File: //opt/saltstack/salt/lib/python3.10/site-packages/salt/modules/__pycache__/lxd.cpython-310.pyc
o
�����N�g
g�������������������
���@���s����d�Z�d�d�l�Z�d�d�l�Z�d�d�l�m�Z���d�d�l�Z�d�d�l�Z�d�d�l�m�Z�m Z ��d�d�l
m�Z���z�d�d�l�Z�d�Z
d�d�l�Z�e���e�j�j�����W�n���e�yD������d�Z
Y�n�w�e���e���Z�d�Z�d Z�d
d�d�d
d�d�d�d�d�d�� Z�d�Z�d�Z�i�Z�d�d���Z�e�j�j�j�� d���d�d�����Z!d�d���Z"e�j�j�j�� d��� � � � � � � �d�d�d�����Z#e�j�j�j�� d���e�j�j�j�� d���d d!������Z$e�j�j�j�� d���e�j�j�j�� d���d"d#������Z%d�d$d%��Z&d&d'��Z'd�d(d)��Z( �d�d*d+��Z) � � � , � � � � � � �d�d-d.��Z* �d�d/d0��Z+d�d1d2��Z, �d�d3d4��Z-d�d5d6��Z.d�d7d8��Z/ 9 � � � � �d�d:d;��Z0d�d<d=��Z1d�d>d?��Z2d�d@dA��Z3 � � � � � � � � �d�dBdC��Z4 �d�dDdE��Z5 � � � �d�dFdG��Z6 �d�dHdI��Z7 �d�dJdK��Z8 L � � � �d�dMdN��Z9 �d�dOdP��Z: � � � � � Q � � � �d�dRdS��Z; � � � � � � � �d�dTdU��Z< �d�dVdW��Z= �d�dXdY��Z> � � � � � � �d�dZd[��Z? �d�d\d]��Z@d�d^d_��ZA �d�d`da��ZB � � � �d�dbdc��ZC �d�ddde��ZD �d�dfdg��ZE L � � � �d�dhdi��ZF �d�djdk��ZG �d�dldm��ZH �d�dndo��ZI �d�dpdq��ZJd�drds��ZK � � � � � � � �d�dtdu��ZL � � � � � � � �d�dvdw��ZM � � � � � � Q �d�dxdy��ZN � � � � �d�dzd{��ZO | � � � �d�d}d~��ZP �d�dd���ZQd�d�d���ZR �d�d�d���ZS �d�d�d���ZT �d�d�d���ZUd�d���ZVd�d�d���ZWd�d���ZXd�d���ZYd�d���ZZd�d�d���Z[d�d���Z\e
��ryd�d�l]Z�e^e�j�d�����sUG�d�d���d�e�j�j_��Z`e`e�j�_`z�d�d�lambZb��W�n���e���ym������d�d�lcmbZb��Y�n�w�d�d�d���Zdedebje_dd�S�d�S�)�uU���
Module for managing the LXD daemon and its containers.
.. versionadded:: 2019.2.0
`LXD(1)`_ is a container "hypervisor". This execution module provides
several functions to help manage it and its containers.
.. note::
- `pylxd(2)`_ version >=2.2.5 is required to let this work,
currently only available via pip.
To install on Ubuntu:
$ apt-get install libssl-dev python-pip
$ pip install -U pylxd
- you need lxd installed on the minion
for the init() and version() methods.
- for the config_get() and config_get() methods
you need to have lxd-client installed.
.. _LXD(1): https://linuxcontainers.org/lxd/
.. _pylxd(2): https://github.com/lxc/pylxd/blob/master/doc/source/installation.rst
:maintainer: René Jochum <rene@jochums.at>
:maturity: new
:depends: python-pylxd
:platform: Linux
�����N)���datetime)���CommandExecutionError��SaltInvocationError)���VersionTFz�restructuredtext enz�2.2.5��0��1��2��3��4��5��6��7��8) ��unknownZ�i686��x86_64Z�armv7l��aarch64��ppcZ�ppc64Z�ppc64leZ�s390x�g���Z�lxdc��������������������C���s0���t�r�t�t�����t�t���k�r�d�d���t���t���f�S�t�S�d�S�)�NFzdThe lxd execution module cannot be loaded: pylxd "{}" is not supported, you need at least pylxd "{}")�FzTThe lxd execution module cannot be loaded: the pylxd python module is not available.)�� HAS_PYLXDr�����
pylxd_version��_pylxd_minimal_version��format��__virtualname__��r����r�����D/opt/saltstack/salt/lib/python3.10/site-packages/salt/modules/lxd.py��__virtual__R���s������������������������r����c��������������������C���s����t�d���d���S�)�zt
Returns the actual lxd version.
CLI Example:
.. code-block:: bash
salt '*' lxd.version
��cmd.runz
lxd --version)���__salt__r����r����r����r������versioni���s������r����c��������������������C���s����t�j�S�)�z|
Returns the actual pylxd version.
