Manage nspawn containers
New in version 2015.8.0.
systemd-nspawn(1) is a tool used to manage lightweight namespace containers. This execution module provides several functions to help manage these containers.
Minions running systemd >= 219 will place new containers in /var/lib/machines
, while those running systemd < 219 will place them in /var/lib/container
.
Bootstrap a container from package servers, if dist is None the os the minion is running as will be created, otherwise the needed bootstrapping tools will need to be available on the host.
CLI Example:
salt myminion nspawn.bootstrap_container <name>
Bootstrap a container from package servers, if dist is None the os the minion is running as will be created, otherwise the needed bootstrapping tools will need to be available on the host.
CLI Example:
salt '*' nspawn.bootstrap_salt arch1
Copy a file from the host into a container
True
, then if a file exists at the location specified by the dest
argument, an error will be raised.makedirs : False
Create the parent directory on the container if it does not already exist.
CLI Example:
salt 'minion' nspawn.copy_to /tmp/foo /root/foo
Set the named container to not be launched at boot
CLI Example:
salt myminion nspawn.enable <name>
Set the named container to be launched at boot
CLI Example:
salt myminion nspawn.enable <name>
Returns true if the named container exists
CLI Example:
salt myminion nspawn.exists <name>
Return info about a container
Note
The container must be running for machinectl
to gather information about it. If the container is stopped, then this function will start it.
True
, then the container will be started to retrieve the info. A Started
key will be in the return data if the container was started.CLI Example:
salt myminion nspawn.info arch1 salt myminion nspawn.info arch1 force_start=False
Lists all nspawn containers
CLI Example:
salt myminion nspawn.list_all
Lists running nspawn containers
Note
nspawn.list
also works to list running containers
CLI Example:
salt myminion nspawn.list_running salt myminion nspawn.list
Lists stopped nspawn containers
CLI Example:
salt myminion nspawn.list_stopped
Returns the PID of a container
CLI Example:
salt myminion nspawn.pid arch1
Issue a clean shutdown to the container. Equivalent to running machinectl poweroff
on the named container.
For convenience, running nspawn.stop``(as shown in the CLI examples
below) is equivalent to running ``nspawn.poweroff
.
Note
machinectl poweroff
is only supported in systemd >= 219. On earlier systemd versions, running this function will simply issue a clean shutdown via systemctl
.
CLI Examples:
salt myminion nspawn.poweroff arch1 salt myminion nspawn.stop arch1
Execute a machinectl pull-dkr
to download a docker image and add it to /var/lib/machines as a new container.
Note
Requires systemd >= 219
http://
or https://
URL).CLI Examples:
salt myminion nspawn.pull_dkr centos/centos6 cent6 index=https://get.docker.com salt myminion nspawn.pull_docker centos/centos6 cent6 index=https://get.docker.com
Execute a machinectl pull-raw
to download a .qcow2 or raw disk image, and add it to /var/lib/machines as a new container.
Note
Requires systemd >= 219
machinectl(1)
man page (section titled "Image Transfer Commands") for more information on requirements for image verification. To perform signature verification, use verify=signature
. For checksum verification, use verify=checksum
. By default, no verification will be performed.CLI Examples:
salt myminion nspawn.pull_raw http://ftp.halifax.rwth-aachen.de/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Base-20141203-21.x86_64.raw.xz fedora21
Execute a machinectl pull-raw
to download a .tar container image, and add it to /var/lib/machines as a new container.
Note
Requires systemd >= 219
machinectl(1)
man page (section titled "Image Transfer Commands") for more information on requirements for image verification. To perform signature verification, use verify=signature
. For checksum verification, use verify=checksum
. By default, no verification will be performed.CLI Examples:
salt myminion nspawn.pull_tar http://foo.domain.tld/containers/archlinux-2015.02.01.tar.gz arch2
Reboot the container by sending a SIGINT to its init process. Equivalent to running machinectl reboot
on the named container.
For convenience, running nspawn.restart
(as shown in the CLI examples below) is equivalent to running nspawn.reboot
.
Note
machinectl reboot
is only supported in systemd >= 219. On earlier systemd versions, running this function will instead restart the container via systemctl
.
CLI Examples:
salt myminion nspawn.reboot arch1 salt myminion nspawn.restart arch1
Remove the named container
Warning
This function will remove all data associated with the container. It will not, however, remove the btrfs subvolumes created by pulling container images (nspawn.pull_raw
, nspawn.pull_tar
, nspawn.pull_dkr
).
True
, the container will be destroyed even if it is running/frozen.CLI Examples:
salt '*' nspawn.remove foo salt '*' nspawn.remove foo stop=True
Run cmd.retcode
within a container
quiet
to suppress logging.output=all
.True
, all environment variables from the container's host will be kept. Otherwise, a comma-separated list (or Python list) of environment variable names can be passed, and those environment variables will be kept.CLI Example:
salt myminion nspawn.retcode mycontainer 'ip addr show'
Run cmd.run
within a container
quiet
to suppress logging.True
, all environment variables from the container's host will be kept. Otherwise, a comma-separated list (or Python list) of environment variable names can be passed, and those environment variables will be kept.CLI Example:
salt myminion nspawn.run mycontainer 'ifconfig -a'
Run cmd.run_all
within a container
Note
While the command is run within the container, it is initiated from the host. Therefore, the PID in the return dict is from the host, not from the container.
quiet
to suppress logging.output=all
.True
, all environment variables from the container's host will be kept. Otherwise, a comma-separated list (or Python list) of environment variable names can be passed, and those environment variables will be kept.CLI Example:
salt myminion nspawn.run_all mycontainer 'ip addr show'
Run cmd.run_stderr
within a container
quiet
to suppress logging.output=all
.True
, all environment variables from the container's host will be kept. Otherwise, a comma-separated list (or Python list) of environment variable names can be passed, and those environment variables will be kept.CLI Example:
salt myminion nspawn.run_stderr mycontainer 'ip addr show'
Run cmd.run_stdout
within a container
quiet
to suppress logging.output=all
.True
, all environment variables from the container's host will be kept. Otherwise, a comma-separated list (or Python list) of environment variable names can be passed, and those environment variables will be kept.CLI Example:
salt myminion nspawn.run_stdout mycontainer 'ifconfig -a'
Start the named container
CLI Example:
salt myminion nspawn.start <name>
Return state of container (running or stopped)
CLI Example:
salt myminion nspawn.state <name>
Kill all processes in the container without issuing a clean shutdown. Equivalent to running machinectl terminate
on the named container.
For convenience, running nspawn.stop
and passing kill=True
(as shown in the CLI examples below) is equivalent to running nspawn.terminate
.
Note
machinectl terminate
is only supported in systemd >= 219. On earlier systemd versions, running this function will simply issue a clean shutdown via systemctl
.
CLI Examples:
salt myminion nspawn.terminate arch1 salt myminion nspawn.stop arch1 kill=True
© 2019 SaltStack.
Licensed under the Apache License, Version 2.0.
https://docs.saltstack.com/en/latest/ref/modules/all/salt.modules.nspawn.html