container.query

Sent on container changes.

Type: object

ContainerAddedEvent

Type: object
No Additional Properties

Id

Type: integer

ContainerEntry

Type: object
No Additional Properties

Id

Type: integer

Container ID.

Uuid

Default: null

Container UUID (for libvirt).

Type: string
Type: null

Name

Type: string

Container name.

Must be at least 1 characters long

Description

Type: string Default: ""

Container description.

Devices

Type: array of object Default: []

Container's devices.

 No Additional Items
Each item of this array must be:

ContainerDeviceEntry

Type: object
No Additional Properties

Id

Type: integer

Unique identifier for the containers device.

Attributes


Device-specific configuration attributes.

ContainerFilesystemDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for FILESYSTEM devices.

Specific value: "FILESYSTEM"

Target

Type: string Default: "/usr/bin/zsh"

Target must not contain braces.

Must match regular expression: ^[^{}]*$

Must be at least 1 characters long

Source

Type: string Default: "/usr/bin/zsh"

Source must not contain braces, and not start with /mnt/.

Must match regular expression: ^[^{}]*$

Must be at least 1 characters long

ContainerGPUDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for GPU devices.

Specific value: "GPU"

Gpu Type

Type: enum (of string)

GPU device type.

Must be one of:
  • "AMD"
  • "INTEL"
  • "NVIDIA"

Pci Address

Type: string

PCI address of the GPU device on the host system.

Must be at least 1 characters long

ContainerNICDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for network interface cards.

Specific value: "NIC"

Trust Guest Rx Filters

Type: boolean Default: false

Whether to trust guest OS receive filter settings for better performance.

Type

Type: enum (of string) Default: "E1000"

Network interface controller type. E1000 for Intel compatibility, VIRTIO for performance.

Must be one of:
  • "E1000"
  • "VIRTIO"

Nic Attach

Default: null

Host network interface or bridge to attach to. null for no attachment.

Type: string
Type: null

Mac

Default: null

MAC address for the virtual network interface. null for auto-generation.

Type: string
Must match regular expression: ^([0-9A-Fa-f]{2}[:-]?){5}([0-9A-Fa-f]{2})$
Type: null

ContainerUSBDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for USB devices.

Specific value: "USB"

Default: null

USB device attributes for identification. null for USB host controller only.

USBAttributes

Type: object
No Additional Properties

Vendor Id

Type: string Default: "/usr/bin/zsh"

USB vendor identifier in hexadecimal format (e.g., '0x1d6b' for Linux Foundation).

Must match regular expression: ^0x.*

Must be at least 1 characters long

Product Id

Type: string Default: "/usr/bin/zsh"

USB product identifier in hexadecimal format (e.g., '0x0002' for 2.0 root hub).

Must match regular expression: ^0x.*

Must be at least 1 characters long

Type: null

Device

Default: null

Host USB device path to pass through. null for controller only.

Type: string

Must be at least 1 characters long

Type: null

Container

Type: integer

ID of the container this device belongs to.

Cpuset

Default: null

List of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.

Type: string
Type: null

Autostart

Type: boolean Default: true

Automatically start the container on boot.

Time

Type: enum (of string) Default: "LOCAL"

Whether container time should be local time or UTC time.

Must be one of:
  • "LOCAL"
  • "UTC"

Shutdown Timeout

Type: integer Default: 90

How many seconds to wait for container to shut down before killing it.

Value must be greater or equal to 5 and lesser or equal to 300

Dataset

Type: string

Which dataset to use as the container root filesystem.

Init

Type: string Default: "/sbin/init"

"init" process commandline.

Initdir

Default: null

"init" process working dir.

Type: string
Type: null

Initenv

Type: object Default: {}

"init" process environment variables.

Each additional property must conform to the following schema

Type: string

Inituser

Default: null

"init" process username.

Type: string
Type: null

Initgroup

Default: null

"init" process group.

