 KB
Del
OK
esxcluster.py
1.66 KB
Del
OK
esxdatacenter.py
1.68 KB
Del
OK
esxi.py
2.79 KB
Del
OK
esxvm.py
1.63 KB
Del
OK
etcd_mod.py
8.56 KB
Del
OK
ethtool.py
11.12 KB
Del
OK
event.py
7.67 KB
Del
OK
extfs.py
8.78 KB
Del
OK
file.py
232.18 KB
Del
OK
firewalld.py
20.51 KB
Del
OK
freebsd_sysctl.py
4.99 KB
Del
OK
freebsd_update.py
6.19 KB
Del
OK
freebsdjail.py
7.16 KB
Del
OK
freebsdkmod.py
6.17 KB
Del
OK
freebsdpkg.py
17.04 KB
Del
OK
freebsdports.py
13.13 KB
Del
OK
freebsdservice.py
12.53 KB
Del
OK
freezer.py
10.2 KB
Del
OK
gcp_addon.py
4.07 KB
Del
OK
gem.py
10.6 KB
Del
OK
genesis.py
21.75 KB
Del
OK
gentoo_service.py
9.18 KB
Del
OK
gentoolkitmod.py
8.39 KB
Del
OK
git.py
172.01 KB
Del
OK
github.py
53.19 KB
Del
OK
glanceng.py
4.69 KB
Del
OK
glassfish.py
19.49 KB
Del
OK
glusterfs.py
19.55 KB
Del
OK
gnomedesktop.py
6.85 KB
Del
OK
google_chat.py
1.52 KB
Del
OK
gpg.py
39.09 KB
Del
OK
grafana4.py
30.27 KB
Del
OK
grains.py
21.81 KB
Del
OK
groupadd.py
11.87 KB
Del
OK
grub_legacy.py
3.08 KB
Del
OK
guestfs.py
2.37 KB
Del
OK
hadoop.py
3.76 KB
Del
OK
haproxyconn.py
10.17 KB
Del
OK
hashutil.py
6.77 KB
Del
OK
heat.py
25.25 KB
Del
OK
helm.py
39.27 KB
Del
OK
hg.py
7.16 KB
Del
OK
highstate_doc.py
22.76 KB
Del
OK
hosts.py
10.47 KB
Del
OK
http.py
3.76 KB
Del
OK
icinga2.py
4.46 KB
Del
OK
idem.py
1.75 KB
Del
OK
ifttt.py
2.28 KB
Del
OK
ilo.py
15.98 KB
Del
OK
incron.py
7.68 KB
Del
OK
influxdb08mod.py
15.07 KB
Del
OK
influxdbmod.py
16.13 KB
Del
OK
infoblox.py
17.53 KB
Del
OK
ini_manage.py
14.63 KB
Del
OK
inspectlib
-
Del
OK
inspector.py
8.19 KB
Del
OK
introspect.py
4.02 KB
Del
OK
iosconfig.py
14.78 KB
Del
OK
ipmi.py
25.47 KB
Del
OK
ipset.py
17.97 KB
Del
OK
iptables.py
57.44 KB
Del
OK
iwtools.py
3.99 KB
Del
OK
jboss7.py
20.51 KB
Del
OK
jboss7_cli.py
15.23 KB
Del
OK
jenkinsmod.py
11.9 KB
Del
OK
jinja.py
2.66 KB
Del
OK
jira_mod.py
7.07 KB
Del
OK
junos.py
73.96 KB
Del
OK
k8s.py
24.87 KB
Del
OK
kapacitor.py
5.37 KB
Del
OK
kerberos.py
5.42 KB
Del
OK
kernelpkg_linux_apt.py
6.71 KB
Del
OK
kernelpkg_linux_yum.py
7.26 KB
Del
OK
key.py
1007 B
Del
OK
keyboard.py
2.64 KB
Del
OK
keystone.py
43.14 KB
Del
OK
keystoneng.py
21.82 KB
Del
OK
keystore.py
7.18 KB
Del
OK
kmod.py
7.65 KB
Del
OK
kubeadm.py
34.64 KB
Del
OK
kubernetesmod.py
46.77 KB
Del
OK
launchctl_service.py
9.69 KB
Del
OK
layman.py
4.22 KB
Del
OK
ldap3.py
18.81 KB
Del
OK
ldapmod.py
5.9 KB
Del
OK
libcloud_compute.py
23.48 KB
Del
OK
libcloud_dns.py
9.73 KB
Del
OK
libcloud_loadbalancer.py
13.14 KB
Del
OK
libcloud_storage.py
12.16 KB
Del
OK
linux_acl.py
7.7 KB
Del
OK
linux_ip.py
5.55 KB
Del
OK
linux_lvm.py
17.86 KB
Del
OK
linux_service.py
4.64 KB
Del
OK
linux_shadow.py
12.96 KB
Del
OK
linux_sysctl.py
7.5 KB
Del
OK
localemod.py
11.84 KB
Del
OK
locate.py
2.58 KB
Del
OK
logadm.py
9.44 KB
Del
OK
logmod.py
1.25 KB
Del
OK
logrotate.py
7.72 KB
Del
OK
lvs.py
11.54 KB
Del
OK
lxc.py
147.27 KB
Del
OK
lxd.py
90.07 KB
Del
OK
mac_assistive.py
11.37 KB
Del
OK
mac_brew_pkg.py
19.91 KB
Del
OK
mac_desktop.py
2.77 KB
Del
OK
mac_group.py
6.62 KB
Del
OK
mac_keychain.py
6.39 KB
Del
OK
mac_pkgutil.py
2.84 KB
Del
OK
mac_portspkg.py
11.36 KB
Del
OK
mac_power.py
13.29 KB
Del
OK
mac_service.py
19.64 KB
Del
OK
mac_shadow.py
14.23 KB
Del
OK
mac_softwareupdate.py
14.52 KB
Del
OK
mac_sysctl.py
5.13 KB
Del
OK
mac_system.py
15.07 KB
Del
OK
mac_timezone.py
8.34 KB
Del
OK
mac_user.py
16.41 KB
Del
OK
mac_xattr.py
6.27 KB
Del
OK
macdefaults.py
2.33 KB
Del
OK
macpackage.py
6.66 KB
Del
OK
makeconf.py
17.31 KB
Del
OK
mandrill.py
6.31 KB
Del
OK
marathon.py
5.36 KB
Del
OK
match.py
13 KB
Del
OK
mattermost.py
3.4 KB
Del
OK
mdadm_raid.py
9.86 KB
Del
OK
mdata.py
3.38 KB
Del
OK
memcached.py
6.13 KB
Del
OK
mine.py
18.84 KB
Del
OK
minion.py
7.68 KB
Del
OK
mod_random.py
7.18 KB
Del
OK
modjk.py
12.48 KB
Del
OK
mongodb.py
29.75 KB
Del
OK
monit.py
5.51 KB
Del
OK
moosefs.py
3.87 KB
Del
OK
mount.py
58.44 KB
Del
OK
mssql.py
14.64 KB
Del
OK
msteams.py
2.11 KB
Del
OK
munin.py
2.4 KB
Del
OK
mysql.py
90.66 KB
Del
OK
nacl.py
9.72 KB
Del
OK
nagios.py
6.53 KB
Del
OK
nagios_rpc.py
5.09 KB
Del
OK
namecheap_domains.py
12.84 KB
Del
OK
namecheap_domains_dns.py
5.93 KB
Del
OK
namecheap_domains_ns.py
4.51 KB
Del
OK
namecheap_ssl.py
25.69 KB
Del
OK
namecheap_users.py
2.4 KB
Del
OK
napalm_bgp.py
9.72 KB
Del
OK
napalm_formula.py
11.33 KB
Del
OK
napalm_mod.py
61.37 KB
Del
OK
napalm_netacl.py
28.59 KB
Del
OK
napalm_network.py
93.22 KB
Del
OK
napalm_ntp.py
10.22 KB
Del
OK
napalm_probes.py
13.25 KB
Del
OK
napalm_route.py
5.09 KB
Del
OK
napalm_snmp.py
7.05 KB
Del
OK
napalm_users.py
6.49 KB
Del
OK
napalm_yang_mod.py
20.28 KB
Del
OK
netaddress.py
1.6 KB
Del
OK
netbox.py
32.22 KB
Del
OK
netbsd_sysctl.py
3.92 KB
Del
OK
netbsdservice.py
6.43 KB
Del
OK
netmiko_mod.py
19.61 KB
Del
OK
netscaler.py
27.02 KB
Del
OK
network.py
63.42 KB
Del
OK
neutron.py
44.92 KB
Del
OK
neutronng.py
15.02 KB
Del
OK
nexus.py
22.95 KB
Del
OK
nfs3.py
3.9 KB
Del
OK
nftables.py
33.58 KB
Del
OK
nginx.py
3.83 KB
Del
OK
nilrt_ip.py
36.18 KB
Del
OK
nix.py
8.03 KB
Del
OK
nova.py
19.6 KB
Del
OK
npm.py
10.4 KB
Del
OK
nspawn.py
41.35 KB
Del
OK
nxos.py
24.65 KB
Del
OK
nxos_api.py
14.72 KB
Del
OK
nxos_upgrade.py
14.74 KB
Del
OK
omapi.py
3.6 KB
Del
OK
openbsd_sysctl.py
3.74 KB
Del
OK
openbsdpkg.py
10.97 KB
Del
OK
openbsdrcctl_service.py
6.33 KB
Del
OK
openbsdservice.py
8.31 KB
Del
OK
openscap.py
2.81 KB
Del
OK
openstack_config.py
3.21 KB
Del
OK
openstack_mng.py
2.71 KB
Del
OK
openvswitch.py
17.19 KB
Del
OK
opkg.py
49.67 KB
Del
OK
opsgenie.py
3.29 KB
Del
OK
oracle.py
5.82 KB
Del
OK
osquery.py
24.93 KB
Del
OK
out.py
2.53 KB
Del
OK
pacmanpkg.py
31.92 KB
Del
OK
pagerduty.py
4.7 KB
Del
OK
pagerduty_util.py
13.48 KB
Del
OK
pam.py
2.01 KB
Del
OK
panos.py
61.05 KB
Del
OK
parallels.py
19.85 KB
Del
OK
parted_partition.py
21.53 KB
Del
OK
pcs.py
14.11 KB
Del
OK
pdbedit.py
10.79 KB
Del
OK
pecl.py
3.79 KB
Del
OK
peeringdb.py
8.39 KB
Del
OK
pf.py
9.51 KB
Del
OK
philips_hue.py
1.55 KB
Del
OK
pillar.py
21.37 KB
Del
OK
pip.py
53.42 KB
Del
OK
pkg_resource.py
12.3 KB
Del
OK
pkgin.py
17.29 KB
Del
OK
pkgng.py
61.07 KB
Del
OK
pkgutil.py
9.85 KB
Del
OK
portage_config.py
22.73 KB
Del
OK
postfix.py
16.24 KB
Del
OK
postgres.py
88.24 KB
Del
OK
poudriere.py
7.85 KB
Del
OK
powerpath.py
2.57 KB
Del
OK
proxy.py
11.49 KB
Del
OK
ps.py
20.89 KB
Del
OK
publish.py
10.25 KB
Del
OK
puppet.py
10.9 KB
Del
OK
purefa.py
33.59 KB
Del
OK
purefb.py
13.69 KB
Del
OK
pushbullet.py
1.88 KB
Del
OK
pushover_notify.py
3.48 KB
Del
OK
pw_group.py
4.62 KB
Del
OK
pw_user.py
12.47 KB
Del
OK
pyenv.py
6.93 KB
Del
OK
qemu_img.py
1.53 KB
Del
OK
qemu_nbd.py
3.28 KB
Del
OK
quota.py
6.43 KB
Del
OK
rabbitmq.py
38.4 KB
Del
OK
rallydev.py
6.09 KB
Del
OK
random_org.py
23.76 KB
Del
OK
rbac_solaris.py
16.05 KB
Del
OK
rbenv.py
10.75 KB
Del
OK
rdp.py
6.08 KB
Del
OK
rebootmgr.py
7.68 KB
Del
OK
redismod.py
16.36 KB
Del
OK
reg.py
16.36 KB
Del
OK
rest_pkg.py
2.26 KB
Del
OK
rest_sample_utils.py
558 B
Del
OK
rest_service.py
3.63 KB
Del
OK
restartcheck.py
24.1 KB
Del
OK
restconf.py
3.15 KB
Del
OK
ret.py
1.27 KB
Del
OK
rh_ip.py
38.55 KB
Del
OK
rh_service.py
16.61 KB
Del
OK
riak.py
5.19 KB
Del
OK
rpm_lowpkg.py
27.67 KB
Del
OK
rpmbuild_pkgbuild.py
24.53 KB
Del
OK
rsync.py
8.04 KB
Del
OK
runit.py
17.17 KB
Del
OK
rvm.py
11.1 KB
Del
OK
s3.py
9.93 KB
Del
OK
s6.py
3.62 KB
Del
OK
salt_proxy.py
4.48 KB
Del
OK
salt_version.py
4.58 KB
Del
OK
saltcheck.py
46.66 KB
Del
OK
saltcloudmod.py
954 B
Del
OK
saltutil.py
57.49 KB
Del
OK
schedule.py
50.81 KB
Del
OK
scp_mod.py
6.22 KB
Del
OK
scsi.py
2.66 KB
Del
OK
sdb.py
2.48 KB
Del
OK
seed.py
8.87 KB
Del
OK
selinux.py
24.2 KB
Del
OK
sensehat.py
7.79 KB
Del
OK
sensors.py
1.3 KB
Del
OK
serverdensity_device.py
8.1 KB
Del
OK
servicenow.py
4.36 KB
Del
OK
slack_notify.py
7.83 KB
Del
OK
slackware_service.py
