179 shaares
4 results
tagged
lxc
path
// get path for a specific value
paths as $path | select(getpath($path) == "10.0.0.159") | $path
// get paths in string format
[paths|map(if type=="number" then "[]" else tostring end)|join(".")|split(".[]")|join("[]")]|unique|map("."+.)|.[]insert data
data='{"ipv4":"192.168.0.1"}
{"ipv4":"192.168.0.100"}
{"ipv4":"192.168.0.102"}'
echo "$data" | jq -r 'select(.ipv4 == "192.168.0.1") |= . + {"hostname":"toto"}'LXC
pretty print
# pretty print
lxc list --format=json $ctname$ | jq -Csearch
# search in keys recursively & get values for key
lxc list --format json|jq -r '..|.hwaddr?|select(.!=null and .!="")'
# search in keys recursively & get flatten path
lxc list --format json | jq -c 'paths | select(.[-1] == "hwaddr")'
# search by type
jq 'path(recurse(if type|. == "array" or . =="object" then .[] else empty end))'
# search image by alias
lxc image list --format=json | jq -r '.[].aliases[] | select(.name | test("'-1635.*$'")).name'name
# print name
lxc list --format=json | jq -r '.[].name'
# print selected name for exact name alpine
lxc list --format=json | jq -r '.[] | select(.name == "alpine311").name'
# print selected name for alpine.* in regexp format
lxc list --format=json | jq -r '.[] | select(.name | test("alpine.*")).name'
# display names of running containers
lxc list --format=json | jq -r '.[] | select(.status == "Running").name'
# display names of running containers with a selected name
lxc list --format=json | jq -r '.[] | select(.status == "Running") | select(.name == "alpine314").name'
# display name of containers which have attached profile $profile
lxc list --format=json | jq -r '.[] | select(.profiles | any(contains("'$profile'"))).name'IP
Display first IP address for specified: interface
# Display IP address of the first network interface of containers which have an interface named 'eth0'
lxc list --format=json | jq -r '.[].state.network.eth0.addresses[0].address'
# Display IP mac address & IP address for containers which have eth0 named interface
lxc list --format json|jq '.[].state.network.eth0 | {(.hwaddr): .addresses[0].address}'Display IP address for specified: name, scope, family
Display IP address for container named 'alpine311$' with network interface='eth0', with scope='global' & family='inet'
lxc list --format=json alpine311$ | jq -r '.[].state.network.eth0?.addresses[]
| select(.scope == "global" and .family == "inet")
| .address'Display pairs 'name + Ip address' for specified: interface, family
Display 'name + address' for containers with network, interface='eth0', scope='global' & family='inet'
lxc list --format=json | jq -r '.[] |
select (.state.network != null) |
(.name + " " + (
.state.network.eth0.addresses[] |
select(.family == "inet") |
.address
)lxc profile list -f json|jq -r '.[] | (.name, .used_by)'
)'lxc profile list -f json|jq -r '.[] | (.name, .used_by)'Display profile names and users in json format
lxc profile list -f json|jq -r '.[] | (.name, .used_by)'Display name, ipv4, hwaddr for running containers with network in json format
lxc list --format=json | jq -r '.[] |
select (.state.network != null) |
{
"name": .name,
"ip": (
.state.network.eth0.addresses[] |
select(.family == "inet") |
.address
),
"hwaddr": .state.network.eth0.hwaddr
}'https://mikefarah.gitbook.io/yq/
yq is a lightweight and portable command-line YAML processor
It aims to be the jq or sed of yaml files
yq [flags]
yq [command]SUBCOMMANDS
| alias | subcommand | Designation |
|---|---|---|
| x | COMPARE | Deeply compares two yaml files |
| d | DELETE | Deletes the nodes matching the given path expression from the YAML file |
| h | HELP | Help provides help for any command in the application |
| m | MERGE | Updates the yaml file by adding/updating the path(s) and value(s) from additional yaml file(s) |
| n | NEW | Creates a new yaml w.r.t the given path and value |
| p | PREFIX | Prefixes w.r.t to the yaml file at the given path |
| r | READ | Outputs the value of the given path in the yaml file to STDOUT |
| v | VALIDATE | test syntax of file |
| w | WRITE | Updates the yaml file w.r.t the given path and value |
| TRICKS |
Global options
-h, --help # help for yq
-C, --colors # print with colors
-I, --indent int # sets indent level for output (default 2)
-P, --prettyPrint # pretty print
-j, --tojson # output as json. By default it prints a json document in one line, use the prettyPrint flag to print a formatted doc.
