container.query¶
No Additional Items
Tuple Validation
Parameter 1: filters
filters
Type: array Default: []List of filters for query results. See API documentation for "Query Methods" for more guidance.
No Additional ItemsEach item of this array must be:
[
[
"name",
"=",
"bob"
]
]
[
[
"OR",
[
[
[
"name",
"=",
"bob"
]
],
[
[
"name",
"=",
"larry"
]
]
]
]
]
Parameter 2: options
options
Type: objectQuery options including pagination, ordering, and additional parameters.
No Additional PropertiesExtra
Type: object Default: {}Extra options are defined on a per-endpoint basis and are described in the documentation for the associated query method.
Order By
Type: array of string Default: []An array of field names describing the manner in which query results should be ordered. The field names may also have one of more of the following special prefixes: - (reverse sort direction), nulls_first: (place any null values at the head of the results list), nulls_last: (place any null values at the tail of the results list).
Each item of this array must be:
[
"size",
"-devname",
"nulls_first:-expiretime"
]
Select
Type: array Default: []An array of field names specifying the exact fields to include in the query return. The dot character . may be used to explicitly select only subkeys of the query result.
Each item of this array must be:
No Additional Items
Each item of this array must be:
[
"username",
"Authentication.status"
]
Count
Type: boolean Default: falseReturn a numeric value representing the number of items that match the specified query-filters.
Get
Type: boolean Default: falseReturn the JSON object of the first result matching the specified query-filters. The query fails if there specified query-filters return no results.
Offset
Type: integer Default: 0This specifies the beginning offset of the results array. When combined with the limit query-option it may be used to implement pagination of large results arrays. WARNING: some query methods provide volatile results and the onus is on the developer to understand whether pagination is appropriate for a particular query API method.
Limit
Type: integer Default: 0This specifies the maximum number of results matching the specified query-filters to return. When combined wtih the offset query-option it may be used to implement pagination of large results arrays.
WARNING: Some query methods provide volatile results and the onus is on the developer to understand whether pagination is appropriate for a particular query API method.
Force Sql Filters
Type: boolean Default: falseForce use of SQL for result filtering to reduce response time. May not work for all methods.
Result
No Additional Items
Each item of this array must be:
ContainerQueryResultItem
Type: objectNo Additional Properties
Id
Type: integerContainer ID.
Uuid
Container UUID (for libvirt).
Name
Type: stringContainer name.
Must be at least 1 characters long
Description
Type: stringContainer description.
Devices
Type: array of objectContainer's devices.
No Additional ItemsEach item of this array must be:
ContainerDeviceEntry
Type: objectNo Additional Properties
Id
Type: integerUnique identifier for the containers device.
Attributes
Device-specific configuration attributes.
ContainerFilesystemDevice
Type: objectNo Additional Properties
Dtype
Type: constDevice type identifier for FILESYSTEM devices.
Specific value:"FILESYSTEM"
Target
Type: string Default: "/usr/bin/zsh"Target must not contain braces.
Must match regular expression:^[^{}]*$
Must be at least 1 characters long
Source
Type: string Default: "/usr/bin/zsh"Source must not contain braces, and not start with /mnt/.
Must match regular expression:^[^{}]*$
Must be at least 1 characters long
ContainerGPUDevice
Type: objectNo Additional Properties
Dtype
Type: constDevice type identifier for GPU devices.
Specific value:"GPU"
Gpu Type
Type: constGPU device type.
Specific value:"AMD"
Pci Address
Type: stringPCI address of the GPU device on the host system.
Must be at least 1 characters long
ContainerNICDevice
Type: objectNo Additional Properties
Dtype
Type: constDevice type identifier for network interface cards.
Specific value:"NIC"
Trust Guest Rx Filters
Type: boolean Default: falseWhether to trust guest OS receive filter settings for better performance.
Type
Type: enum (of string) Default: "E1000"Network interface controller type. E1000 for Intel compatibility, VIRTIO for performance.