6.84 KB
Del
OK
slsutil.py
19.04 KB
Del
OK
smartos_imgadm.py
12.04 KB
Del
OK
smartos_nictagadm.py
6.46 KB
Del
OK
smartos_virt.py
5.21 KB
Del
OK
smartos_vmadm.py
26.2 KB
Del
OK
smbios.py
10.05 KB
Del
OK
smf_service.py
8.52 KB
Del
OK
smtp.py
5.41 KB
Del
OK
snapper.py
27.14 KB
Del
OK
solaris_fmadm.py
11.2 KB
Del
OK
solaris_group.py
2.8 KB
Del
OK
solaris_shadow.py
7.98 KB
Del
OK
solaris_system.py
3.72 KB
Del
OK
solaris_user.py
11.06 KB
Del
OK
solarisipspkg.py
18.68 KB
Del
OK
solarispkg.py
15.4 KB
Del
OK
solr.py
45.54 KB
Del
OK
solrcloud.py
14.63 KB
Del
OK
splunk.py
8.14 KB
Del
OK
splunk_search.py
8.76 KB
Del
OK
sqlite3.py
2.54 KB
Del
OK
ssh.py
43.89 KB
Del
OK
ssh_pkg.py
1.08 KB
Del
OK
ssh_service.py
3.39 KB
Del
OK
state.py
82.34 KB
Del
OK
status.py
57.79 KB
Del
OK
statuspage.py
14.67 KB
Del
OK
supervisord.py
11.15 KB
Del
OK
suse_apache.py
2.45 KB
Del
OK
suse_ip.py
35.72 KB
Del
OK
svn.py
10.75 KB
Del
OK
swarm.py
13.5 KB
Del
OK
swift.py
5.53 KB
Del
OK
sysbench.py
6.62 KB
Del
OK
sysfs.py
6.61 KB
Del
OK
syslog_ng.py
31.52 KB
Del
OK
sysmod.py
22.59 KB
Del
OK
sysrc.py
3.38 KB
Del
OK
system.py
19.28 KB
Del
OK
system_profiler.py
3.54 KB
Del
OK
systemd_service.py
46.29 KB
Del
OK
telegram.py
3.28 KB
Del
OK
telemetry.py
12.87 KB
Del
OK
temp.py
831 B
Del
OK
test.py
15.4 KB
Del
OK
test_virtual.py
237 B
Del
OK
testinframod.py
9.92 KB
Del
OK
textfsm_mod.py
16.22 KB
Del
OK
timezone.py
19.98 KB
Del
OK
tls.py
58.63 KB
Del
OK
tomcat.py
18.59 KB
Del
OK
trafficserver.py
10.44 KB
Del
OK
transactional_update.py
35.83 KB
Del
OK
travisci.py
2.05 KB
Del
OK
tuned.py
2.34 KB
Del
OK
twilio_notify.py
2.95 KB
Del
OK
udev.py
3.72 KB
Del
OK
upstart_service.py
16.92 KB
Del
OK
uptime.py
3.23 KB
Del
OK
useradd.py
22.63 KB
Del
OK
uwsgi.py
996 B
Del
OK
vagrant.py
20.4 KB
Del
OK
varnish.py
3.08 KB
Del
OK
vault.py
15.61 KB
Del
OK
vbox_guest.py
10.55 KB
Del
OK
vboxmanage.py
14.71 KB
Del
OK
vcenter.py
1.61 KB
Del
OK
victorops.py
6.54 KB
Del
OK
virt.py
287.71 KB
Del
OK
virtualenv_mod.py
15.09 KB
Del
OK
vmctl.py
9.56 KB
Del
OK
vsphere.py
380.41 KB
Del
OK
webutil.py
3.66 KB
Del
OK
win_auditpol.py
4.74 KB
Del
OK
win_autoruns.py
2.29 KB
Del
OK
win_certutil.py
4.55 KB
Del
OK
win_dacl.py
32.27 KB
Del
OK
win_disk.py
1.8 KB
Del
OK
win_dism.py
20.7 KB
Del
OK
win_dns_client.py
4.19 KB
Del
OK
win_dsc.py
27.54 KB
Del
OK
win_event.py
22.32 KB
Del
OK
win_file.py
64.39 KB
Del
OK
win_firewall.py
20.15 KB
Del
OK
win_groupadd.py
11.27 KB
Del
OK
win_iis.py
68.78 KB
Del
OK
win_ip.py
11.43 KB
Del
OK
win_lgpo.py
491.76 KB
Del
OK
win_lgpo_reg.py
17.9 KB
Del
OK
win_license.py
2.72 KB
Del
OK
win_network.py
13.9 KB
Del
OK
win_ntp.py
1.8 KB
Del
OK
win_path.py
11.12 KB
Del
OK
win_pkg.py
86.43 KB
Del
OK
win_pki.py
15.8 KB
Del
OK
win_powercfg.py
9.85 KB
Del
OK
win_psget.py
8.97 KB
Del
OK
win_servermanager.py
14.21 KB
Del
OK
win_service.py
32.96 KB
Del
OK
win_shadow.py
3.03 KB
Del
OK
win_shortcut.py
16.49 KB
Del
OK
win_smtp_server.py
17.67 KB
Del
OK
win_snmp.py
13.38 KB
Del
OK
win_status.py
16.94 KB
Del
OK
win_system.py
40.61 KB
Del
OK
win_task.py
79.17 KB
Del
OK
win_timezone.py
13.3 KB
Del
OK
win_useradd.py
27.39 KB
Del
OK
win_wua.py
38.29 KB
Del
OK
win_wusa.py
5.88 KB
Del
OK
winrepo.py
6.09 KB
Del
OK
wordpress.py
4.71 KB
Del
OK
x509.py
63.1 KB
Del
OK
x509_v2.py
74.15 KB
Del
OK
xapi_virt.py
24.07 KB
Del
OK
xbpspkg.py
15.84 KB
Del
OK
xfs.py
15.35 KB
Del
OK
xml.py
2.14 KB
Del
OK
xmpp.py
5.28 KB
Del
OK
yaml.py
1.94 KB
Del
OK
yumpkg.py
116.5 KB
Del
OK
zabbix.py
97.55 KB
Del
OK
zcbuildout.py
28.16 KB
Del
OK
zenoss.py
5.64 KB
Del
OK
zfs.py
34.44 KB
Del
OK
zk_concurrency.py
11.16 KB
Del
OK
znc.py
2.26 KB
Del
OK
zoneadm.py
15.05 KB
Del
OK
zonecfg.py
21.85 KB
Del
OK
zookeeper.py
14.72 KB
Del
OK
zpool.py
44.02 KB
Del
OK
zypperpkg.py
94.87 KB
Del
OK
Edit: lxd.py
""" Module for managing the LXD daemon and its containers. .. versionadded:: 2019.2.0 `LXD(1)`_ is a container "hypervisor". This execution module provides several functions to help manage it and its containers. .. note:: - `pylxd(2)`_ version >=2.2.5 is required to let this work, currently only available via pip. To install on Ubuntu: $ apt-get install libssl-dev python-pip $ pip install -U pylxd - you need lxd installed on the minion for the init() and version() methods. - for the config_get() and config_get() methods you need to have lxd-client installed. .. _LXD(1): https://linuxcontainers.org/lxd/ .. _pylxd(2): https://github.com/lxc/pylxd/blob/master/doc/source/installation.rst :maintainer: René Jochum <rene@jochums.at> :maturity: new :depends: python-pylxd :platform: Linux """ import logging import os from datetime import datetime import salt.utils.decorators.path import salt.utils.files from salt.exceptions import CommandExecutionError, SaltInvocationError from salt.utils.versions import Version try: import pylxd HAS_PYLXD = True import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) except ImportError: HAS_PYLXD = False log = logging.getLogger(__name__) __docformat__ = "restructuredtext en" _pylxd_minimal_version = "2.2.5" # Keep in sync with: https://github.com/lxc/lxd/blob/master/shared/osarch/architectures.go _architectures = { "unknown": "0", "i686": "1", "x86_64": "2", "armv7l": "3", "aarch64": "4", "ppc": "5", "ppc64": "6", "ppc64le": "7", "s390x": "8", } # Keep in sync with: https://github.com/lxc/lxd/blob/master/shared/api/status_code.go CONTAINER_STATUS_RUNNING = 103 __virtualname__ = "lxd" _connection_pool = {} def __virtual__(): if HAS_PYLXD: if Version(pylxd_version()) < Version(_pylxd_minimal_version): return ( False, 'The lxd execution module cannot be loaded: pylxd "{}" is ' 'not supported, you need at least pylxd "{}"'.format( pylxd_version(), _pylxd_minimal_version ), ) return __virtualname__ return ( False, "The lxd execution module cannot be loaded: " "the pylxd python module is not available.", ) ################ # LXD Management ################ @salt.utils.decorators.path.which("lxd") def version(): """ Returns the actual lxd version. CLI Example: .. code-block:: bash salt '*' lxd.version """ return __salt__["cmd.run"]("lxd --version") def pylxd_version(): """ Returns the actual pylxd version. CLI Example: .. code-block:: bash salt '*' lxd.pylxd_version """ return pylxd.__version__ @salt.utils.decorators.path.which("lxd") def init( storage_backend="dir", trust_password=None, network_address=None, network_port=None, storage_create_device=None, storage_create_loop=None, storage_pool=None, ): """ Calls lxd init --auto -- opts storage_backend : Storage backend to use (zfs or dir, default: dir) trust_password : Password required to add new clients network_address : None Address to bind LXD to (default: none) network_port : None Port to bind LXD to (Default: 8443) storage_create_device : None Setup device based storage using this DEVICE storage_create_loop : None Setup loop based storage with this SIZE in GB storage_pool : None Storage pool to use or create CLI Examples: To listen on all IPv4/IPv6 Addresses: .. code-block:: bash salt '*' lxd.init dir PaSsW0rD [::] To not listen on Network: .. code-block:: bash salt '*' lxd.init """ cmd = 'lxd init --auto --storage-backend="{}"'.format(storage_backend) if trust_password is not None: cmd = cmd + ' --trust-password="{}"'.format(trust_password) if network_address is not None: cmd = cmd + ' --network-address="{}"'.format(network_address) if network_port is not None: cmd = cmd + ' --network-port="{}"'.format(network_port) if storage_create_device is not None: cmd = cmd + ' --storage-create-device="{}"'.format(storage_create_device) if storage_create_loop is not None: cmd = cmd + ' --storage-create-loop="{}"'.format(storage_create_loop) if storage_pool is not None: cmd = cmd + ' --storage-pool="{}"'.format(storage_pool) try: output = __salt__["cmd.run"](cmd) except ValueError as e: raise CommandExecutionError( "Failed to call: '{}', error was: {}".format(cmd, str(e)), ) if "error:" in output: raise CommandExecutionError( output[output.index("error:") + 7 :], ) return output @salt.utils.decorators.path.which("lxd") @salt.utils.decorators.path.which("lxc") def config_set(key, value): """ Set an LXD daemon config option CLI Examples: To listen on IPv4 and IPv6 port 8443, you can omit the :8443 its the default: .. code-block:: bash salt '*' lxd.config_set core.https_address [::]:8443 To set the server trust password: .. code-block:: bash salt '*' lxd.config_set core.trust_password blah """ cmd = 'lxc config set "{}" "{}"'.format( key, value, ) output = __salt__["cmd.run"](cmd) if "error:" in output: raise CommandExecutionError( output[output.index("error:") + 7 :], ) return ('Config value "{}" successfully set.'