CLI Example:
.. code-block:: bash
salt '*' lxd.pylxd_version
)���pylxd��__version__r����r����r����r����r����x���s������r������dirc������������
���
���C���s����d�|���d���}�|�d�u�r�|�d�|���d�����}�|�d�u�r�|�d�|���d�����}�|�d�u�r*|�d�|���d�����}�|�d�u�r6|�d�|���d�����}�|�d�u�rB|�d�|���d�����}�|�d�u�rN|�d |���d�����}�z�t�d
��|���}�W�n���t�yn��} ��z�t�d�|���d�t�| ����������d�} ~ w�w�d
|�v�r�t�|�|���d
��d���d���������|�S�)�a����
Calls lxd init --auto -- opts
storage_backend :
Storage backend to use (zfs or dir, default: dir)
trust_password :
Password required to add new clients
network_address : None
Address to bind LXD to (default: none)
network_port : None
Port to bind LXD to (Default: 8443)
storage_create_device : None
Setup device based storage using this DEVICE
storage_create_loop : None
Setup loop based storage with this SIZE in GB
storage_pool : None
Storage pool to use or create
CLI Examples:
To listen on all IPv4/IPv6 Addresses:
.. code-block:: bash
salt '*' lxd.init dir PaSsW0rD [::]
To not listen on Network:
.. code-block:: bash
salt '*' lxd.init
z#lxd init --auto --storage-backend="��"Nz� --trust-password="z� --network-address="z� --network-port="z� --storage-create-device="z� --storage-create-loop="z� --storage-pool="r����z�Failed to call: 'z�', error was: ��error:�����)�r�����
ValueErrorr������str��index)
Z�storage_backendZ�trust_password��network_addressZ�network_portZ�storage_create_deviceZ�storage_create_loopZ�storage_pool��cmd��output��er����r����r������init����s4����1��������������������������������������������������r,���Z�lxcc��������������������C���sH���d���|�|���}�t�d���|���}�d�|�v�r�t�|�|���d���d���d���������d�|���d���f�S�)�ag���
Set an LXD daemon config option
CLI Examples:
To listen on IPv4 and IPv6 port 8443,
you can omit the :8443 its the default:
.. code-block:: bash
salt '*' lxd.config_set core.https_address [::]:8443
To set the server trust password:
.. code-block:: bash
salt '*' lxd.config_set core.trust_password blah
z�lxc config set "{}" "{}"r����r#���r$���Nz�Config value "z�" successfully set.)�r����r����r����r'���)���key��valuer)���r*���r����r����r�����
config_set����s������������������������r/���c��������������������C���s>���d�|���d���}�t�d���|���}�d�|�v�r�t�|�|���d���d���d���������|�S�)�z�
Get an LXD daemon config option
key :
The key of the config value to retrieve
CLI Examples:
.. code-block:: bash
salt '*' lxd.config_get core.https_address
z�lxc config get "r"���r����r#���r$���N)�r����r����r'���)�r-���r)���r*���r����r����r�����
config_get����s������������������r0���c����������������
���C���s`���d���t�|���t�|���t�|���t�|���f���}�|�t�v�r�t���d�|�����t�|���S�zd|�d�u�s(|�d�k�r2t���d�����t�����}�nP|���d���r=t���|���}�nE|�d�u�sE|�d�u�rIt�d�����t j
��|���}�t j
��|���}�t j
��|���sbt�d��
|�������t j
��|���sot�d �
|�������t���d
|�|�|�|�����t�j�|�|�|�f�|�d���}�W�n&��t�j�j�y�������t�d�|���d
��������t�y���}���z
t�d��
|�t�|���������d�}�~�w�w�|�t�|�<�|�S�)�a^���
Get an pyxld client, this is not meant to be run over the CLI.
remote_addr :
An URL to a remote Server, you also have to give cert and key if you
provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
See the `requests-docs`_ for the SSL stuff.
.. _requests-docs: http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
��|z2Returning the client "%s" from our connection poolNz�/var/lib/lxd/unix.socketz*Trying to connect to the local unix socket��/z:You have to give a Cert and Key file for remote endpoints.zTYou have given an invalid cert path: "{}", the file does not exist or is not a file.zTYou have given an invalid key path: "{}", the file does not exists or is not a file.zGTrying to connect to "%s" with cert "%s", key "%s" and verify_cert "%s")�Z�endpoint��certZ�verifyz�Failed to connect to '��'zPFailed to connect to "{}", looks like the SSL verification failed, error was: {})���joinr&�����_connection_pool��log��debugr����Z�Client�
startswithr������os��path�
expanduser��isfiler�����
exceptionsZ�ClientConnectionFailedr����� TypeError)���remote_addrr3���r-�����verify_certZ�pool_key��clientr+���r����r����r������pylxd_client_get����st����#������������� ��������
�
�
���������������������������������������������������������������������������������������rC���c����������������
���C���s<���z |�j�d�d�����W�d�S���t�j�j�y���}���z�t�t�|�������d�}�~�w�w�)�z�Saves an object (profile/image/container) and
translate its execpetion on failure
obj :
The object to save
This is an internal method, no CLI Example.
T����waitN)���saver����r>�����LXDAPIExceptionr����r&���)���objr+���r����r����r������pylxd_save_object����s����� ������������rI���c����������������
���C���sT���t�|�|�|�|���}�|�j�r�d�S�z |���|�����W�|�j�S���t�j�j�y)��}���z�t�t�|�������d�}�~�w�w�)�a����
Authenticate with a remote LXDaemon.
remote_addr :
An URL to a remote Server, you also have to give cert and key if you
provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
password :
The password of the remote.
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false
See the `requests-docs`_ for the SSL stuff.
.. _requests-docs: http://docs.python-requests.org/en/master/user/advanced/#ssl-cert-verification
TN)�rC���Z�trusted��authenticater����r>���rG���r����r&���)�r@�����passwordr3���r-���rA���rB���r+���r����r����r����rJ�������s�����*������������������rJ���c��������������������C����4���t�|�|�|�|���}�|�j�����}�|�r�d�d���|�D���S�t�t�|���S�)�a[���
Lists containers
list_names : False
Only return a list of names when True
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
Full dict with all available information:
.. code-block:: bash
salt '*' lxd.container_list
For a list of names:
.. code-block:: bash
salt '*' lxd.container_list true
See also `container-attributes`_.
.. _container-attributes: https://github.com/lxc/pylxd/blob/master/doc/source/containers.rst#container-attributes
c��������������������S��������g�|�]�}�|�j���q�S�r��������name����.0��cr����r����r�����
<listcomp>�����������z"container_list.<locals>.<listcomp>)�rC����
containers��all��map��_pylxd_model_to_dict)��
list_namesr@���r3���r-���rA���rB���rU���r����r����r������container_list����s
����6
�����
�rZ���r����c
���������������
���C���s����|�d�u�r�d�g�}�|�d�u�r
i�}�|�d�u�r�i�}�t�|�| |
|���}
t�|�t�t�t�f���s&t�d�����|�t�v�r2t�d���|�|�������t�|�t���r<d�|�d���}�t |�|���\�}�}�z�|
j
j�|�t�|���|�|�|�|�d���|�d���}�W�n���t�j
j�yj��}���z�t�t�|�������d�}�~�w�w�|�ss|�����d ��S�|�r�|�����D�]
\�}�}�t�|�|�f�i�|�������qy|�r�|�S�t�|���S�)
a� ��
Create a container
name :
The name of the container
source :
Can be either a string containing an image alias:
"xenial/amd64"
or an dict with type "image" with alias:
{"type": "image",
"alias": "xenial/amd64"}
or image with "fingerprint":
{"type": "image",
"fingerprint": "SHA-256"}
or image with "properties":
{"type": "image",
"properties": {
"os": "ubuntu",
"release": "14.04",
"architecture": "x86_64"}}
or none:
{"type": "none"}
or copy:
{"type": "copy",
"source": "my-old-container"}
profiles : ['default']
List of profiles to apply on this container
config :
A config dict or None (None = unset).