-v, --verbose # verbose mode
-V, --version # Print version information and quitCOMPARE
Deeply compares two yaml files, prints the difference
Use with prettyPrint flag to ignore formatting differences
yq compare [yaml_file_a] [yaml_file_b] [flags]
-D, --defaultValue string # default value printed when there are no results
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-h, --help # help for compare
-p, --printMode string # print mode (v (values, default), p (paths), pv (path and value pairs) (default "v")examples
yq x - data2.yml # reads from stdin
yq x -pp dataA.yaml dataB.yaml '**' # compare paths
yq x -d1 dataA.yaml dataB.yaml 'a.b.c'DELETE
Deletes the nodes matching the given path expression from the YAML file
Outputs to STDOUT unless the inplace flag is used, in which case the file is updated instead
yq delete [yaml_file] [path_expression] [flags]
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-h, --help # help for delete
-i, --inplace # update the yaml file inplaceexamples
yq delete things.yaml 'a.b.c'
yq delete things.yaml 'a.*.c'
yq delete things.yaml 'a.(child.subchild==co*).c'
yq delete things.yaml 'a.**'
yq delete --inplace things.yaml 'a.b.c'
yq delete --inplace -- things.yaml '--key-starting-with-dash' # need to use '--' to stop processing arguments as flags
yq d -i things.yaml 'a.b.c'HELP
Help provides help for any command in the application
Simply type yq help [path to command] for full details
yq help [command] [flags]
-h, --help # help for helpMERGE
Updates the yaml file by adding/updating the path(s) and value(s) from additional yaml file(s)
Outputs to STDOUT unless the inplace flag is used, in which case the file is updated instead.
If overwrite flag is set then existing values will be overwritten using the values from each additional yaml file.
If append flag is set then existing arrays will be merged with the arrays from each additional yaml file.
yq merge [initial_yaml_file] [additional_yaml_file]... [flags]
-a, --append # update the yaml file by appending array values
-c, --autocreate # automatically create any missing entries (default true)
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-h, --help # help for merge
-i, --inplace # update the yaml file inplace
-x, --overwrite # update the yaml file by overwriting existing valuesexamples
yq merge things.yaml other.yaml
yq merge --inplace things.yaml other.yaml
yq m -i things.yaml other.yaml
yq m --overwrite things.yaml other.yaml
yq m -i -x things.yaml other.yaml
yq m -i -a things.yaml other.yaml
yq m -i --autocreate=false things.yaml other.yamlNEW
Creates a new yaml w.r.t the given path and value
Outputs to STDOUT
Create Scripts:
Note that you can give a create script to perform more sophisticated yaml This follows the same format as the update script
yq new [path] [value] [flags]
-h, --help # help for new
-s, --script string # yaml script for creating yaml
-t, --tag string # set yaml tag (e.g. !!int)examples
yq new 'a.b.c' cat
yq n 'a.b.c' --tag '!!str' true # force 'true' to be interpreted as a string instead of bool
yq n 'a.b[+]' cat
yq n -- '--key-starting-with-dash' cat # need to use '--' to stop processing arguments as flags
yq n --script create_script.yamlPREFIX
Prefixes w.r.t to the yaml file at the given path
Outputs to STDOUT unless the inplace flag is used, in which case the file is updated instead
yq prefix [yaml_file] [path] [flags]
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-h, --help # help for prefix
-i, --inplace # update the yaml file inplaceexamples
yq prefix things.yaml 'a.b.c'
yq prefix --inplace things.yaml 'a.b.c'
yq prefix --inplace -- things.yaml '--key-starting-with-dash' # need to use '--' to stop processing arguments as flags
yq p -i things.yaml 'a.b.c'
yq p --doc 2 things.yaml 'a.b.d'
yq p -d2 things.yaml 'a.b.d'READ
Outputs the value of the given path in the yaml file to STDOUT
yq read [yaml_file] [path_expression] [flags]
-c, --collect # collect results into array
-D, --defaultValue string # default value printed when there are no results
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-X, --explodeAnchors # explode anchors
-h, --help # help for read
-l, --length # print length of results
-p, --printMode string # print mode (v (values, default), p (paths), pv (path and value pairs) (default "v")examples
yq read things.yaml 'a.b.c'
yq r - 'a.b.c' # reads from stdin
yq r things.yaml 'a.*.c'
yq r things.yaml 'a.**.c' # deep splat
yq r things.yaml 'a.(child.subchild==co*).c'
yq r -d1 things.yaml 'a.array[0].blah'
yq r things.yaml 'a.array[*].blah'
yq r -- things.yaml '--key-starting-with-dashes.blah'VALIDATE
test syntax of file
yq v sample.yaml
yq validate [yaml_file] [flags]
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-h, --help # help for validateexamples
yq v - # reads from stdinWRITE
Updates the yaml file w.r.t the given path and value
Outputs to STDOUT unless the inplace flag is used, in which case the file is updated instead
Append value to array adds the value to the end of array
Update Scripts:
Note that you can give an update script to perform more sophisticated update. Update script format is list of update commands (update or delete) like so:
- command: update
path: b.c
value:
#great
things: frog # wow!