.format(key),) @salt.utils.decorators.path.which("lxd") @salt.utils.decorators.path.which("lxc") def config_get(key): """ Get an LXD daemon config option key : The key of the config value to retrieve CLI Examples: .. code-block:: bash salt '*' lxd.config_get core.https_address """ cmd = 'lxc config get "{}"'.format(key) output = __salt__["cmd.run"](cmd) if "error:" in output: raise CommandExecutionError( output[output.index("error:") + 7 :], ) return output ####################### # Connection Management ####################### def pylxd_client_get(remote_addr=None, cert=None, key=None, verify_cert=True): """ Get an pyxld client, this is not meant to be run over the CLI. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. See the `requests-docs`_ for the SSL stuff. .. _requests-docs: http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification """ pool_key = "|".join( ( str(remote_addr), str(cert), str(key), str(verify_cert), ) ) if pool_key in _connection_pool: log.debug('Returning the client "%s" from our connection pool', remote_addr) return _connection_pool[pool_key] try: if remote_addr is None or remote_addr == "/var/lib/lxd/unix.socket": log.debug("Trying to connect to the local unix socket") client = pylxd.Client() else: if remote_addr.startswith("/"): client = pylxd.Client(remote_addr) else: if cert is None or key is None: raise SaltInvocationError( "You have to give a Cert and Key file for remote endpoints." ) cert = os.path.expanduser(cert) key = os.path.expanduser(key) if not os.path.isfile(cert): raise SaltInvocationError( 'You have given an invalid cert path: "{}", the ' "file does not exist or is not a file.".format(cert) ) if not os.path.isfile(key): raise SaltInvocationError( 'You have given an invalid key path: "{}", the ' "file does not exists or is not a file.".format(key) ) log.debug( 'Trying to connect to "%s" with cert "%s", key "%s" and ' 'verify_cert "%s"', remote_addr, cert, key, verify_cert, ) client = pylxd.Client( endpoint=remote_addr, cert=( cert, key, ), verify=verify_cert, ) except pylxd.exceptions.ClientConnectionFailed: raise CommandExecutionError("Failed to connect to '{}'".format(remote_addr)) except TypeError as e: # Happens when the verification failed. raise CommandExecutionError( 'Failed to connect to "{}", looks like the SSL verification ' "failed, error was: {}".format(remote_addr, str(e)) ) _connection_pool[pool_key] = client return client def pylxd_save_object(obj): """Saves an object (profile/image/container) and translate its execpetion on failure obj : The object to save This is an internal method, no CLI Example. """ try: obj.save(wait=True) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) return True def authenticate(remote_addr, password, cert, key, verify_cert=True): """ Authenticate with a remote LXDaemon. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 password : The password of the remote. cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false See the `requests-docs`_ for the SSL stuff. .. _requests-docs: http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) if client.trusted: return True try: client.authenticate(password) except pylxd.exceptions.LXDAPIException as e: # Wrong password raise CommandExecutionError(str(e)) return client.trusted ###################### # Container Management ###################### def container_list( list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Lists containers list_names : False Only return a list of names when True remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: Full dict with all available information: .. code-block:: bash salt '*' lxd.container_list For a list of names: .. code-block:: bash salt '*' lxd.container_list true See also `container-attributes`_. .. _container-attributes: https://github.com/lxc/pylxd/blob/master/doc/source/containers.rst#container-attributes """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) containers = client.containers.all() if list_names: return [c.name for c in containers] return map(_pylxd_model_to_dict, containers) def container_create( name, source, profiles=None, config=None, devices=None, architecture="x86_64", ephemeral=False, wait=True, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False, ): """ Create a container name : The name of the container source : Can be either a string containing an image alias: "xenial/amd64" or an dict with type "image" with alias: {"type": "image", "alias": "xenial/amd64"} or image with "fingerprint": {"type": "image", "fingerprint": "SHA-256"} or image with "properties": {"type": "image", "properties": { "os": "ubuntu", "release": "14.04", "architecture": "x86_64"}} or none: {"type": "none"} or copy: {"type": "copy", "source": "my-old-container"} profiles : ['default'] List of profiles to apply on this container config : A config dict or None (None = unset). Can also be a list: [{'key': 'boot.autostart', 'value': 1}, {'key': 'security.privileged', 'value': '1'}] devices : A device dict or None (None = unset). architecture : 'x86_64' Can be one of the following: * unknown * i686 * x86_64 * armv7l * aarch64 * ppc * ppc64 * ppc64le * s390x ephemeral : False Destroy this container after stop? remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : False Return the raw pyxld object or a dict? CLI Examples: .. code-block:: bash salt '*' lxd.container_create test xenial/amd64 See also the `rest-api-docs`_. .. _rest-api-docs: https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1 """ if profiles is None: profiles = ["default"] if config is None: config = {} if devices is None: devices = {} client = pylxd_client_get(remote_addr, cert, key, verify_cert) if not isinstance(profiles, (list, tuple, set)): raise SaltInvocationError("'profiles' must be formatted as list/tuple/set.") if architecture not in _architectures: raise SaltInvocationError( "Unknown architecture '{}' given for the container '{}'".format( architecture, name ) ) if isinstance(source, str): source = {"type": "image", "alias": source} config, devices = normalize_input_values(config, devices) try: container = client.containers.create( { "name": name, "architecture": _architectures[architecture], "profiles": profiles, "source": source, "config": config, "ephemeral": ephemeral, }, wait=wait, ) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) if not wait: return container.json()["operation"] # Add devices if not wait and devices have been given. if devices: for dn, dargs in devices.items(): container_device_add(name, dn, **dargs) if _raw: return container return _pylxd_model_to_dict(container) def container_get( name=None, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Gets a container from the LXD name : The name of the container to get. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : Return the pylxd object, this is internal and by states in use. """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) if name is None: containers = client.containers.all() if _raw: return containers else: containers = [] try: containers = [client.containers.get(name)] except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Container '{}' not found".format(name)) if _raw: return containers[0] infos = [] for container in containers: infos.append(dict([(container.name, _pylxd_model_to_dict(container))])) return infos def container_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Delete a container name : Name of the container to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.delete(wait=True) return True def container_rename( name, newname, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Rename a container name : Name of the container to Rename newname : The new name of the container remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) if container.status_code == CONTAINER_STATUS_RUNNING: raise SaltInvocationError( "Can't rename the running container '{}'.".format(name) ) container.rename(newname, wait=True) return _pylxd_model_to_dict(container) def container_state(name=None, remote_addr=None, cert=None, key=None, verify_cert=True): """ Get container state remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) if name is None: containers = client.containers.all() else: try: containers = [client.containers.get(name)] except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Container '{}' not found".format(name)) states = [] for container in containers: state = {} state = container.state() states.append( dict( [ ( container.name, { k: getattr(state, k) for k in dir(state) if not k.startswith("_") }, ) ] ) ) return states def container_start(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Start a container name : Name of the container to start remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.start(wait=True) return _pylxd_model_to_dict(container) def container_stop( name, timeout=30, force=True, remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Stop a container name : Name of the container to stop remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.stop(timeout, force, wait=True) return _pylxd_model_to_dict(container) def container_restart(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Restart a container name : Name of the container to restart remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.restart(wait=True) return _pylxd_model_to_dict(container) def container_freeze(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Freeze a container name : Name of the container to freeze remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.freeze(wait=True) return _pylxd_model_to_dict(container) def container_unfreeze(name, remote_addr=None, cert=None, key=None, verify_cert=True): """ Unfreeze a container name : Name of the container to unfreeze remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) container.unfreeze(wait=True) return _pylxd_model_to_dict(container) def container_migrate( name, stop_and_start=False, remote_addr=None, cert=None, key=None, verify_cert=True, src_remote_addr=None, src_cert=None, src_key=None, src_verify_cert=None, ): """Migrate a container. If the container is running, it either must be shut down first (use stop_and_start=True) or criu must be installed on the source and destination machines. For this operation both certs need to be authenticated, use :mod:`lxd.authenticate <salt.modules.lxd.authenticate` to authenticate your cert(s). name : Name of the container to migrate stop_and_start : Stop the container on the source and start it on dest remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash # Authorize salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false salt '*' lxd.authenticate https://srv02:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false # Migrate phpmyadmin from srv01 to srv02 salt '*' lxd.container_migrate phpmyadmin stop_and_start=true remote_addr=https://srv02:8443 cert=~/.config/lxc/client.crt key=~/.config/lxc/client.key verify_cert=False src_remote_addr=https://srv01:8443 """ if src_cert is None: src_cert = cert if src_key is None: src_key = key if src_verify_cert is None: src_verify_cert = verify_cert container = container_get( name, src_remote_addr, src_cert, src_key, src_verify_cert, _raw=True ) dest_client = pylxd_client_get(remote_addr, cert, key, verify_cert) for pname in container.profiles: try: dest_client.profiles.get(pname) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError( "not all the profiles from the source exist on the target" ) was_running = container.status_code == CONTAINER_STATUS_RUNNING if stop_and_start and was_running: container.stop(wait=True) try: dest_container = container.migrate(dest_client, wait=True) dest_container.profiles = container.profiles dest_container.save() except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Remove the source container container.delete(wait=True) if stop_and_start and was_running: dest_container.start(wait=True) return _pylxd_model_to_dict(dest_container) def container_config_get( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Get a container config value name : Name of the container config_key : The config key to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(container, "config", config_key) def container_config_set( name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Set a container config value name : Name of the container config_key : The config key to set config_value : The config value to set remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _set_property_dict_item(container, "config", config_key, config_value) def container_config_delete( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Delete a container config value name : Name of the container config_key : The config key to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(container, "config", config_key) def container_device_get( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Get a container device name : Name of the container device_name : The device name to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(container, "devices", device_name) def container_device_add( name, device_name, device_type="disk", remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs ): """ Add a container device name : Name of the container device_name : The device name to add device_type : Type of the device ** kwargs : Additional device args remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) kwargs["type"] = device_type return _set_property_dict_item(container, "devices", device_name, kwargs) def container_device_delete( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Delete a container device name : Name of the container device_name : The device name to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(container, "devices", device_name) def container_file_put( name, src, dst, recursive=False, overwrite=False, mode=None, uid=None, gid=None, saltenv="base", remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Put a file into a container name : Name of the container src : The source file or directory dst : The destination file or directory recursive : Decent into src directory overwrite : Replace destination if it exists mode : Set file mode to octal number uid : Set file uid (owner) gid : Set file gid (group) remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.container_file_put <container name> /var/tmp/foo /var/tmp/ """ # Possibilities: # (src, dst, dir, dir1, and dir2 are directories) # cp /src/file1 /dst/file1 # cp /src/file1 /dst/file2 # cp /src/file1 /dst # cp /src/file1 /dst/ # cp -r /src/dir /dst/ # cp -r /src/dir/ /dst/ # cp -r /src/dir1 /dst/dir2 (which is not /src/dir1 /dst/dir2/) # cp -r /src/dir1 /dst/dir2/ # Fix mode. Salt commandline doesn't use octals, so 0600 will be # the decimal integer 600 (and not the octal 0600). So, it it's # and integer, handle it as if it where a octal representation. mode = str(mode) if not mode.startswith("0"): mode = "0{}".format(mode) container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) src = os.path.expanduser(src) if not os.path.isabs(src): if src.find("://") >= 0: cached_file = __salt__["cp.cache_file"](src, saltenv=saltenv) if not cached_file: raise SaltInvocationError("File '{}' not found".format(src)) if not os.path.isabs(cached_file): raise SaltInvocationError("File path must be absolute.") src = cached_file # Make sure that src doesn't end with '/', unless it's '/' src = src.rstrip(os.path.sep) if not src: src = os.path.sep if not os.path.exists(src): raise CommandExecutionError("No such file or directory '{}'".format(src)) if os.path.isdir(src) and not recursive: raise SaltInvocationError( "Cannot copy overwriting a directory without recursive flag set to true!" ) try: dst_is_directory = False container.files.get(os.path.join(dst, ".")) except pylxd.exceptions.NotFound: pass except pylxd.exceptions.LXDAPIException as why: if str(why).find("Is a directory") >= 0: dst_is_directory = True if os.path.isfile(src): # Source is a file if dst_is_directory: dst = os.path.join(dst, os.path.basename(src)) if not overwrite: found = True try: container.files.get(os.path.join(dst)) except pylxd.exceptions.NotFound: found = False except pylxd.exceptions.LXDAPIException as why: if str(why).find("not found") >= 0: # Old version of pylxd found = False else: raise if found: raise SaltInvocationError( "Destination exists and overwrite is false" ) if mode is not None or uid is not None or gid is not None: # Need to get file stats stat = os.stat(src) if mode is None: mode = oct(stat.st_mode) if uid is None: uid = stat.st_uid if gid is None: gid = stat.st_gid with salt.utils.files.fopen(src, "rb") as src_fp: container.files.put(dst, src_fp.read(), mode=mode, uid=uid, gid=gid) return True elif not os.path.isdir(src): raise SaltInvocationError("Source is neither file nor directory") # Source is a directory # idx for dstdir = dst + src[idx:] if dst.endswith(os.sep): idx = len(os.path.dirname(src)) elif dst_is_directory: idx = len(src) else: # Destination is not a directory and doesn't end with '/' # Check that the parent directory of dst exists # and is a directory try: container.files.get(os.path.join(os.path.dirname(dst), ".")) except pylxd.exceptions.NotFound: pass except pylxd.exceptions.LXDAPIException as why: if str(why).find("Is a directory") >= 0: dst_is_directory = True # destination is non-existent # cp -r /src/dir1 /scr/dir1 # cp -r /src/dir1 /scr/dir2 idx = len(src) overwrite = True # Copy src directory recursive if not overwrite: raise SaltInvocationError("Destination exists and overwrite is false") # Collect all directories first, to create them in one call # (for performance reasons) dstdirs = [] for path, _, files in os.walk(src): dstdir = os.path.join(dst, path[idx:].lstrip(os.path.sep)) dstdirs.append(dstdir) container.execute(["mkdir", "-p"] + dstdirs) set_mode = mode set_uid = uid set_gid = gid # Now transfer the files for path, _, files in os.walk(src): dstdir = os.path.join(dst, path[idx:].lstrip(os.path.sep)) for name in files: src_name = os.path.join(path, name) dst_name = os.path.join(dstdir, name) if mode is not None or uid is not None or gid is not None: # Need to get file stats stat = os.stat(src_name) if mode is None: set_mode = oct(stat.st_mode) if uid is None: set_uid = stat.st_uid if gid is None: set_gid = stat.st_gid with salt.utils.files.fopen(src_name, "rb") as src_fp: container.files.put( dst_name, src_fp.read(), mode=set_mode, uid=set_uid, gid=set_gid ) return True def container_file_get( name, src, dst, overwrite=False, mode=None, uid=None, gid=None, remote_addr=None, cert=None, key=None, verify_cert=True, ): """ Get a file from a container name : Name of the container src : The source file or directory dst : The destination file or directory mode : Set file mode to octal number uid : Set file uid (owner) gid : Set file gid (group) remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. """ # Fix mode. Salt commandline doesn't use octals, so 0600 will be # the decimal integer 600 (and not the octal 0600). So, it it's # and integer, handle it as if it where a octal representation. # Do only if mode is not None, otherwise we get 0None if mode is not None: mode = str(mode) if not mode.startswith("0"): mode = "0{}".format(mode) container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) dst = os.path.expanduser(dst) if not os.path.isabs(dst): raise SaltInvocationError("File path must be absolute.") if os.path.isdir(dst): dst = os.path.join(dst, os.path.basename(src)) elif not os.path.isdir(os.path.dirname(dst)): raise SaltInvocationError("Parent directory for destination doesn't exist.") if os.path.exists(dst): if not overwrite: raise SaltInvocationError("Destination exists and overwrite is false.") if not os.path.isfile(dst): raise SaltInvocationError("Destination exists but is not a file.") else: dst_path = os.path.dirname(dst) if not os.path.isdir(dst_path): raise CommandExecutionError( "No such file or directory '{}'".format(dst_path) ) # Seems to be duplicate of line 1794, produces /path/file_name/file_name # dst = os.path.join(dst, os.path.basename(src)) with salt.utils.files.fopen(dst, "wb") as df: df.write(container.files.get(src)) if mode: os.chmod(dst, mode) if uid or uid == "0": uid = int(uid) else: uid = -1 if gid or gid == "0": gid = int(gid) else: gid = -1 if uid != -1 or gid != -1: os.chown(dst, uid, gid) return True def container_execute( name, cmd, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Execute a command list on a container. name : Name of the container cmd : Command to be executed (as a list) Example : '["ls", "-l"]' remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.container_execute <container name> '["ls", "-l"]' """ container = container_get(name, remote_addr, cert, key, verify_cert, _raw=True) try: result = container.execute(cmd) saltresult = {} if not hasattr(result, "exit_code"): saltresult = dict( exit_code=0, stdout=result[0], stderr=result[1], ) else: saltresult = dict( exit_code=result.exit_code, stdout=result.stdout, stderr=result.stderr, ) except pylxd.exceptions.NotFound as e: # TODO: Using exit_code 0 here is not always right, # in the most cases the command worked ok though. # See: https://github.com/lxc/pylxd/issues/280 saltresult = dict(exit_code=0, stdout="", stderr=str(e)) if int(saltresult["exit_code"]) > 0: saltresult["result"] = False else: saltresult["result"] = True return saltresult #################### # Profile Management #################### def profile_list( list_names=False, remote_addr=None, cert=None, key=None, verify_cert=True ): """Lists all profiles from the LXD. list_names : Return a list of names instead of full blown dicts. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.profile_list true --out=json salt '*' lxd.profile_list --out=json """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) profiles = client.profiles.all() if list_names: return [p.name for p in profiles] return map(_pylxd_model_to_dict, profiles) def profile_create( name, config=None, devices=None, description=None, remote_addr=None, cert=None, key=None, verify_cert=True, ): """Creates a profile. name : The name of the profile to get. config : A config dict or None (None = unset). Can also be a list: [{'key': 'boot.autostart', 'value': 1}, {'key': 'security.privileged', 'value': '1'}] devices : A device dict or None (None = unset). description : A description string or None (None = unset). remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.profile_create autostart config="{boot.autostart: 1, boot.autostart.delay: 2, boot.autostart.priority: 1}" salt '*' lxd.profile_create shared_mounts devices="{shared_mount: {type: 'disk', source: '/home/shared', path: '/home/shared'}}" See the `lxd-docs`_ for the details about the config and devices dicts. .. _lxd-docs: https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-10 """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) config, devices = normalize_input_values(config, devices) try: profile = client.profiles.create(name, config, devices) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) if description is not None: profile.description = description pylxd_save_object(profile) return _pylxd_model_to_dict(profile) def profile_get( name, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Gets a profile from the LXD name : The name of the profile to get. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : Return the pylxd object, this is internal and by states in use. CLI Examples: .. code-block:: bash salt '*' lxd.profile_get autostart """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) profile = None try: profile = client.profiles.get(name) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Profile '{}' not found".format(name)) if _raw: return profile return _pylxd_model_to_dict(profile) def profile_delete(name, remote_addr=None, cert=None, key=None, verify_cert=True): """Deletes a profile. name : The name of the profile to delete. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_delete shared_mounts """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) profile.delete() return True def profile_config_get( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """Get a profile config item. name : The name of the profile to get the config item from. config_key : The key for the item to retrieve. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_config_get autostart boot.autostart """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(profile, "config", config_key) def profile_config_set( name, config_key, config_value, remote_addr=None, cert=None, key=None, verify_cert=True, ): """Set a profile config item. name : The name of the profile to set the config item to. config_key : The items key. config_value : Its items value. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_config_set autostart boot.autostart 0 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _set_property_dict_item(profile, "config", config_key, config_value) def profile_config_delete( name, config_key, remote_addr=None, cert=None, key=None, verify_cert=True ): """Delete a profile config item. name : The name of the profile to delete the config item. config_key : The config key for the value to retrieve. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_config_delete autostart boot.autostart.delay """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(profile, "config", config_key) def profile_device_get( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """Get a profile device. name : The name of the profile to get the device from. device_name : The name of the device to retrieve. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_device_get default eth0 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _get_property_dict_item(profile, "devices", device_name) def profile_device_set( name, device_name, device_type="disk", remote_addr=None, cert=None, key=None, verify_cert=True, **kwargs ): """Set a profile device. name : The name of the profile to set the device to. device_name : The name of the device to set. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_device_set autostart eth1 nic nictype=bridged parent=lxdbr0 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) kwargs["type"] = device_type for k, v in kwargs.items(): kwargs[k] = str(v) return _set_property_dict_item(profile, "devices", device_name, kwargs) def profile_device_delete( name, device_name, remote_addr=None, cert=None, key=None, verify_cert=True ): """Delete a profile device. name : The name of the profile to delete the device. device_name : The name of the device to delete. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Example: .. code-block:: bash salt '*' lxd.profile_device_delete autostart eth1 """ profile = profile_get(name, remote_addr, cert, key, verify_cert, _raw=True) return _delete_property_dict_item(profile, "devices", device_name) ################## # Image Management ################## def image_list( list_aliases=False, remote_addr=None, cert=None, key=None, verify_cert=True ): """Lists all images from the LXD. list_aliases : Return a dict with the fingerprint as key and a list of aliases as value instead. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_list true --out=json salt '*' lxd.image_list --out=json """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) images = client.images.all() if list_aliases: return {i.fingerprint: [a["name"] for a in i.aliases] for i in images} return map(_pylxd_model_to_dict, images) def image_get( fingerprint, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Get an image by its fingerprint fingerprint : The fingerprint of the image to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : False Return the raw pylxd object or a dict of it? CLI Examples: .. code-block:: bash salt '*' lxd.image_get <fingerprint> """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) image = None try: image = client.images.get(fingerprint) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError( "Image with fingerprint '{}' not found".format(fingerprint) ) if _raw: return image return _pylxd_model_to_dict(image) def image_get_by_alias( alias, remote_addr=None, cert=None, key=None, verify_cert=True, _raw=False ): """Get an image by an alias alias : The alias of the image to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. _raw : False Return the raw pylxd object or a dict of it? CLI Examples: .. code-block:: bash salt '*' lxd.image_get_by_alias xenial/amd64 """ client = pylxd_client_get(remote_addr, cert, key, verify_cert) image = None try: image = client.images.get_by_alias(alias) except pylxd.exceptions.LXDAPIException: raise SaltInvocationError("Image with alias '{}' not found".format(alias)) if _raw: return image return _pylxd_model_to_dict(image) def image_delete(image, remote_addr=None, cert=None, key=None, verify_cert=True): """Delete an image by an alias or fingerprint name : The alias or fingerprint of the image to delete, can be a obj for the states. remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_delete xenial/amd64 """ image = _verify_image(image, remote_addr, cert, key, verify_cert) image.delete() return True def image_from_simplestreams( server, alias, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False, ): """Create an image from simplestreams server : Simplestreams server URI alias : The alias of the image to retrieve remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : False Make this image public available auto_update : False Should LXD auto update that image? _raw : False Return the raw pylxd object or a dict of the image? CLI Examples: .. code-block:: bash salt '*' lxd.image_from_simplestreams "https://cloud-images.ubuntu.com/releases" "trusty/amd64" aliases='["t", "trusty/amd64"]' auto_update=True """ if