Can also be a list:
[{'key': 'boot.autostart', 'value': 1},
{'key': 'security.privileged', 'value': '1'}]
devices :
A device dict or None (None = unset).
architecture : 'x86_64'
Can be one of the following:
* unknown
* i686
* x86_64
* armv7l
* aarch64
* ppc
* ppc64
* ppc64le
* s390x
ephemeral : False
Destroy this container after stop?
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
_raw : False
Return the raw pyxld object or a dict?
CLI Examples:
.. code-block:: bash
salt '*' lxd.container_create test xenial/amd64
See also the `rest-api-docs`_.
.. _rest-api-docs: https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-1
N��defaultz/'profiles' must be formatted as list/tuple/set.z6Unknown architecture '{}' given for the container '{}'��image)���type��alias)�rO�����architecture��profiles��source��config� ephemeralrD���Z operation)�rC����
isinstance��list��tuple��setr������_architecturesr����r&�����normalize_input_valuesrU�����creater����r>���rG���r������json��items��container_device_addrX���)�rO���ra���r`���rb�����devicesr_���rc���rE���r@���r3���r-���rA�����_rawrB���� containerr+�����dnZ�dargsr����r����r������container_create����sR����r����������������������������
�
�����������������������
�������������������������rr���c������������
�������C���s����t�|�|�|�|���}�|�d�u�r�|�j�����}�|�r�|�S�n#g�}�z |�j���|���g�}�W�n���t�j�j�y1������t�d�|���d�������w�|�r8|�d���S�g�}�|�D�]�} |���t | j
t�| ��f�g�������q<|�S�)�a)���Gets a container from the LXD
name :
The name of the container to get.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
_raw :
Return the pylxd object, this is internal and by states in use.
N��Container '��' not foundr����)�rC���rU���rV�����getr����r>���rG���r������append��dictrO���rX���)
rO���r@���r3���r-���rA���ro���rB���rU�����infosrp���r����r����r�����
container_get����s$����$��
�������������������������������ry���c��������������������C���s$���t�|�|�|�|�|�d�d���}�|�j�d�d�����d�S�)�a����
Delete a container
name :
Name of the container to delete
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
T��ro���rD���)�ry�����delete��rO���r@���r3���r-���rA���rp���r����r����r������container_delete����s����� ����r}���c��������������������C���sD���t�|�|�|�|�|�d�d���}�|�j�t�k�r�t�d�|���d�������|�j�|�d�d�����t�|���S�)�a����
Rename a container
name :
Name of the container to Rename
newname :
The new name of the container
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���z$Can't rename the running container 'z�'.rD���)�ry�����status_code��CONTAINER_STATUS_RUNNINGr������renamerX���)�rO���Z�newnamer@���r3���r-���rA���rp���r����r����r������container_rename����s
����%
�������r����c������������ �����������s����t�|�|�|�|���}�|�d�u�r�|�j�����}�n�z |�j���|���g�}�W�n���t�j�j�y+������t�d�|���d�������w�g�}�|�D�]�}�i���|�������|�� t
|�j���f�d�d���t�����D���f�g�������q0|�S�)�a����
Get container state
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Nrs���rt���c������������������������s"���i�|�]
}�|���d���s�|�t���|�����q�S�)���_)�r9�����getattr)�rQ�����k����stater����r�����
<dictcomp>w���s������������
���z#container_state.<locals>.<dictcomp>)
rC���rU���rV���ru���r����r>���rG���r����r����rv���rw���rO���r!���) rO���r@���r3���r-���rA���rB���rU���Z�statesrp���r����r����r������container_stateF���s.���������������������������������
���������������r����c��������������������C����(���t�|�|�|�|�|�d�d���}�|�j�d�d�����t�|���S�)�a����
Start a container
name :
Name of the container to start
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rD���)�ry�����startrX���r|���r����r����r������container_start���������� ����r���������c��������������������C���s,���t�|�|�|�|�|�d�d���}�|�j�|�|�d�d�����t�|���S�)�a����
Stop a container
name :
Name of the container to stop
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rD���)�ry�����stoprX���)�rO�����timeout��forcer@���r3���r-���rA���rp���r����r����r������container_stop����s�����(����r����c��������������������C���r����)�a����
Restart a container
name :
Name of the container to restart
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rD���)�ry���Z�restartrX���r|���r����r����r������container_restart����r����r����c��������������������C���r����)�a����
Freeze a container
name :
Name of the container to freeze
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rD���)�ry���Z�freezerX���r|���r����r����r������container_freeze����r����r����c��������������������C���r����)�a����
Unfreeze a container
name :
Name of the container to unfreeze
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rD���)�ry���Z�unfreezerX���r|���r����r����r������container_unfreeze����r����r����c
���������������
���C���s����|�d�u�r�|�}�|�d�u�r�|�}�| d�u�r�|�} t�|�|�|�|�| d�d���}
t�|�|�|�|���}�|
j�D�]�}�z�|�j���|�����W�q&��t�j�j�y=������t�d�����w�|
j�t k�}
|�rM|
rM|
j
d�d�����z�|
j�|�d�d���}�|
j�|�_�|�������W�n���t�j�j�yr��}���z�t
t�|�������d�}�~�w�w�|
j�d�d�����|�r�|
r�|�j�d�d�����t�|���S�)�a����Migrate a container.
If the container is running, it either must be shut down
first (use stop_and_start=True) or criu must be installed
on the source and destination machines.
For this operation both certs need to be authenticated,
use :mod:`lxd.authenticate <salt.modules.lxd.authenticate`
to authenticate your cert(s).
