Container ID.
Container UUID (for libvirt).
Container name.
Must be at least 1 characters long
Container description.
Container's devices.
No Additional ItemsUnique identifier for the containers device.
Device-specific configuration attributes.
Device type identifier for FILESYSTEM devices.
Specific value:"FILESYSTEM"
Target must not contain braces.
Must match regular expression:^[^{}]*$
Must be at least 1 characters long
Source must not contain braces, and not start with /mnt/.
Must match regular expression:^[^{}]*$
Must be at least 1 characters long
Device type identifier for GPU devices.
Specific value:"GPU"
GPU device type.
Specific value:"AMD"
PCI address of the GPU device on the host system.
Must be at least 1 characters long
Device type identifier for network interface cards.
Specific value:"NIC"
Whether to trust guest OS receive filter settings for better performance.
Network interface controller type. E1000 for Intel compatibility, VIRTIO for performance.
Host network interface or bridge to attach to. null for no attachment.
MAC address for the virtual network interface. null for auto-generation.
^([0-9A-Fa-f]{2}[:-]?){5}([0-9A-Fa-f]{2})$
Device type identifier for USB devices.
Specific value:"USB"
USB device attributes for identification. null for USB host controller only.
USB vendor identifier in hexadecimal format (e.g., '0x1d6b' for Linux Foundation).
Must match regular expression:^0x.*
Must be at least 1 characters long
USB product identifier in hexadecimal format (e.g., '0x0002' for 2.0 root hub).
Must match regular expression:^0x.*
Must be at least 1 characters long
Host USB device path to pass through. null for controller only.
Must be at least 1 characters long
ID of the container this device belongs to.
List of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.
Automatically start the container on boot.
Whether container time should be local time or UTC time.
How many seconds to wait for container to shut down before killing it.
Value must be greater or equal to 5 and lesser or equal to 300
Which dataset to use as the container root filesystem.
"init" process commandline.
"init" process working dir.
"init" process environment variables.
Each additional property must conform to the following schema
Type: string"init" process username.
"init" process group.
Idmap configuration for the container There are three two possible values: DEFAULT: This applies the standard TrueNAS idmap namespace configuration. It changes user ID (UID) 0 (root) in the container to UID 2147000001 (truenascontainerunpriv_root). It offsets the other container UIDs by the same amount. For example, UID 1000 in the container becomes UID 2147001001 in the host. ISOLATED: Same as DEFAULT, but UID will be calculated as 2147000001 + 65536 * slice. This will ensure unique ID for each container (provided that the slice is also unique).
None: The container does not apply any idmap namespace. Container UIDs map directly to host UIDs. For example, UID 0 in the container is UID 0 in the host. WARNING: For security, use the DEFAULT value. Security best practice is to run containers with idmap namespaces.
Configuration type for default ID mapping.
Specific value:"DEFAULT"
Configuration type for isolated ID mapping.
Specific value:"ISOLATED"
null when creating means we'll look up an unused slice on backend.
Value must be strictly greater than 0 and strictly lesser than 1000
Default rules for capabilities: either keep the default behavior that is dropping the following capabilities: sysmodule, systime, mknod, auditcontrol, macadmin. Or keep all capabilities, or drop all capabilities.
Enable or disable specific capabilities.
Each additional property must conform to the following schema
Type: booleanContainer state.
No Additional PropertiesContainer state.
Container PID (if running).
Domain state reported by libvirt.
Must be at least 1 characters long
Container ID.
Container UUID (for libvirt).
Container name.
Must be at least 1 characters long
Container description.
Container's devices.
No Additional ItemsUnique identifier for the containers device.
Device-specific configuration attributes.
Device type identifier for FILESYSTEM devices.
Specific value:"FILESYSTEM"
Target must not contain braces.
Must match regular expression:^[^{}]*$
Must be at least 1 characters long
Source must not contain braces, and not start with /mnt/.
Must match regular expression:^[^{}]*$
Must be at least 1 characters long
Device type identifier for GPU devices.
Specific value:"GPU"
GPU device type.
Specific value:"AMD"
PCI address of the GPU device on the host system.
Must be at least 1 characters long
Device type identifier for network interface cards.
Specific value:"NIC"
Whether to trust guest OS receive filter settings for better performance.
Network interface controller type. E1000 for Intel compatibility, VIRTIO for performance.
Host network interface or bridge to attach to. null for no attachment.
MAC address for the virtual network interface. null for auto-generation.
^([0-9A-Fa-f]{2}[:-]?){5}([0-9A-Fa-f]{2})$
Device type identifier for USB devices.
Specific value:"USB"
USB device attributes for identification. null for USB host controller only.
USB vendor identifier in hexadecimal format (e.g., '0x1d6b' for Linux Foundation).
Must match regular expression:^0x.*
Must be at least 1 characters long
USB product identifier in hexadecimal format (e.g., '0x0002' for 2.0 root hub).
Must match regular expression:^0x.*
Must be at least 1 characters long
Host USB device path to pass through. null for controller only.
Must be at least 1 characters long
ID of the container this device belongs to.
List of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.
Automatically start the container on boot.
Whether container time should be local time or UTC time.
How many seconds to wait for container to shut down before killing it.
Value must be greater or equal to 5 and lesser or equal to 300
Which dataset to use as the container root filesystem.
"init" process commandline.
"init" process working dir.
"init" process environment variables.
Each additional property must conform to the following schema
Type: string"init" process username.
"init" process group.
Idmap configuration for the container There are three two possible values: DEFAULT: This applies the standard TrueNAS idmap namespace configuration. It changes user ID (UID) 0 (root) in the container to UID 2147000001 (truenascontainerunpriv_root). It offsets the other container UIDs by the same amount. For example, UID 1000 in the container becomes UID 2147001001 in the host. ISOLATED: Same as DEFAULT, but UID will be calculated as 2147000001 + 65536 * slice. This will ensure unique ID for each container (provided that the slice is also unique).
None: The container does not apply any idmap namespace. Container UIDs map directly to host UIDs. For example, UID 0 in the container is UID 0 in the host. WARNING: For security, use the DEFAULT value. Security best practice is to run containers with idmap namespaces.
Configuration type for default ID mapping.
Specific value:"DEFAULT"
Configuration type for isolated ID mapping.
Specific value:"ISOLATED"
null when creating means we'll look up an unused slice on backend.
Value must be strictly greater than 0 and strictly lesser than 1000
Default rules for capabilities: either keep the default behavior that is dropping the following capabilities: sysmodule, systime, mknod, auditcontrol, macadmin. Or keep all capabilities, or drop all capabilities.
Enable or disable specific capabilities.
Each additional property must conform to the following schema
Type: booleanContainer state.
No Additional PropertiesContainer state.
Container PID (if running).
Domain state reported by libvirt.
Must be at least 1 characters long