aliases is None: aliases = [] client = pylxd_client_get(remote_addr, cert, key, verify_cert) try: image = client.images.create_from_simplestreams( server, alias, public=public, auto_update=auto_update ) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Aliases support for alias in aliases: image_alias_add(image, alias) if _raw: return image return _pylxd_model_to_dict(image) def image_from_url( url, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, auto_update=False, _raw=False, ): """Create an image from an url url : The URL from where to download the image remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : False Make this image public available auto_update : False Should LXD auto update that image? _raw : False Return the raw pylxd object or a dict of the image? CLI Examples: .. code-block:: bash salt '*' lxd.image_from_url https://dl.stgraber.org/lxd aliases='["busybox-amd64"]' """ if aliases is None: aliases = [] client = pylxd_client_get(remote_addr, cert, key, verify_cert) try: image = client.images.create_from_url( url, public=public, auto_update=auto_update ) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Aliases support for alias in aliases: image_alias_add(image, alias) if _raw: return image return _pylxd_model_to_dict(image) def image_from_file( filename, remote_addr=None, cert=None, key=None, verify_cert=True, aliases=None, public=False, saltenv="base", _raw=False, ): """Create an image from a file filename : The filename of the rootfs remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : False Make this image public available saltenv : base The saltenv to use for salt:// copies _raw : False Return the raw pylxd object or a dict of the image? CLI Examples: .. code-block:: bash salt '*' lxd.image_from_file salt://lxd/files/busybox.tar.xz aliases=["busybox-amd64"] """ if aliases is None: aliases = [] cached_file = __salt__["cp.cache_file"](filename, saltenv=saltenv) data = b"" with salt.utils.files.fopen(cached_file, "r+b") as fp: data = fp.read() client = pylxd_client_get(remote_addr, cert, key, verify_cert) try: image = client.images.create(data, public=public, wait=True) except pylxd.exceptions.LXDAPIException as e: raise CommandExecutionError(str(e)) # Aliases support for alias in aliases: image_alias_add(image, alias) if _raw: return image return _pylxd_model_to_dict(image) def image_copy_lxd( source, src_remote_addr, src_cert, src_key, src_verify_cert, remote_addr, cert, key, verify_cert=True, aliases=None, public=None, auto_update=None, _raw=False, ): """Copy an image from another LXD instance source : An alias or a fingerprint of the source. src_remote_addr : An URL to the source remote daemon Examples: https://mysourceserver.lan:8443 src_cert : PEM Formatted SSL Certificate for the source Examples: ~/.config/lxc/client.crt src_key : PEM Formatted SSL Key for the source Examples: ~/.config/lxc/client.key src_verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. remote_addr : Address of the destination daemon Examples: https://mydestserver.lan:8443 cert : PEM Formatted SSL Certificate for the destination Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key for the destination Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. aliases : [] List of aliases to append to the copied image public : None Make this image public available, None = copy source auto_update : None Wherever to auto-update from the original source, None = copy source _raw : False Return the raw pylxd object or a dict of the destination image? CLI Examples: .. code-block:: bash salt '*' lxd.image_copy_lxd xenial/amd64 https://srv01:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false https://srv02:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false aliases="['xenial/amd64']" """ if aliases is None: aliases = [] log.debug( 'Trying to copy the image "%s" from "%s" to "%s"', source, src_remote_addr, remote_addr, ) # This will fail with a SaltInvocationError if # the image doesn't exists on the source and with a CommandExecutionError # on connection problems. src_image = None try: src_image = image_get_by_alias( source, src_remote_addr, src_cert, src_key, src_verify_cert, _raw=True ) except SaltInvocationError: src_image = image_get( source, src_remote_addr, src_cert, src_key, src_verify_cert, _raw=True ) # Will fail with a CommandExecutionError on connection problems. dest_client = pylxd_client_get(remote_addr, cert, key, verify_cert) dest_image = src_image.copy( dest_client, public=public, auto_update=auto_update, wait=True ) # Aliases support for alias in aliases: image_alias_add(dest_image, alias) if _raw: return dest_image return _pylxd_model_to_dict(dest_image) def image_alias_add( image, alias, description="", remote_addr=None, cert=None, key=None, verify_cert=True, ): """Create an alias on the given image image : An image alias, a fingerprint or a image object alias : The alias to add description : Description of the alias remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64" """ image = _verify_image(image, remote_addr, cert, key, verify_cert) for alias_info in image.aliases: if alias_info["name"] == alias: return True image.add_alias(alias, description) return True def image_alias_delete( image, alias, remote_addr=None, cert=None, key=None, verify_cert=True ): """Delete an alias (this is currently not restricted to the image) image : An image alias, a fingerprint or a image object alias : The alias to delete remote_addr : An URL to a remote Server, you also have to give cert and key if you provide remote_addr and its a TCP Address! Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Wherever to verify the cert, this is by default True but in the most cases you want to set it off as LXD normally uses self-signed certificates. CLI Examples: .. code-block:: bash salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64" """ image = _verify_image(image, remote_addr, cert, key, verify_cert) try: image.delete_alias(alias) except pylxd.exceptions.LXDAPIException: return False return True ##################### # Snapshot Management ##################### def snapshots_all(container, remote_addr=None, cert=None, key=None, verify_cert=True): """ Get all snapshots for a container container : The name of the container to get. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_all test-container """ containers = container_get( container, remote_addr, cert, key, verify_cert, _raw=True ) if container: containers = [containers] ret = {} for cont in containers: ret.update({cont.name: [{"name": c.name} for c in cont.snapshots.all()]}) return ret def snapshots_create( container, name=None, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Create a snapshot for a container container : The name of the container to get. name : The name of the snapshot. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_create test-container test-snapshot """ cont = container_get(container, remote_addr, cert, key, verify_cert, _raw=True) if not name: name = datetime.now().strftime("%Y%m%d%H%M%S") cont.snapshots.create(name) for c in snapshots_all(container).get(container): if c.get("name") == name: return {"name": name} return {"name": False} def snapshots_delete( container, name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Delete a snapshot for a container container : The name of the container to get. name : The name of the snapshot. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_delete test-container test-snapshot """ cont = container_get(container, remote_addr, cert, key, verify_cert, _raw=True) try: for s in cont.snapshots.all(): if s.name == name: s.delete() return True except pylxd.exceptions.LXDAPIException: pass return False def snapshots_get( container, name, remote_addr=None, cert=None, key=None, verify_cert=True ): """ Get information about snapshot for a container container : The name of the container to get. name : The name of the snapshot. remote_addr : An URL to a remote server. The 'cert' and 'key' fields must also be provided if 'remote_addr' is defined. Examples: https://myserver.lan:8443 /var/lib/mysocket.sock cert : PEM Formatted SSL Certificate. Examples: ~/.config/lxc/client.crt key : PEM Formatted SSL Key. Examples: ~/.config/lxc/client.key verify_cert : True Verify the ssl certificate. Default: True CLI Examples: .. code-block:: bash salt '*' lxd.snapshots_get test-container test-snapshot """ container = container_get(container, remote_addr, cert, key, verify_cert, _raw=True) return container.snapshots.get(name) ################ # Helper Methods ################ def normalize_input_values(config, devices): """ normalize config input so returns can be put into mongodb, which doesn't like `.` This is not meant to be used on the commandline. CLI Examples: .. code-block:: bash salt '*' lxd.normalize_input_values config={} devices={} """ if isinstance(config, list): if config and "key" in config[0] and "value" in config[0]: config = {d["key"]: d["value"] for d in config} else: config = {} if isinstance(config, str): raise SaltInvocationError("config can't be a string, validate your YAML input.") if isinstance(devices, str): raise SaltInvocationError( "devices can't be a string, validate your YAML input." ) # Golangs wants strings if config is not None: for k, v in config.items(): config[k] = str(v) if devices is not None: for dn in devices: for k, v in devices[dn].items(): devices[dn][k] = v return ( config, devices, ) def sync_config_devices(obj, newconfig, newdevices, test=False): """Syncs the given config and devices with the object (a profile or a container) returns a changes dict with all changes made. obj : The object to sync with / or just test with. newconfig: The new config to check with the obj. newdevices: The new devices to check with the obj. test: Wherever to not change anything and give "Would change" message. """ changes = {} # # config changes # if newconfig is None: newconfig = {} newconfig = dict( list(zip(map(str, newconfig.keys()), map(str, newconfig.values()))) ) cck = set(newconfig.keys()) obj.config = dict( list(zip(map(str, obj.config.keys()), map(str, obj.config.values()))) ) ock = set(obj.config.keys()) config_changes = {} # Removed keys for k in ock.difference(cck): # Ignore LXD internals. if k.startswith("volatile.") or k.startswith("image."): continue if not test: config_changes[k] = 'Removed config key "{}", its value was "{}"'.format( k, obj.config[k] ) del obj.config[k] else: config_changes[k] = 'Would remove config key "{} with value "{}"'.format( k, obj.config[k] ) # same keys for k in cck.intersection(ock): # Ignore LXD internals. if k.startswith("volatile.") or k.startswith("image."): continue if newconfig[k] != obj.config[k]: if not test: config_changes[ k ] = 'Changed config key "{}" to "{}", its value was "{}"'.format( k, newconfig[k], obj.config[k] ) obj.config[k] = newconfig[k] else: config_changes[ k ] = 'Would change config key "{}" to "{}", its current value is "{}"'.format( k, newconfig[k], obj.config[k] ) # New keys for k in cck.difference(ock): # Ignore LXD internals. if k.startswith("volatile.") or k.startswith("image."): continue if not test: config_changes[k] = 'Added config key "{}" = "{}"'.format(k, newconfig[k]) obj.config[k] = newconfig[k] else: config_changes[k] = 'Would add config key "{}" = "{}"'.format( k, newconfig[k] ) if config_changes: changes["config"] = config_changes # # devices changes # if newdevices is None: newdevices = {} dk = set(obj.devices.keys()) ndk = set(newdevices.keys()) devices_changes = {} # Removed devices for k in dk.difference(ndk): # Ignore LXD internals. if k == "root": continue if not test: devices_changes[k] = 'Removed device "{}"'.format(k) del obj.devices[k] else: devices_changes[k] = 'Would remove device "{}"'.format(k) # Changed devices for k, v in obj.devices.items(): # Ignore LXD internals also for new devices. if k == "root": continue if k not in newdevices: # In test mode we don't delete devices above. continue if newdevices[k] != v: if not test: devices_changes[k] = 'Changed device "{}"'.format(k) obj.devices[k] = newdevices[k] else: devices_changes[k] = 'Would change device "{}"'.format(k) # New devices for k in ndk.difference(dk): # Ignore LXD internals. if k == "root": continue if not test: devices_changes[k] = 'Added device "{}"'.format(k) obj.devices[k] = newdevices[k] else: devices_changes[k] = 'Would add device "{}"'.format(k) if devices_changes: changes["devices"] = devices_changes return changes def _set_property_dict_item(obj, prop, key, value): """Sets the dict item key of the attr from obj. Basicaly it does getattr(obj, prop)[key] = value. For the disk device we added some checks to make device changes on the CLI saver. """ attr = getattr(obj, prop) if prop == "devices": device_type = value["type"] if device_type == "disk": if "path" not in value: raise SaltInvocationError("path must be given as parameter") if value["path"] != "/" and "source" not in value: raise SaltInvocationError("source must be given as parameter") for k in value.keys(): if k.startswith("__"): del value[k] attr[key] = value else: # config attr[key] = str(value) pylxd_save_object(obj) return _pylxd_model_to_dict(obj) def _get_property_dict_item(obj, prop, key): attr = getattr(obj, prop) if key not in attr: raise SaltInvocationError("'{}' doesn't exists".format(key)) return attr[key] def _delete_property_dict_item(obj, prop, key): attr = getattr(obj, prop) if key not in attr: raise SaltInvocationError("'{}' doesn't exists".format(key)) del attr[key] pylxd_save_object(obj) return True def _verify_image(image, remote_addr=None, cert=None, key=None, verify_cert=True): # Get image by alias/fingerprint or check for fingerprint attribute if isinstance(image, str): name = image # This will fail with a SaltInvocationError if # the image doesn't exists on the source and with a # CommandExecutionError on connection problems. image = None try: image = image_get_by_alias( name, remote_addr, cert, key, verify_cert, _raw=True ) except SaltInvocationError: image = image_get(name, remote_addr, cert, key, verify_cert, _raw=True) elif not hasattr(image, "fingerprint"): raise SaltInvocationError("Invalid image '{}'".format(image)) return image def _pylxd_model_to_dict(obj): """Translates a plyxd model object to a dict""" marshalled = {} for key in obj.__attributes__.keys(): if hasattr(obj, key): marshalled[key] = getattr(obj, key) return marshalled # # Monkey patching for missing functionality in pylxd # if HAS_PYLXD: import pylxd.exceptions # NOQA if not hasattr(pylxd.exceptions, "NotFound"): # Old version of pylxd class NotFound(pylxd.exceptions.LXDAPIException): """An exception raised when an object is not found.""" pylxd.exceptions.NotFound = NotFound try: from pylxd.container import Container except ImportError: from pylxd.models.container import Container def put(self, filepath, data, mode=None, uid=None, gid=None): headers = {} if mode is not None: if isinstance(mode, int): mode = oct(mode) elif not mode.startswith("0"): mode = "0{}".format(mode) headers["X-LXD-mode"] = mode if uid is not None: headers["X-LXD-uid"] = str(uid) if gid is not None: headers["X-LXD-gid"] = str(gid) response = self._client.api.containers[self._container.name].files.post( params={"path": filepath}, data=data, headers=headers ) return response.status_code == 200 Container.FilesManager.put = put
Save