name :
Name of the container to migrate
stop_and_start :
Stop the container on the source and start it on dest
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
# Authorize
salt '*' lxd.authenticate https://srv01:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false
salt '*' lxd.authenticate https://srv02:8443 <yourpass> ~/.config/lxc/client.crt ~/.config/lxc/client.key false
# Migrate phpmyadmin from srv01 to srv02
salt '*' lxd.container_migrate phpmyadmin stop_and_start=true remote_addr=https://srv02:8443 cert=~/.config/lxc/client.crt key=~/.config/lxc/client.key verify_cert=False src_remote_addr=https://srv01:8443
NTrz���z8not all the profiles from the source exist on the targetrD���)�ry���rC���r`���ru���r����r>���rG���r����r~���r���r����Z�migraterF���r����r&���r{���r����rX���)�rO���Z�stop_and_startr@���r3���r-���rA�����src_remote_addr��src_cert��src_key��src_verify_certrp�����dest_clientZ�pnameZ�was_runningZ�dest_containerr+���r����r����r������container_migrateD���sB����@������������������
���������������
�����������������������������r����c��������������������C���� ���t�|�|�|�|�|�d�d���}�t�|�d�|���S�)�a����
Get a container config value
name :
Name of the container
config_key :
The config key to retrieve
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rb�����ry�����_get_property_dict_item��rO����
config_keyr@���r3���r-���rA���rp���r����r����r������container_config_get����s�����%��r����c��������������������C����"���t�|�|�|�|�|�d�d���}�t�|�d�|�|���S�)�a1���
Set a container config value
name :
Name of the container
config_key :
The config key to set
config_value :
The config value to set
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rb�����ry�����_set_property_dict_item)�rO���r������config_valuer@���r3���r-���rA���rp���r����r����r������container_config_set����s�����.��r����c��������������������C���r����)�a����
Delete a container config value
name :
Name of the container
config_key :
The config key to delete
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rb�����ry�����_delete_property_dict_itemr����r����r����r������container_config_delete����������%��r����c��������������������C���r����)�a����
Get a container device
name :
Name of the container
device_name :
The device name to retrieve
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rn���r������rO�����device_namer@���r3���r-���rA���rp���r����r����r������container_device_get5���r����r������diskc������������ �������K���s*���t�|�|�|�|�|�d�d���}�|�|�d�<�t�|�d�|�|���S�)�aW���
Add a container device
name :
Name of the container
device_name :
The device name to add
device_type :
Type of the device
** kwargs :
Additional device args
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���r]���rn���r����) rO���r������device_typer@���r3���r-���rA�����kwargsrp���r����r����r����rm���_���s�����2����rm���c��������������������C���r����)�a����
Delete a container device
name :
Name of the container
device_name :
The device name to delete
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Trz���rn���r����r����r����r����r������container_device_delete����r����r������basec
���������������
���C���s����t�|���}�|���d���s�d�|�����}�t�|�| |
|�|�d�d���}
t�j���|���}�t�j���|���sI|���d���d�k�rIt�d���|�|�d���}�|�s=t d�|���d ������t�j���|���sGt d
����|�}�|��
t�j�j���}�|�sVt�j�j�}�t�j���|���sdt
d�|���d�������t�j���|���rp|�spt d
����z�d�}�|
j���t�j���|�d�������W�n)��t�j�j�y�������Y�n���t�j�j�y���}���z�t�|�����d���d�k�r�d�}�W�Y�d�}�~�n�d�}�~�w�w�t�j���|�����r[|���r�t�j���|�t�j���|�����}�|���s�d�}�z�|
j���t�j���|�������W�n-��t�j�j�y�������d�}�Y�n!��t�j�j�y���}���z�t�|�����d���d�k�r�d�}�n���W�Y�d�}�~�n�d�}�~�w�w�|���r�t d�����|�d�u���s�|�d�u���s�|�d�u���r2t���|���}�|�d�u���r"t�|�j���}�|�d�u���r*|�j�}�|�d�u���r2|�j�}�t�j�j���|�d�����}�|
j�j |�|��!��|�|�|�d�����W�d���������d�S�1���sTw�������Y���d�S�t�j���|�����sft d�����|��"t�j�����rvt#t�j��$|�����}�nL|���r~t#|���}�nDz�|
j���t�j���t�j��$|���d�������W�n2��t�j�j���y�������Y�n'��t�j�j���y���}���z�t�|�����d���d�k���r�d�}�t#|���}�d�}�W�Y�d�}�~�n�d�}�~�w�w�|���s�t d�����g�}�t��%|���D�]�\�}�}�}�t�j���|�|�|�d������&t�j�j�����}�|��'|�������q�|
�(d�d�g�|�������|�}�|�}�|�}�t��%|���D�]~\�}�}�}�t�j���|�|�|�d������&t�j�j�����}�|�D�]e}�t�j���|�|���}�t�j���|�|���}�|�d�u���s6|�d�u���s6|�d�u���rUt���|���}�|�d�u���rEt�|�j���}�|�d�u���rM|�j�}�|�d�u���rU|�j�}�t�j�j���|�d�����}�|
j�j |�|��!��|�|�|�d�����W�d���������n 1���svw�������Y�����q���q�d�S�)�a����
Put a file into a container
name :
Name of the container
src :
The source file or directory
dst :
The destination file or directory
recursive :
Decent into src directory
overwrite :
Replace destination if it exists
mode :
Set file mode to octal number
uid :
Set file uid (owner)
gid :
Set file gid (group)
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.container_file_put <container name> /var/tmp/foo /var/tmp/
r����Trz���z�://r�����
cp.cache_file����saltenvz�File 'rt�����File path must be absolute.��No such file or directory 'r4���zGCannot copy overwriting a directory without recursive flag set to true!F��.z�Is a directoryNz not foundz)Destination exists and overwrite is false��rb)���mode��uid��gidz$Source is neither file nor directory��mkdirz�-p))r&���r9���ry���r:���r;���r<�����isabs��findr����r������rstrip��sep��existsr������isdir��filesru���r5���r����r>�����NotFoundrG���r=�����basename��stat��oct��st_mode��st_uid��st_gid��salt��utils��fopen��put��read��endswith��len��dirname��walk��lstriprv�����execute)�rO�����src��dst� recursive� overwriter����r����r����r����r@���r3���r-���rA���rp�����cached_fileZ�dst_is_directory��why��foundr����Z�src_fp��idxZ�dstdirsr;���r����r����Z�dstdirZ�set_modeZ�set_uidZ�set_gidZ�src_nameZ�dst_namer����r����r������container_file_put����s�����X
�
�����������������������������������������������������������������������������������������������������
�
�
�
���
�������
�����������������
���"��������������������
������ ������������� ���������
�
�
�
���
�������������������r����c��������������������C���s����|�d�u�r�t�|���}�|���d���s�d�|�����}�t�|�|�|�| |
d�d���}�t�j���|���}�t�j���|���s,t�d�����t�j���|���r>t�j�� |�t�j��
|�����}�n�t�j���t�j���|�����sLt�d�����t�j���|���rc|�sXt�d�����t�j��
|���sbt�d�����n�t�j���|���}�t�j���|���swt�d |���d
������t�j�j���|�d�����}
|
��|�j���|�������W�d���������n�1�s�w�������Y���|�r�t���|�|�����|�s�|�d�k�r�t�|���}�n�d�}�|�s�|�d�k�r�t�|���}�n�d�}�|�d�k�s�|�d�k�r�t���|�|�|�����d�S�)
a����
Get a file from a container
name :
Name of the container
src :
The source file or directory
dst :
The destination file or directory
mode :
Set file mode to octal number
uid :
Set file uid (owner)
gid :
Set file gid (group)
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
Nr����Trz���r����z/Parent directory for destination doesn't exist.z*Destination exists and overwrite is false.z%Destination exists but is not a file.r����r4�����wb���)�r&���r9���ry���r:���r;���r<���r����r����r����r5���r����r����r����r=���r����r����r����r����r������writeru�����chmod��int��chown)�rO���r����r����r����r����r����r����r@���r3���r-���rA���rp���Z�dst_pathZ�dfr����r����r������container_file_get����sF����A��
�
�����������������������������������������������
�����
���������r����c������������
���
���C���s����t�|�|�|�|�|�d�d���}�z$|���|���}�i�}�t�|�d���s#t�d�|�d���|�d���d���}�n
t�|�j�|�j�|�j�d���}�W�n���t�j�j yK��} ��z�t�d�d�t
| ��d���}�W�Y�d�} ~ n�d�} ~ w�w�t�|�d�����d�k�rZd |�d
<�|�S�d�|�d
<�|�S�)�a����
Execute a command list on a container.