- command: delete
path: b.dyq write [yaml_file] [path_expression] [value] [flags]
-d, --doc string # process document index number (0 based, * for all documents) (default "0")
-f, --from string # yaml file for updating yaml (as-is)
-h, --help # help for write
-i, --inplace # update the yaml file inplace
-s, --script string # yaml script for updating yaml
-t, --tag string # set yaml tag (e.g. !!int)examples
yq write things.yaml 'a.b.c' true
yq write things.yaml 'a.*.c' true
yq write things.yaml 'a.**' true
yq write things.yaml 'a.(child.subchild==co*).c' true
yq write things.yaml 'a.b.c' --tag '!!str' true # force 'true' to be interpreted as a string instead of bool
yq write things.yaml 'a.b.c' --tag '!!float' 3
yq write --inplace -- things.yaml 'a.b.c' '--cat' # need to use '--' to stop processing arguments as flags
yq w -i things.yaml 'a.b.c' cat
yq w -i -s update_script.yaml things.yaml
yq w things.yaml 'a.b.d[+]' foo # appends a new node to the 'd' array
yq w --doc 2 things.yaml 'a.b.d[+]' foo # updates the 3rd document of the yaml fileTRICKS
LXC
pretty print
# pretty print
lxc list --format=yaml $ctname$ | yq r - -Cname
# print name
lxc list --format=yaml $ctname$ | yq r - '.name'
# print selected name for alpine.* in regexp format
lxc list --format=yaml | yq r - 'name==alpine*'
# display names of running containers
lxc list --format yaml | yq r - 'status==Running.name'
# display name of containers which have attached profile $profile
?TOC
| chapter |
|---|
| CONFIG |
| COPY |
| DNSMASQ |
| LIST |
| IMAGE |
| INIT |
| NETWORK |
| PROFILE |
| STORAGE |
| EXEC |
| PUBLISH |
| TRICK |
CONFIG
set network configuration
echo -e "lxc.network.0.ipv4 = 10.100.0.10/24\nlxc.network.0.ipv4.gateway = 10.100.0.1\n" | lxc config set my-container raw.lxc -COPY
Copy container with changing device key/value
lxc copy $ct $ctnew --device $devicename,$key=$value
# lxc copy srv-mail srv-mail-maria --device eth0,ipv4.address=10.0.0.10DNSMASQ
# /path/to/host-to-ip-file.conf with following dnsmasq syntax
c1,10.100.0.10
c2,10.100.0.20
&
lxc network set lxdbr0 set raw.dnsmasq hostsfile=/path/to/host-to-ip-file.conf
lxc restart c1 c2LIST
lxc list $str # be careful: list container names with a name contains $str
lxc list $regexp # filters containers list with name matches regexp
lxc list $property_name=$value # filter container list with properties matches values (use list --format json to see real properties name)
lxc list -c 46abcdlnNpPsSt L # show all container informations
lxc list -c n4s # outputs minimal container informations
lxc list image.os=Alpine image.architecture=amd64 # outputs informations for containers matched with properties: image.os=Alpine image.architecture=amd64
# list names of all containers
lxc list -f csv -c n
lxc list --format=json | jq -r '.[].name
# list names of running containers
lxc list status=Running -f csv -c n
lxc list --format=json | jq -r '.[] | select(.status == "Running").name
# list names of stopped containers
lxc list status=Stopped -f csv -c n
lxc list --format=json | jq -r '.[] | select(.status == "Stopped").name
# list image with finding any of aliases
lxc image list --format json | jq -r '.[].aliases[] | select(.name == "debian10").name'IMAGE
lxc image list $repo:$os/$release
lxc image list $repo: architecture=$regexp description=$regexp os=$regexp release=$regexp serial=$regexp
lxc image list ubuntu: # list availables images from repository ubuntu
lxc image list images:debian # list availables images from repository images started debian"
lxc image list images:alpine/3.11/amd64 # list availables images from repository images matched with os:Alpine release:3.11 architecture:amd64
lxc image list images: architecture=amd64 os=Debian release=buster
lxc image copy images:debian/10/amd64 local: --alias debian10 --alias debian-10 --alias buster --auto-update
lxc image copy images:alpine/3.12 local: --alias alpine312 --alias alpine-312 --auto-update
lxc image copy ubuntu:18.04/amd64 local: --alias bionic --alias ubuntu1804 --alias ubuntu-1804 --auto-update
lxc image copy ubuntu:20.04/amd64 local: --alias focal --alias ubuntu2004 --alias ubuntu-2004 --auto-update
lxc image copy images:centos/8/amd64 local: --alias centos8 --alias centos-8 --auto-updateINIT
lxc init alpine311 alpine311 # Initialize image with nameNETWORK
lxc network set $inet_name ipv4.address $address_cidr # set network address for interface $inet
lxc network create $inet_name ipv4.address=10.0.1.1/24 # add network interface
lxc network attach-profile $inet_name stock eth0PROFILE
lxc profile device add prod root disk pool=prod path=/ # add root path to profile from a pool 'prod'