Type: string
Type: null

Idmap

Default: {"type": "DEFAULT"}

Idmap configuration for the container There are three two possible values: DEFAULT: This applies the standard TrueNAS idmap namespace configuration. It changes user ID (UID) 0 (root) in the container to UID 2147000001 (truenascontainerunpriv_root). It offsets the other container UIDs by the same amount. For example, UID 1000 in the container becomes UID 2147001001 in the host. ISOLATED: Same as DEFAULT, but UID will be calculated as 2147000001 + 65536 * slice. This will ensure unique ID for each container (provided that the slice is also unique).
None: The container does not apply any idmap namespace. Container UIDs map directly to host UIDs. For example, UID 0 in the container is UID 0 in the host. WARNING: For security, use the DEFAULT value. Security best practice is to run containers with idmap namespaces.


DefaultIdmapConfiguration

Type: object
No Additional Properties

Type

Type: const

Configuration type for default ID mapping.

Specific value: "DEFAULT"

IsolatedIdmapConfiguration

Type: object
No Additional Properties

Type

Type: const

Configuration type for isolated ID mapping.

Specific value: "ISOLATED"

Slice


null when creating means we'll look up an unused slice on backend.

Type: integer

Value must be strictly greater than 0 and strictly lesser than 1000

Type: null
Type: null

Capabilities Policy

Type: enum (of string) Default: "DEFAULT"

Default rules for capabilities: either keep the default behavior that is dropping the following capabilities: sysmodule, systime, mknod, auditcontrol, macadmin. Or keep all capabilities, or drop all capabilities.

Must be one of:
  • "DEFAULT"
  • "ALLOW"
  • "DENY"

Capabilities State

Type: object Default: {}

Enable or disable specific capabilities.

Each additional property must conform to the following schema

Type: boolean

Default Network

Default: null

The default network bridge this container will use when no NIC devices are explicitly attached. When the container has explicitly configured NIC devices, this is null because the NIC configuration is visible in the devices list.

Type: string
Type: null

ContainerStatus

Type: object

Container state.

 No Additional Properties

State

Type: enum (of string)

Container state.

Must be one of:
  • "RUNNING"
  • "STOPPED"

Pid


Container host PID (if running). Informational only do not rely on this value to identify the container's init process.

Type: integer
Type: null

Domain State


Domain state reported by libvirt.

Type: string

Must be at least 1 characters long

Type: null

ContainerChangedEvent

Type: object
No Additional Properties

Id

Type: integer

ContainerEntry

Type: object
No Additional Properties

Id

Type: integer

Container ID.

Uuid

Default: null

Container UUID (for libvirt).

Type: string
Type: null

Name

Type: string

Container name.

Must be at least 1 characters long

Description

Type: string Default: ""

Container description.

Devices

Type: array of object Default: []

Container's devices.

 No Additional Items
Each item of this array must be:

ContainerDeviceEntry

Type: object
No Additional Properties

Id

Type: integer

Unique identifier for the containers device.

Attributes


Device-specific configuration attributes.

ContainerFilesystemDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for FILESYSTEM devices.

Specific value: "FILESYSTEM"

Target

Type: string Default: "/usr/bin/zsh"

Target must not contain braces.

Must match regular expression: ^[^{}]*$

Must be at least 1 characters long

Source

Type: string Default: "/usr/bin/zsh"

Source must not contain braces, and not start with /mnt/.

Must match regular expression: ^[^{}]*$

Must be at least 1 characters long

ContainerGPUDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for GPU devices.

Specific value: "GPU"

Gpu Type

Type: enum (of string)

GPU device type.

Must be one of:
  • "AMD"
  • "INTEL"
  • "NVIDIA"

Pci Address

Type: string

PCI address of the GPU device on the host system.

Must be at least 1 characters long

ContainerNICDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for network interface cards.

Specific value: "NIC"

Trust Guest Rx Filters

Type: boolean Default: false

Whether to trust guest OS receive filter settings for better performance.

Type

Type: enum (of string) Default: "E1000"

Network interface controller type. E1000 for Intel compatibility, VIRTIO for performance.

Must be one of:
  • "E1000"
  • "VIRTIO"

Nic Attach

Default: null

Host network interface or bridge to attach to. null for no attachment.

Type: string
Type: null

Mac

Default: null

MAC address for the virtual network interface. null for auto-generation.

Type: string
Must match regular expression: ^([0-9A-Fa-f]{2}[:-]?){5}([0-9A-Fa-f]{2})$
Type: null

ContainerUSBDevice

Type: object
No Additional Properties

Dtype

Type: const

Device type identifier for USB devices.