name :
Name of the container
cmd :
Command to be executed (as a list)
Example :
'["ls", "-l"]'
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.container_execute <container name> '["ls", "-l"]'
Trz���� exit_coder���������)�r������stdout��stderr��NF��result)�ry���r������hasattrrw���r����r����r����r����r>���r����r&���r����)
rO���r)���r@���r3���r-���rA���rp���r����Z
saltresultr+���r����r����r������container_execute����s2����/��
���
�����������������������������������������r����c��������������������C���rL���)�a~���Lists all profiles from the LXD.
list_names :
Return a list of names instead of full blown dicts.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
.. code-block:: bash
salt '*' lxd.profile_list true --out=json
salt '*' lxd.profile_list --out=json
c��������������������S���rM���r����rN���)�rQ�����pr����r����r����rS�������rT���z profile_list.<locals>.<listcomp>)�rC���r`���rV���rW���rX���)�rY���r@���r3���r-���rA���rB���r`���r����r����r������profile_listb����
����*
�����
�r����c����������������
���C���sx���t�|�|�|�|���}�t�|�|���\�}�}�z
|�j���|�|�|���} W�n���t�j�j�y,��}
��z�t�t�|
������d�}
~
w�w�|�d�u�r8|�| _ t
| ����t�| ��S�)�a����Creates a profile.
name :
The name of the profile to get.
config :
A config dict or None (None = unset).
Can also be a list:
[{'key': 'boot.autostart', 'value': 1},
{'key': 'security.privileged', 'value': '1'}]
devices :
A device dict or None (None = unset).
description :
A description string or None (None = unset).
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
.. code-block:: bash
salt '*' lxd.profile_create autostart config="{boot.autostart: 1, boot.autostart.delay: 2, boot.autostart.priority: 1}"
salt '*' lxd.profile_create shared_mounts devices="{shared_mount: {type: 'disk', source: '/home/shared', path: '/home/shared'}}"
See the `lxd-docs`_ for the details about the config and devices dicts.
.. _lxd-docs: https://github.com/lxc/lxd/blob/master/doc/rest-api.md#post-10
N)�rC���ri���r`���rj���r����r>���rG���r����r&�����descriptionrI���rX���)�rO���rb���rn���r����r@���r3���r-���rA���rB�����profiler+���r����r����r������profile_create����s�����@����������������������r����c��������������������C����V���t�|�|�|�|���}�d�}�z�|�j���|���}�W�n���t�j�j�y"������t�d�|���d�������w�|�r'|�S�t�|���S�)�a~���Gets a profile from the LXD
name :
The name of the profile to get.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
_raw :
Return the pylxd object, this is internal and by states in use.
CLI Examples:
.. code-block:: bash
salt '*' lxd.profile_get autostart
Nz Profile 'rt���)�rC���r`���ru���r����r>���rG���r����rX���)�rO���r@���r3���r-���rA���ro���rB���r����r����r����r������profile_get����������*������������������r����c��������������������C���s ���t�|�|�|�|�|�d�d���}�|�������d�S�)�a*���Deletes a profile.
name :
The name of the profile to delete.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_delete shared_mounts
Trz���)�r����r{���)�rO���r@���r3���r-���rA���r����r����r����r������profile_delete����s�����%����r����c��������������������C���r����)�a����Get a profile config item.
name :
The name of the profile to get the config item from.
config_key :
The key for the item to retrieve.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_config_get autostart boot.autostart
Trz���rb�����r����r������rO���r����r@���r3���r-���rA���r����r����r����r������profile_config_getH���������*��r����c��������������������C���r����)�a����Set a profile config item.
name :
The name of the profile to set the config item to.
config_key :
The items key.
config_value :
Its items value.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_config_set autostart boot.autostart 0
Trz���rb���)�r����r����)�rO���r����r����r@���r3���r-���rA���r����r����r����r������profile_config_setw���s�����3��r����c��������������������C���r����)�a����Delete a profile config item.
name :
The name of the profile to delete the config item.
config_key :
The config key for the value to retrieve.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_config_delete autostart boot.autostart.delay
Trz���rb�����r����r����r����r����r����r������profile_config_delete����r����r����c��������������������C���r����)�a|���Get a profile device.
name :
The name of the profile to get the device from.
device_name :
The name of the device to retrieve.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_device_get default eth0
Trz���rn���r������rO���r����r@���r3���r-���rA���r����r����r����r������profile_device_get����r����r����c��������������������K���sH���t�|�|�|�|�|�d�d���}�|�|�d�<�|�����D�]
\�} }
t�|
��|�| <�q�t�|�d�|�|���S�)�a����Set a profile device.
name :
The name of the profile to set the device to.
device_name :
The name of the device to set.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_device_set autostart eth1 nic nictype=bridged parent=lxdbr0
Trz���r]���rn���)�r����rl���r&���r����)�rO���r����r����r@���r3���r-���rA���r����r����r������vr����r����r������profile_device_set
��s
����1��������r����c��������������������C���r����)�a����Delete a profile device.
name :
The name of the profile to delete the device.
device_name :
The name of the device to delete.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Example:
.. code-block:: bash
salt '*' lxd.profile_device_delete autostart eth1
Trz���rn���r����r����r����r����r������profile_device_deleteH ��s�����+��r����c��������������������C���rL���)�a����Lists all images from the LXD.
list_aliases :
Return a dict with the fingerprint as key and
a list of aliases as value instead.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_list true --out=json
salt '*' lxd.image_list --out=json
c��������������������S���s ���i�|�]�}�|�j�d�d���|�j�D�����q�S�)�c��������������������S���s����g�|�]�}�|�d�����q�S�rN���r����)�rQ�����ar����r����r����rS���� ��s������z)image_list.<locals>.<dictcomp>.<listcomp>)���fingerprint��aliases)�rQ�����ir����r����r����r����� ��s���� �z�image_list.<locals>.<dictcomp>)�rC�����imagesrV���rW���rX���)�Z�list_aliasesr@���r3���r-���rA���rB���r����r����r����r�����
image_list{ ��r����r ���c��������������������C���r����)�a����Get an image by its fingerprint
fingerprint :
The fingerprint of the image to retrieve
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
_raw : False
Return the raw pylxd object or a dict of it?