lxc profile device add $profile_name $device_name disk pool=$pool_name path=$path_ct # add $device_name to $profile_name for $path_ct
lxc profile device add $profile_name $device_name disk source=$path_host path=$path_ctSTORAGE
lxc storage create default zfs size=50GB # create a pool using a loop device named 'default' with zfs driver & a size of 50G
lxc storage create stock zfs source=stock # create a pool 'stock' using a zfs pool named 'stock'EXEC
echo -e "auth-zone=lxd\ndns-loop-detect" | lxc network set lxdbr0 raw.dnsmasq -PUBLISH
lxc publish $CTNAME --alias $CTNAME-$HOSTNAME # default compression are gzip
lxc publish $CTNAME --alias $CTNAME-$HOSTNAME --compression xz # good compression but longTRICK
pretty print
json
lxc list --format=json $ctname$ # '$' is to limit to exact name & not only started with ctname
# pretty print
lxc list --format=json $ctname$ | jq
lxc list --format=json $ctname$ | python -m json.toolyaml
lxc list --format=yaml $ctname$ # '$' is to limit to exact name & not only started with ctname
# pretty print
lxc list --format=yaml $ctname$ |yq r - -Cprofile
yaml
Print name of host interfaces attached to the profile $profile
lxc profile show $profile | yq r - "devices.(type==nic).parent"Print name of containers that use the profile $profile
lxc profile show $profile | yq r - 'used_by' | sed 's|^.*/||'https://linuxcontainers.org/
https://discuss.linuxcontainers.org
https://lxd.readthedocs.io/en/latest/
COMMANDS
| subcommand | Designation |
|---|---|
| ALIAS | Manage command aliases |
| CLUSTER | Manage cluster members |
| CONFIG | Manage container and server configuration options |
| CONSOLE | Attach to container consoles |
| COPY | Copy containers within or in between LXD instances |
| DELETE | Delete containers and snapshots |
| EXEC | Execute commands in containers |
| FILE | Manage files in containers |
| HELP | Help about any command |
| IMAGE | Manage images |
| INFO | Show container or server information |
| LAUNCH | Create and start containers from images |
| LIST | List containers |
| MOVE | Move containers within or in between LXD instances |
| NETWORK | Manage and attach containers to networks |
| OPERATION | List, show and delete background operations |
| PROFILE | Manage profiles |
| PUBLISH | Publish containers as images |
| REMOTE | Manage the list of remote servers |
| RENAME | Rename containers and snapshots |
| RESTART | Restart containers |
| RESTORE | Restore containers from snapshots |
| SHELL | Execute commands in containers |
| SNAPSHOT | Create container snapshots |
| START | Start containers |
| STOP | Stop containers |
| STORAGE | Manage storage pools and volumes |
| VERSION | Show local and remote versions |
Global flags
--debug # Show all debug messages
--force-local # Force using the local unix socket
-h,--help # Print help
-v,--verbose # Show all information messages
--version # Print version numberALIAS
lxc alias
Manage command aliases
lxc alias [command]
add <alias> <target> [flags] # Add new aliases
list [flags] # List aliases
remove <alias> [flags] # Remove aliases
rename list new-list # Rename aliasesCLUSTER
lxc cluster
Manage cluster members
lxc cluster [command]
enable [<remote>:] <name> [flags] # Enable clustering on a single non-clustered LXD instance
list [<remote>:] [flags] # List all the cluster members
remove [<remote>:]<member> [flags] # Remove a member from the cluster
-f, --force # Force removing a member, even if degraded
rename [<remote>:]<member> <new-name> [flags] # Rename a cluster member
show [<remote>:]<member> [flags] # Show details of a cluster memberCONFIG
sub commands
device # Manage container devices
metadata # Manage container metadata files
template # Manage container file templates
trust [command] # Manage trusted clientslxc config
Manage container and server configuration options
lxc config [command]
edit [<remote>:][<container>] [flags] # Edit container or server configurations as YAML
get [<remote>:][<container>] <key> [flags] # Get values for container or server configuration keys
set [<remote>:][<container>] <key> <value> [flags] # Set container or server configuration keys
show [<remote>:][<container>] [flags] # Show container or server configurations
--expanded # Show the expanded configuration
unset [<remote>:][<container>] <key> [flags] # Unset container or server configuration keys-
DEVICE
lxc config device
Manage container devices