Specific value: "USB"

Default: null

USB device attributes for identification. null for USB host controller only.

USBAttributes

Type: object
No Additional Properties

Vendor Id

Type: string Default: "/usr/bin/zsh"

USB vendor identifier in hexadecimal format (e.g., '0x1d6b' for Linux Foundation).

Must match regular expression: ^0x.*

Must be at least 1 characters long

Product Id

Type: string Default: "/usr/bin/zsh"

USB product identifier in hexadecimal format (e.g., '0x0002' for 2.0 root hub).

Must match regular expression: ^0x.*

Must be at least 1 characters long

Type: null

Device

Default: null

Host USB device path to pass through. null for controller only.

Type: string

Must be at least 1 characters long

Type: null

Container

Type: integer

ID of the container this device belongs to.

Cpuset

Default: null

List of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.

Type: string
Type: null

Autostart

Type: boolean Default: true

Automatically start the container on boot.

Time

Type: enum (of string) Default: "LOCAL"

Whether container time should be local time or UTC time.

Must be one of:
  • "LOCAL"
  • "UTC"

Shutdown Timeout

Type: integer Default: 90

How many seconds to wait for container to shut down before killing it.

Value must be greater or equal to 5 and lesser or equal to 300

Dataset

Type: string

Which dataset to use as the container root filesystem.

Init

Type: string Default: "/sbin/init"

"init" process commandline.

Initdir

Default: null

"init" process working dir.

Type: string
Type: null

Initenv

Type: object Default: {}

"init" process environment variables.

Each additional property must conform to the following schema

Type: string

Inituser

Default: null

"init" process username.

Type: string
Type: null

Initgroup

Default: null

"init" process group.

Type: string
Type: null

Idmap

Default: {"type": "DEFAULT"}

Idmap configuration for the container There are three two possible values: DEFAULT: This applies the standard TrueNAS idmap namespace configuration. It changes user ID (UID) 0 (root) in the container to UID 2147000001 (truenascontainerunpriv_root). It offsets the other container UIDs by the same amount. For example, UID 1000 in the container becomes UID 2147001001 in the host. ISOLATED: Same as DEFAULT, but UID will be calculated as 2147000001 + 65536 * slice. This will ensure unique ID for each container (provided that the slice is also unique).
None: The container does not apply any idmap namespace. Container UIDs map directly to host UIDs. For example, UID 0 in the container is UID 0 in the host. WARNING: For security, use the DEFAULT value. Security best practice is to run containers with idmap namespaces.


DefaultIdmapConfiguration

Type: object
No Additional Properties

Type

Type: const

Configuration type for default ID mapping.

Specific value: "DEFAULT"

IsolatedIdmapConfiguration

Type: object
No Additional Properties

Type

Type: const

Configuration type for isolated ID mapping.

Specific value: "ISOLATED"

Slice


null when creating means we'll look up an unused slice on backend.

Type: integer

Value must be strictly greater than 0 and strictly lesser than 1000

Type: null
Type: null

Capabilities Policy

Type: enum (of string) Default: "DEFAULT"

Default rules for capabilities: either keep the default behavior that is dropping the following capabilities: sysmodule, systime, mknod, auditcontrol, macadmin. Or keep all capabilities, or drop all capabilities.

Must be one of:
  • "DEFAULT"
  • "ALLOW"
  • "DENY"

Capabilities State

Type: object Default: {}

Enable or disable specific capabilities.

Each additional property must conform to the following schema

Type: boolean

Default Network

Default: null

The default network bridge this container will use when no NIC devices are explicitly attached. When the container has explicitly configured NIC devices, this is null because the NIC configuration is visible in the devices list.

Type: string
Type: null

ContainerStatus

Type: object

Container state.

 No Additional Properties

State

Type: enum (of string)

Container state.

Must be one of:
  • "RUNNING"
  • "STOPPED"

Pid


Container host PID (if running). Informational only do not rely on this value to identify the container's init process.

Type: integer
Type: null

Domain State


Domain state reported by libvirt.

Type: string

Must be at least 1 characters long

Type: null

ContainerRemovedEvent

Type: object
No Additional Properties

Id

Type: integer


Required roles: CONTAINER_READ