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_get <fingerprint>
Nz�Image with fingerprint 'rt���)�rC���r����ru���r����r>���rG���r����rX���)�r����r@���r3���r-���rA���ro���rB���r\���r����r����r����� image_get� ��r����r
���c��������������������C���r����)�a|���Get an image by an alias
alias :
The alias of the image to retrieve
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
_raw : False
Return the raw pylxd object or a dict of it?
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_get_by_alias xenial/amd64
Nz�Image with alias 'rt���)�rC���r����Z�get_by_aliasr����r>���rG���r����rX���)�r^���r@���r3���r-���rA���ro���rB���r\���r����r����r������image_get_by_alias� ��r����r����c��������������������C���s����t�|�|�|�|�|���}�|�������d�S�)�as���Delete an image by an alias or fingerprint
name :
The alias or fingerprint of the image to delete,
can be a obj for the states.
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_delete xenial/amd64
T)��
_verify_imager{���)�r\���r@���r3���r-���rA���r����r����r������image_delete�
��s�����'����r
���c
�����������
���
���C���s����|�d�u�r�g�}�t�|�|�|�|���}
z�|
j�j�|�|�|�|�d���}�W�n���t�j�j�y-��}���z�t�t�|�������d�}�~�w�w�|�D�]�}�t�|�|�����q0| r<|�S�t |���S�)�a����Create an image from simplestreams
server :
Simplestreams server URI
alias :
The alias of the image to retrieve
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
aliases : []
List of aliases to append to the copied image
public : False
Make this image public available
auto_update : False
Should LXD auto update that image?
_raw : False
Return the raw pylxd object or a dict of the image?
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_from_simplestreams "https://cloud-images.ubuntu.com/releases" "trusty/amd64" aliases='["t", "trusty/amd64"]' auto_update=True
N����public��auto_update)
rC���r����Z�create_from_simplestreamsr����r>���rG���r����r&�����image_alias_addrX���)
Z�serverr^���r@���r3���r-���rA���r����r����r����ro���rB���r\���r+���r����r����r������image_from_simplestreamsK
��s ����?����������
�������������������r����c �����������
���
���C���s~���|�d�u�r�g�}�t�|�|�|�|���} z�| j�j�|�|�|�d���}
W�n���t�j�j�y,��}���z�t�t�|�������d�}�~�w�w�|�D�]�}�t�|
|�����q/|�r;|
S�t |
��S�)�az���Create an image from an url
url :
The URL from where to download the image
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
aliases : []
List of aliases to append to the copied image
public : False
Make this image public available
auto_update : False
Should LXD auto update that image?
_raw : False
Return the raw pylxd object or a dict of the image?
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_from_url https://dl.stgraber.org/lxd aliases='["busybox-amd64"]'
Nr����)
rC���r����Z�create_from_urlr����r>���rG���r����r&���r����rX���)
��urlr@���r3���r-���rA���r����r����r����ro���rB���r\���r+���r^���r����r����r������image_from_url�
��s ����;����������
�������������������r����c ���������������
���C���s����|�d�u�r�g�}�t�d���|�|�d���} d�}
t�j�j���| d�����}�|�����}
W�d���������n�1�s'w�������Y���t�|�|�|�|���}�z�|�j�j�|
|�d�d���}
W�n���t j
j�yR��}���z�t�t
|�������d�}�~�w�w�|�D�]�}�t�|
|�����qU|�ra|
S�t�|
��S�)�ar���Create an image from a file
filename :
The filename of the rootfs
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
aliases : []
List of aliases to append to the copied image
public : False
Make this image public available
saltenv : base
The saltenv to use for salt:// copies
_raw : False
Return the raw pylxd object or a dict of the image?
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_from_file salt://lxd/files/busybox.tar.xz aliases=["busybox-amd64"]
Nr����r���������z�r+bT)�r����rE���)�r����r����r����r����r����r����rC���r����rj���r����r>���rG���r����r&���r����rX���)���filenamer@���r3���r-���rA���r����r����r����ro���r������data��fprB���r\���r+���r^���r����r����r������image_from_file�
��s&����;��������
���������������������������r����c
�������������������C���s����| d�u�r�g�} t���d�|�|�|�����d�}
z�t�|�|�|�|�|�d�d���}
W�n���t�y/������t�|�|�|�|�|�d�d���}
Y�n�w�t�|�|�|�|���}�|
j�|�|
|�d�d���}�| D�]�}�t�|�|�����qB|�rN|�S�t�|���S�)�a7���Copy an image from another LXD instance
source :
An alias or a fingerprint of the source.
src_remote_addr :
An URL to the source remote daemon
Examples:
https://mysourceserver.lan:8443
src_cert :
PEM Formatted SSL Certificate for the source
Examples:
~/.config/lxc/client.crt
src_key :
PEM Formatted SSL Key for the source
Examples:
~/.config/lxc/client.key
src_verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
remote_addr :
Address of the destination daemon
Examples:
https://mydestserver.lan:8443
cert :
PEM Formatted SSL Certificate for the destination
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key for the destination
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
aliases : []
List of aliases to append to the copied image
public : None
Make this image public available, None = copy source
auto_update : None
Wherever to auto-update from the original source, None = copy source
_raw : False
Return the raw pylxd object or a dict of the destination image?
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_copy_lxd xenial/amd64 https://srv01:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false https://srv02:8443 ~/.config/lxc/client.crt ~/.config/lxc/client.key false aliases="['xenial/amd64']"
Nz/Trying to copy the image "%s" from "%s" to "%s"Trz���)�r����r����rE���) r7���r8���r����r����r
���rC�����copyr����rX���)�ra���r����r����r����r����r@���r3���r-���rA���r����r����r����ro���Z src_imager����Z
dest_imager^���r����r����r������image_copy_lxdE���s6����T���������������
������
�������
���������������������r����r����c��������������������C���s>���t�|�|�|�|�|���}�|�j�D�]�}�|�d���|�k�r���d�S�q�|���|�|�����d�S�)�a����Create an alias on the given image
image :
An image alias, a fingerprint or a image object
alias :
The alias to add
description :
Description of the alias
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
rO���T)�r����r����� add_alias)�r\���r^���r����r@���r3���r-���rA���Z
alias_infor����r����r����r��������s�����3
�����������r����c��������������������C���s:���t�|�|�|�|�|���}�z�|���|�����W�d�S���t�j�j�y�������Y�d�S�w�)�a����Delete an alias (this is currently not restricted to the image)
image :
An image alias, a fingerprint or a image object
alias :
The alias to delete
remote_addr :
An URL to a remote Server, you also have to give cert and key if
you provide remote_addr and its a TCP Address!