lxc config device [command] add [<remote>:]<container|profile> <device> <type> [key=value...] [flags] # Add devices to containers or profiles get [<remote>:]<container|profile> <device> <key> [flags] # Get values for container device configuration keys list [<remote>:]<container|profile> [flags] # List container devices override [<remote>:]<container> <device> [key=value...] [flags] # Copy profile inherited devices and override configuration keys remove [<remote>:]<container|profile> <name>... [flags] # Remove container devices set [<remote>:]<container|profile> <device> <key> <value> [flags] # Set container device configuration keys show [<remote>:]<container|profile> [flags] # Show full device configuration for containers or profiles unset [<remote>:]<container|profile> <device> <key> [flags] # Unset container device configuration keys -
METADATA
lxc config metadata
Manage container metadata files
lxc config metadata [command] edit [<remote>:]<container> [flags] # Edit container metadata files show [<remote>:]<container> [flags] # Show container metadata files -
TEMPLATE
lxc config template
Manage container file templates
lxc config template [command] create [<remote>:]<container> <template> [flags] # Create new container file templates delete [<remote>:]<container> <template> [flags] # Delete container file templates edit [<remote>:]<container> <template> [flags] # Edit container file templates list [<remote>:]<container> [flags] # List container file templates show [<remote>:]<container> <template> [flags] # Show content of container file templates -
TRUST
lxc config trust
Manage trusted clients
lxc config trust [command] add [<remote>:] <cert> [flags] # Add new trusted clients list [<remote>:] [flags] # List trusted clients remove [<remote>:] <hostname|fingerprint> [flags] # Remove trusted clients
Host properties
candid.api.key
candid.api.url
candid.domains
candid.expiry
cluster.offline_threshold
core.https_address
core.https_allowed_credentials
core.https_allowed_headers
core.https_allowed_methods
core.https_allowed_origin
core.proxy_http
core.proxy_https
core.proxy_ignore_hosts
core.trust_password
images.auto_update_cached
images.auto_update_interval
images.compression_algorithm
images.remote_cache_expiry
maas.api.key
maas.api.url
maas.machineContainer properties
boot.autostart
boot.autostart.delay
boot.autostart.priority
boot.host_shutdown_timeout
boot.stop.priority
environment.
limits.cpu
limits.cpu.allowance
limits.cpu.priority
limits.disk.priority
limits.memory
limits.memory.enforce
limits.memory.swap
limits.memory.swap.priority
limits.network.priority
limits.processes
linux.kernel_modules
migration.incremental.memory
migration.incremental.memory.goal
migration.incremental.memory.iterations security.nesting
nvidia.runtime
raw.apparmor
raw.idmap
raw.lxc
raw.seccomp
security.devlxd
security.idmap.base
security.idmap.isolated
security.idmap.size
security.privileged
security.syscalls.blacklist
security.syscalls.blacklist_compat
security.syscalls.blacklist_default
user.meta-data
user.network-config
user.network_mode
user.user-data
user.vendor-data
volatile.apply_quota
volatile.apply_template
volatile.base_image
volatile.idmap.base
volatile.idmap.next
volatile.last_state.idmap
volatile.last_state.powerCONSOLE
lxc console
Attach to container consoles
lxc console [<remote>:]<container> [flags]
--show-log # Retrieve the container s console logCOPY
lxc copy
Copy containers within or in between LXD instances
lxc copy [<remote>:]<source>[/<snapshot>] [[<remote>:]<destination>] [flags]
-c, --config # Config key/value to apply to the new container
--container-only # Copy the container without its snapshots
-d, --device # New key/value to apply to a specific device
-e, --ephemeral # Ephemeral container
--mode # Transfer mode. One of pull (default), push or relay (default "pull")
--no-profiles # Create the container with no profiles applied
-p, --profile # Profile to apply to the new container
--stateless # Copy a stateful container stateless
--target # Cluster member nameDELETE
lxc delete
Delete containers and snapshots
lxc delete [<remote>:]<container>[/<snapshot>] [[<remote>:]<container>[/<snapshot>]...] [flags]
-f, --force # Force the removal of running containers
-i, --interactive # Require user confirmationEXEC
lxc exec
Execute commands in containers. The command is executed directly using exec, so there is no shell and shell patterns (variables, file redirects, ...) wont be understood
lxc exec [<remote>:]<container> [flags] [--] <command line>
-n, --disable-stdin # Disable stdin (reads from /dev/null)
--env # Environment variable to set (e.g. HOME=/home/foo)
-t, --force-interactive # Force pseudo-terminal allocation
-T, --force-noninteractive # Disable pseudo-terminal allocation
--mode # Override the terminal mode (auto, interactive or non-interactive) (default "auto")FILE
lxc file
Manage files in containers
delete [<remote>:]<container>/<path> [[<remote>:]<container>/<path>...] [flags] # Delete files in containers
edit [<remote>:]<container>/<path> [flags] # Edit files in containers
pull [<remote>:]<container>/<path> [[<remote>:]<container>/<path>...] <target path> [flags] # Pull files from containers
-p, --create-dirs # Create any directories necessary
-r, --recursive # Recursively transfer files
push <source path> [<remote>:]<container>/<path> [[<remote>:]<container>/<path>...] [flags]
--gid # Set the file's gid on push (default -1)
--mode # Set the file's perms on push
-r, --recursive # Recursively transfer files
--uid # Set the file's uid on push (default -1)IMAGE
sub commands
alias # Manage image aliases
lxc image
Manage images
lxc image [command]
copy [<remote>:]<image> <remote>: [flags] # Copy images between servers
--alias # New aliases to add to the image
--auto-update # Keep the image up to date after initial copy
--copy-aliases # Copy aliases from source
--public # Make image public
delete [<remote>:]<image> [[<remote>:]<image>...] [flags] # Delete images
edit [<remote>:]<image> [flags] # Edit image properties
export [<remote>:]<image> [<target>] [flags] # Export and download images
import <tarball>|<directory>|<URL> [<rootfs tarball>] [<remote>:] [key=value...] [flags] # Import images into the image store
--alias # New aliases to add to the image
--public # Make image public
info [<remote>:]<image> [flags] # Show useful information about images
list [<remote>:] [<filter>...] [flags] # List images
--format # Format (csv|json|table|yaml), default "table"
-c, --columns # Columns default "lfpdasu"
# Column shorthand chars:
l - Shortest image alias (and optionally number of other aliases)
L - Newline-separated list of all image aliases
f - Fingerprint
p - Whether image is public
d - Description
a - Architecture
s - Size
refresh [<remote>:]<image> [[<remote>:]<image>...] [flags] # Refresh images
show [<remote>:]<image> [flags] # Show image properties-
ALIAS
lxc image alias
Manage image aliases
lxc image alias [command] create [<remote>:]<alias> <fingerprint> [flags] # Create aliases for existing images delete [<remote>:]<alias> [flags] # Delete image aliases list [<remote>:] [<filters>...] [flags] # List image aliases rename [<remote>:]<alias> <new-name> [flags] # Rename aliases
INFO
lxc info
Show container or server information
lxc info [<remote>:][<container>] [flags]
--resources # Show the resources available to the server
--show-log # Show the container's last 100 log lines?LAUNCH
lxc launch
Create and start containers from images
lxc launch [<remote>:]<image> [<remote>:][<name>] [flags]
-c, --config # Config key/value to apply to the new container
-e, --ephemeral # Ephemeral container
-n, --network # Network name
--no-profiles # Create the container with no profiles applied
-p, --profile # Profile to apply to the new container
-s, --storage # Storage pool name
--target # Cluster member name
-t, --type # Instance typeLIST
lxc list
List containers
lxc list [<remote>:] [<filter>...] [flags]
-c, --columns # Columns (default "ns46tSL")
--fast # Fast mode (same as --columns=nsacPt)
--format # Format (csv|json|table|yaml) (default "table")filter name:
- A single keyword like "web" which will list any container with a name starting by "web"
- A regular expression on the container name, matching a configuration item or its value
- A key/value pair referring to a configuration item. For those, the namespace can be abbreviated to the smallest unambiguous identifier
Pre-defined column shorthand chars:
4 - IPv4 address
6 - IPv6 address
a - Architecture
b - Storage pool
c - Creation date
d - Description
l - Last used date
n - Name
N - Number of Processes
p - PID of the containers init process
P - Profiles
s - State
S - Number of snapshots
t - Type (persistent or ephemeral)
L - Location of the container (e.g. its cluster member)
Custom columns
Custom columns are defined with "key[:name][:maxWidth]":
KEY: The (extended) config key to display
NAME: Name to display in the column header
Defaults to the key if not specified or empty
MAXWIDTH: Max width of the column (longer results are truncated)
Defaults to -1 (unlimited). Use 0 to limit to the column header sizeMOVE
lxc move
Move containers within or in between LXD instances
lxc move [<remote>:]<container>[/<snapshot>] [<remote>:][<container>[/<snapshot>]] [flags]
-c, --config # Config key/value to apply to the target container
--container-only # Move the container without its snapshots
-d, --device # New key/value to apply to a specific device
--mode # Transfer mode. One of pull (default), push or relay. (default "pull")
--no-profiles # Unset all profiles on the target container
-p, --profile # Profile to apply to the target container
--stateless # Copy a stateful container stateless
--target # Cluster member nameNETWORK
lxc network