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Wherever to verify the cert, this is by default True
but in the most cases you want to set it off as LXD
normally uses self-signed certificates.
CLI Examples:
.. code-block:: bash
salt '*' lxd.image_alias_add xenial/amd64 x "Short version of xenial/amd64"
FT)�r����Z�delete_aliasr����r>���rG���)�r\���r^���r@���r3���r-���rA���r����r����r������image_alias_delete����s�����*������������r����c��������������������C���sP���t�|�|�|�|�|�d�d���}�|�r�|�g�}�i�}�|�D�]�}�|���|�j�d�d���|�j�����D���i�����q�|�S�)�a����
Get all snapshots for a container
container :
The name of the container to get.
remote_addr :
An URL to a remote server. The 'cert' and 'key' fields must also be
provided if 'remote_addr' is defined.
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Verify the ssl certificate. Default: True
CLI Examples:
.. code-block:: bash
salt '*' lxd.snapshots_all test-container
Trz���c��������������������S���s����g�|�]�}�d�|�j�i���q�S�rN���rN���rP���r����r����r����rS���b���s������z!snapshots_all.<locals>.<listcomp>)�ry�����updaterO���� snapshotsrV���)�rp���r@���r3���r-���rA���rU�����ret��contr����r����r�����
snapshots_all7���s�����$������������"���r"���c��������������������C���sh���t�|�|�|�|�|�d�d���}�|�s�t�������d���}�|�j���|�����t�|�����|���D�]�}�|���d���|�k�r/d�|�i�����S�q d�d�i�S�)�a����
Create a snapshot for a container
container :
The name of the container to get.
name :
The name of the snapshot.
remote_addr :
An URL to a remote server. The 'cert' and 'key' fields must also be
provided if 'remote_addr' is defined.
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Verify the ssl certificate. Default: True
CLI Examples:
.. code-block:: bash
salt '*' lxd.snapshots_create test-container test-snapshot
Trz���z�%Y%m%d%H%M%SrO���F)�ry���r������now��strftimer����rj���r"���ru���)�rp���rO���r@���r3���r-���rA���r!���rR���r����r����r������snapshots_createg���s�����)����������������r%���c��������������������C���s^���t�|�|�|�|�|�d�d���}�z�|�j�����D�]�}�|�j�|�k�r�|���������W�d�S�q�W�d�S���t�j�j�y.������Y�d�S�w�)�a����
Delete a snapshot for a container
container :
The name of the container to get.
name :
The name of the snapshot.
remote_addr :
An URL to a remote server. The 'cert' and 'key' fields must also be
provided if 'remote_addr' is defined.
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Verify the ssl certificate. Default: True
CLI Examples:
.. code-block:: bash
salt '*' lxd.snapshots_delete test-container test-snapshot
Trz���F)�ry���r����rV���rO���r{���r����r>���rG���)�rp���rO���r@���r3���r-���rA���r!�����sr����r����r������snapshots_delete����s�����)����
�������������������r'���c��������������������C���s ���t�|�|�|�|�|�d�d���}�|�j���|���S�)�a����
Get information about snapshot for a container
container :
The name of the container to get.
name :
The name of the snapshot.
remote_addr :
An URL to a remote server. The 'cert' and 'key' fields must also be
provided if 'remote_addr' is defined.
Examples:
https://myserver.lan:8443
/var/lib/mysocket.sock
cert :
PEM Formatted SSL Certificate.
Examples:
~/.config/lxc/client.crt
key :
PEM Formatted SSL Key.
Examples:
~/.config/lxc/client.key
verify_cert : True
Verify the ssl certificate. Default: True
CLI Examples:
.. code-block:: bash
salt '*' lxd.snapshots_get test-container test-snapshot
Trz���)�ry���r����ru���)�rp���rO���r@���r3���r-���rA���r����r����r�����
snapshots_get����s�����)��r(���c��������������������C���s����t�|�t���r�|�r�d�|�d���v�r�d�|�d���v�r�d�d���|�D���}�n�i�}�t�|�t���r&t�d�����t�|�t���r/t�d�����|�d�u�rB|�����D�]
\�}�}�t�|���|�|�<�q7|�d�u�r\|�D�]�}�|�|�������D�]
\�}�}�|�|�|���|�<�qPqH|�|�f�S�) a����
normalize config input so returns can be put into mongodb, which doesn't like `.`
This is not meant to be used on the commandline.
CLI Examples:
.. code-block:: bash
salt '*' lxd.normalize_input_values config={} devices={}
r-���r����r.���c��������������������S���s����i�|�] }�|�d���|�d�����q�S�)�r-���r.���r����)�rQ�����dr����r����r����r�����
��s������z*normalize_input_values.<locals>.<dictcomp>z3config can't be a string, validate your YAML input.z4devices can't be a string, validate your YAML input.N)�rd���re���r&���r����rl���)�rb���rn���r����r����rq���r����r����r����ri����
��s*���
�������
���
�����������������������������ri���c������������
�������C���s6���i�}�|�d�u�r�i�}�t�t�t�t�t�|�������t�t�|�������������}�t�|�������}�t�t�t�t�t�|�j�������t�t�|�j�������������|�_�t�|�j�������}�i�}�|�� |���D�]*}�|��
d���sQ|��
d���rRqE|�sdd���|�|�j�|�����|�|�<�|�j�|�=�qEd���|�|�j�|�����|�|�<�qE|���|���D�]<}�|��
d���s�|��
d���r�qu|�|���|�j�|���k�r�|�s�d���|�|�|���|�j�|�����|�|�<�|�|���|�j�|�<�qud���|�|�|���|�j�|�����|�|�<�qu|�� |���D�].}�|��
d���s�|��
d���r�q�|�s�d�|���d |�|�����d
��|�|�<�|�|���|�j�|�<�q�d���|�|�|�����|�|�<�q�|�r�|�|�d�<�|�d�u�r�i�}�t�|�j
������} t�|�������}
i�}�| � |
��D�]#}�|�d
k���r���q�|���s d�|���d
��|�|�<�|�j
|�=���q�d�|���d
��|�|�<���q�|�j
����D�]6\�}�}�|�d
k���r:��q/|�|�v���rA��q/|�|���|�k���rd|���s\d�|���d
��|�|�<�|�|���|�j
|�<���q/d�|���d
��|�|�<���q/|
� | ��D�]&}�|�d
k���rt��qk|���s�d�|���d
��|�|�<�|�|���|�j
|�<���qkd�|���d
��|�|�<���qk|���r�|�|�d�<�|�S�)�a����Syncs the given config and devices with the object
(a profile or a container)
returns a changes dict with all changes made.
obj :
The object to sync with / or just test with.
newconfig:
The new config to check with the obj.
newdevices:
The new devices to check with the obj.
test:
Wherever to not change anything and give "Would change" message.