Manage and attach containers to networks
lxc network [command]
attach [<remote>:]<network> <container> [<device name>] [<interface name>] [flags] # Attach network interfaces to containers
attach-profile [<remote>:]<network> <profile> [<device name>] [<interface name>] [flags] # Attach network interfaces to profiles
create [<remote>:]<network> [key=value...] [flags] # Create new networks
--target # Cluster member name
delete [<remote>:]<network> [flags] # Delete networks
detach [<remote>:]<network> <container> [<device name>] [flags] # Detach network interfaces from containers
detach-profile [<remote>:]<network> <container> [<device name>] [flags] # Detach network interfaces from profiles
edit [<remote>:]<network> [flags] # Edit network configurations as YAML
get [<remote>:]<network> <key> [flags] # Get values for network configuration keys
--target # Cluster member name
list [<remote>:] [flags] # List available networks
--format # Format (csv|json|table|yaml) (default "table")
list-leases [<remote>:]<network> [flags] # List DHCP leases
rename [<remote>:]<network> <new-name> [flags] # Rename networks
set [<remote>:]<network> <key> <value> [flags] # Set network configuration keys
--target # Cluster member name
show [<remote>:]<network> [flags] # Show network configurations
--target # Cluster member name
unset [<remote>:]<network> <key> [flags] # Unset network configuration keys
--target # Cluster member nameproperties
bridge.driver
bridge.external_interfaces
bridge.mode
bridge.mtu
dns.domain
dns.mode
fan.overlay_subnet
fan.type
fan.underlay_subnet
ipv4.address
ipv4.dhcp
ipv4.dhcp.expiry
ipv4.dhcp.gateway
ipv4.dhcp.ranges
ipv4.firewall
ipv4.nat
ipv4.routes
ipv4.routing
ipv6.address
ipv6.dhcp
ipv6.dhcp.expiry
ipv6.dhcp.ranges
ipv6.dhcp.stateful
ipv6.firewall
ipv6.nat
ipv6.routes
ipv6.routing
raw.dnsmasqPROFILE
sub commands
device # Manage container devices
lxc profile
Manage profiles
lxc profile [command]
add [<remote>:]<container> <profile> [flags] # Add profiles to containers
assign [<remote>:]<container> <profiles> [flags] # Assign sets of profiles to containers
copy [<remote>:]<profile> [<remote>:]<profile> [flags] # Copy profiles
create [<remote>:]<profile> [flags] # Create profiles
delete [<remote>:]<profile> [flags] # Delete profiles
edit [<remote>:]<profile> [flags] # Edit profile configurations as YAML
get [<remote>:]<profile> <key> [flags] # Get values for profile configuration keys
list [<remote>:] [flags] # List profiles
remove [<remote>:]<container> <profile> [flags] # Remove profiles from containers
rename [<remote>:]<profile> <new-name> [flags] # Rename profiles
set [<remote>:]<profile> <key> <value> [flags] # Set profile configuration keys
show [<remote>:]<profile> [flags] # Show profile configurations
unset [<remote>:]<profile> <key> [flags] # Unset profile configuration keys-
DEVICE
lxc profile device
Manage container devices
lxc profile device [command] add [<remote>:]<container|profile> <device> <type> [key=value...] [flags] # Add devices to containers or profiles get [<remote>:]<container|profile> <device> <key> [flags] # Get values for container device configuration keys list [<remote>:]<container|profile> [flags] # List container devices remove [<remote>:]<container|profile> <name>... [flags] # Remove container devices set [<remote>:]<container|profile> <device> <key> <value> [flags] # Set container device configuration keys show [<remote>:]<container|profile> [flags] # Show full device configuration for containers or profiles unset [<remote>:]<container|profile> <device> <key> [flags] # Unset container device configuration keys
properties
boot.autostart
boot.autostart.delay
boot.autostart.priority
boot.host_shutdown_timeout
boot.stop.priority
environment.
limits.cpu
limits.cpu.allowance
limits.cpu.priority
limits.disk.priority
limits.memory
limits.memory.enforce
limits.memory.swap
limits.memory.swap.priority
limits.network.priority
limits.processes
linux.kernel_modules
migration.incremental.memory
migration.incremental.memory.goal
migration.incremental.memory.iterations security.nesting
nvidia.runtime
raw.apparmor
raw.idmap
raw.lxc
raw.seccomp
security.devlxd
security.idmap.base
security.idmap.isolated
security.idmap.size
security.privileged
security.syscalls.blacklist
security.syscalls.blacklist_compat
security.syscalls.blacklist_default
user.meta-data
user.network-config
user.network_mode
user.user-data
user.vendor-data
volatile.apply_quota
volatile.apply_template
volatile.base_image
volatile.idmap.base
volatile.idmap.next
volatile.last_state.idmap
volatile.last_state.powerPUBLISH
lxc publish
Publish containers as images
lxc publish [<remote>:]<container>[/<snapshot>] [<remote>:] [flags] [key=value...]
--alias # New alias to define at target
--compression # Define a compression algorithm: for image or none
-f, --force # Stop the container if currently running
--public # Make the image publicREMOTE
lxc remote
Manage the list of remote servers
lxc remote [command]
add [<remote>] <IP|FQDN|URL> [flags] # Add new remote servers
--accept-certificate # Accept certificate
--auth-type # Server authentication type (tls or candid)
--domain # Candid domain to use
--password # Remote admin password
--protocol # Server protocol (lxd or simplestreams)
--public # Public image server
get-default [flags] # Show the default remote
list [flags] # List the available remotes
remove <remote> [flags] # Remove remotes
rename <remote> <new-name> [flags] # Rename remotes
set-default <remote> [flags] # Set the default remote
set-url <remote> <URL> [flags] # Set the URL for the remoteRENAME
lxc rename
Rename containers and snapshots
lxc rename [<remote>:]<container>[/<snapshot>] <container>[/<snapshot>] [flags]RESTART
lxc restart
Restart containers
lxc restart [<remote>:]<container> [[<remote>:]<container>...] [flags]
--all # Run command against all containers
-f, --force # Force the container to shutdown
--timeout # Time to wait for the container before killing it (default -1)RESTORE
lxc restore
Restore containers from snapshots
lxc restore [<remote>:]<container> <snapshot> [flags]
--stateful # Whether or not to restore the container's running state from snapshot (if available)SHELL
Similar to: lxc exec <container> -- sh -c "command"
See lxc exec !
lxc shell
Enter in container & use the shell
lxc shell [<remote>:]<container>SNAPSHOT
lxc snapshot
Create container snapshots
When --stateful is used, LXD attempts to checkpoint the container's running state, including process memory state, TCP connections, ...
lxc snapshot [<remote>:]<container> [<snapshot name>] [flags]
--stateful # LXD attempts to checkpoint the container's running state, including process memory state, TCP connections, ...START
lxc start
Start containers
lxc start [<remote>:]<container> [[<remote>:]<container>...] [flags]
--all # Run command against all containers
--stateless # Ignore the container stateSTOP
lxc stop
Stop containers
lxc stop [<remote>:]<container> [[<remote>:]<container>...] [flags]
--all # Run command against all containers
-f, --force # Force the container to shutdown
--stateful # Store the container state
--timeout # Time to wait for the container before killing it (default -1)STORAGE
sub command
volume # Manage storage volumes
lxc storage
Manage storage pools and volumes
lxc storage [command]
create [<remote>:]<pool> <driver> [key=value...] [flags] # Create storage pools
--target # Cluster member name
delete [<remote>:]<pool> [flags] # Delete storage pools
edit [<remote>:]<pool> [flags] # Edit storage pool configurations as YAML
get [<remote>:]<pool> <key> [flags] # Get values for storage pool configuration keys
info [<remote>:]<pool> [flags] # Show useful information about storage pools
--bytes # Show the used and free space in bytes
list [<remote>:] [flags] # List available storage pools
set [<remote>:]<pool> <key> <value> [flags] # Set storage pool configuration keys
--target # Cluster member name
show [<remote>:]<pool> [flags] # Show storage pool configurations and resources
--resources # Show the resources available to the storage pool
--target # Cluster member name
unset [<remote>:]<pool> <key> [flags] # Unset storage pool configuration keys
--target # Cluster member name-
VOLUME
lxc storage volume
Manage storage volumes
Unless specified through a prefix, all volume operations affect "custom" (user created) volumeslxc storage volume [command] attach [<remote>:]<pool> <volume> <container> [<device name>] <path> [flags] # Attach new storage volumes to containers attach-profile [<remote:>]<pool> <volume> <profile> [<device name>] <path> [flags] # Attach new storage volumes to profiles copy <pool>/<volume> <pool>/<volume> [flags] # Copy storage volumes --mode # Transfer mode. One of pull (default), push or relay. (default "pull") --target # Cluster member name create [<remote>:]<pool> <volume> [key=value...] [flags] # Create new custom storage volumes --target # Cluster member name delete [<remote>:]<pool> <volume> [flags] # Delete storage volumes --target # Cluster member name detach [<remote>:]<pool> <volume> <container> [<device name>] [flags] # Detach storage volumes from containers detach-profile [<remote:>]<pool> <volume> <profile> [<device name>] [flags] # Detach storage volumes from profiles edit [<remote>:]<pool> <volume> [flags] # Edit storage volume configurations as YAML --target # Cluster member name get [<remote>:]<pool> <volume> <key> [flags] # Get values for storage volume configuration keys --target # Cluster member name list [<remote>:]<pool> [flags] # List storage volumes move [<pool>/]<volume> [<pool>/]<volume> [flags] # Move storage volumes between pools --mode # Transfer mode. One of pull (default), push or relay. (default "pull") --target # Cluster member name rename [<remote>:]<pool> <old name> <new name> [flags] # Rename storage volumes --target # Cluster member name set [<remote>:]<pool> <volume> <key> <value> [flags] # Set storage volume configuration keys --target # Cluster member name show [<remote>:]<pool> <volume> [flags] # Show storage volum configurations --target # Cluster member name unset [<remote>:]<pool> <volume> <key> [flags] # Unset storage volume configuration keys --target # Cluster member name