Nz volatile.z�image.z+Removed config key "{}", its value was "{}"z+Would remove config key "{} with value "{}"z3Changed config key "{}" to "{}", its value was "{}"z?Would change config key "{}" to "{}", its current value is "{}"z�Added config key "z�" = "r"���z Would add config key "{}" = "{}"rb�����rootz�Removed device "z�Would remove device "z�Changed device "z�Would change device "z�Added device "z�Would add device "rn���)�rw���re�����ziprW���r&�����keys��valuesrg���rb����
differencer9���r������intersectionrn���rl���)
rH���Z newconfigZ
newdevices��testZ�changesZ�cckZ�ockZ�config_changesr����Z�dkZ�ndkZ�devices_changesr����r����r����r������sync_config_devices.
��s������������ �������$�����������������
���
���
�
�����������������������������������������������
�����������������
�������������
���
�����������������
�����������������r1���c��������������������C���s����t�|�|���}�|�d�k�r;|�d���}�|�d�k�r'd�|�v�r�t�d�����|�d���d�k�r'd�|�v�r't�d�����|�����D�]
}�|���d ��r5|�|�=�q+|�|�|�<�n�t�|���|�|�<�t�|�����t�|���S�)
z�Sets the dict item key of the attr from obj.
Basicaly it does getattr(obj, prop)[key] = value.
For the disk device we added some checks to make
device changes on the CLI saver.
rn���r]���r����r;���z�path must be given as parameterr2���ra���z!source must be given as parameter��__)�r����r����r,���r9���r&���rI���rX���)�rH�����propr-���r.�����attrr����r����r����r����r����r�����
��s ���
����������������
�����
�������r����c��������������������C���s*���t�|�|���}�|�|�v�r�t�d�|���d�������|�|���S�)�Nr4�����' doesn't exists)�r����r������rH���r3���r-���r4���r����r����r����r�����
��s����
�������r����c��������������������C���s4���t�|�|���}�|�|�v�r�t�d�|���d�������|�|�=�t�|�����d�S�)�Nr4���r5���T)�r����r����rI���r6���r����r����r����r�����
��s����
�����������r����c��������������������C���st���t�|�t���r+|�}�d�}�z
t�|�|�|�|�|�d�d���}�W�|�S���t�y*������t�|�|�|�|�|�d�d���}�Y�|�S�w�t�|�d���s8t�d�|���d�������|�S�)�NTrz���r����z�Invalid image 'r4���)�rd���r&���r����r����r
���r����)�r\���r@���r3���r-���rA���rO���r����r����r����r�����
��s����
�����������������������
�����r����c��������������������C���s0���i�}�|�j�����D�]�}�t�|�|���r�t�|�|���|�|�<�q�|�S�)�z)Translates a plyxd model object to a dict)�Z�__attributes__r,���r����r����)�rH���Z
marshalledr-���r����r����r����rX�������s��������
�������rX���r����c��������������������@���s����e�Z�d�Z�d�Z�d�S�)�r����z0An exception raised when an object is not found.N)���__name__�
__module__��__qualname__��__doc__r����r����r����r����r��������s��������)�� Containerc��������������������C���s����i�}�|�d�u�r�t�|�t���r�t�|���}�n
|���d���s�d�|�����}�|�|�d�<�|�d�u�r(t�|���|�d�<�|�d�u�r2t�|���|�d�<�|�j�j�j�|�j�j ��j
j�d�|�i�|�|�d���}�|�j�d�k�S�)�Nr����z
X-LXD-modez X-LXD-uidz X-LXD-gidr;���)���paramsr������headers�����)
rd���r����r����r9���r&���Z�_clientZ�apirU����
_containerrO���r����Z�postr~���)���self��filepathr����r����r����r����r=�����responser����r����r����r����(���s��������
�
�
�
�������������
���
�r����)�r!���NNNNNN)�NNNT)�T)�FNNNT)�NNNr����FTNNNTF)�NNNNTF)�NNNNT)�r����TNNNT) FNNNTNNNN)�r����NNNT)
FFNNNr����NNNT)�FNNNNNNT)�NNNNNNT)�NNNTF)�NNNTNFFF)�NNNTNFr����F)�TNNNF)�r����NNNT)�F)�NNN)fr:�����loggingr:���r����Z�salt.utils.decorators.pathr����Z�salt.utils.filesZ�salt.exceptionsr����r����Z�salt.utils.versionsr����r����r����Z�urllib3Z�disable_warningsr>���Z�InsecureRequestWarning��ImportError� getLoggerr7���r7���Z
__docformat__r����rh���r���r����r6���r����r����Z
decoratorsr;�����whichr����r����r,���r/���r0���rC���rI���rJ���rZ���rr���ry���r}���r����r����r����r����r����r����r����r����r����r����r����r����rm���r����r����r����r����r����r����r����r����r����r����r����r����r����r����r ���r
���r����r
���r����r����r����r����r����r����r"���r%���r'���r(���ri���r1���r����r����r����r����rX���Z�pylxd.exceptionsr����rG���r����Z�pylxd.containerr;���Z�pylxd.models.containerr����Z�FilesManagerr����r����r����r������<module>����s�������!����������������������������
��������������������������
��������
����������������������S�����"����
��k
��<
��A��������������������
���+
�
9�&
�
.
=�'����������
�
-
%
%�'����������������
��l
��-������
��4
��+
��-��������
��9
��.������������������
���g��������������
��p
��Q
��5������������
��Q
�
8�,
��3������
��9
��0
��2��������
��<
��4
��4
��9
�
8�0��������������
��W��������������
��S��������������
��]��������
����������
��>
�
9�1
��7
��7
��2
)����#��
����
������������������
�����