Must be one of:
- "E1000"
- "VIRTIO"
Nic Attach
Default: nullHost network interface or bridge to attach to. null for no attachment.
Mac
Default: nullMAC address for the virtual network interface. null for auto-generation.
Must match regular expression:
^([0-9A-Fa-f]{2}[:-]?){5}([0-9A-Fa-f]{2})$
ContainerUSBDevice
Type: objectNo Additional Properties
Dtype
Type: constDevice type identifier for USB devices.
Specific value:"USB"
USB device attributes for identification. null for USB host controller only.
USBAttributes
Type: objectNo Additional Properties
Vendor Id
Type: string Default: "/usr/bin/zsh"USB vendor identifier in hexadecimal format (e.g., '0x1d6b' for Linux Foundation).
Must match regular expression:^0x.*
Must be at least 1 characters long
Product Id
Type: string Default: "/usr/bin/zsh"USB product identifier in hexadecimal format (e.g., '0x0002' for 2.0 root hub).
Must match regular expression:^0x.*
Must be at least 1 characters long
Device
Default: nullHost USB device path to pass through. null for controller only.
Must be at least 1 characters long
Container
Type: integerID of the container this device belongs to.
Cpuset
List of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.
Autostart
Type: booleanAutomatically start the container on boot.
Time
Type: enum (of string)Whether container time should be local time or UTC time.
Must be one of:
- "LOCAL"
- "UTC"
Shutdown Timeout
Type: integerHow many seconds to wait for container to shut down before killing it.
Value must be greater or equal to 5 and lesser or equal to 300
Dataset
Type: stringWhich dataset to use as the container root filesystem.
Init
Type: string"init" process commandline.
Initdir
"init" process working dir.
Initenv
Type: object"init" process environment variables.
Each additional property must conform to the following schema
Type: stringInituser
"init" process username.
Initgroup
"init" process group.
Idmap
Idmap configuration for the container There are three two possible values: DEFAULT: This applies the standard TrueNAS idmap namespace configuration. It changes user ID (UID) 0 (root) in the container to UID 2147000001 (truenascontainerunpriv_root). It offsets the other container UIDs by the same amount. For example, UID 1000 in the container becomes UID 2147001001 in the host. ISOLATED: Same as DEFAULT, but UID will be calculated as 2147000001 + 65536 * slice. This will ensure unique ID for each container (provided that the slice is also unique).
None: The container does not apply any idmap namespace. Container UIDs map directly to host UIDs. For example, UID 0 in the container is UID 0 in the host. WARNING: For security, use the DEFAULT value. Security best practice is to run containers with idmap namespaces.
DefaultIdmapConfiguration
Type: objectNo Additional Properties
Type
Type: constConfiguration type for default ID mapping.
Specific value:"DEFAULT"
IsolatedIdmapConfiguration
Type: objectNo Additional Properties
Type
Type: constConfiguration type for isolated ID mapping.
Specific value:"ISOLATED"
Slice
null when creating means we'll look up an unused slice on backend.
Value must be strictly greater than 0 and strictly lesser than 1000
Capabilities Policy
Type: enum (of string)Default rules for capabilities: either keep the default behavior that is dropping the following capabilities: sysmodule, systime, mknod, auditcontrol, macadmin. Or keep all capabilities, or drop all capabilities.
Must be one of:
- "DEFAULT"
- "ALLOW"
- "DENY"
Capabilities State
Type: objectEnable or disable specific capabilities.
Each additional property must conform to the following schema
Type: booleanContainerStatus
Type: objectContainer state.
No Additional PropertiesState
Type: enum (of string)Container state.
Must be one of:
- "RUNNING"
- "STOPPED"
Pid
Container PID (if running).
Domain State
Domain state reported by libvirt.
Must be at least 1 characters long
ContainerQueryResultItem
Type: objectNo Additional Properties
Id
Type: integerContainer ID.
Uuid
Container UUID (for libvirt).
Name
Type: stringContainer name.
Must be at least 1 characters long
Description
Type: stringContainer description.
Devices
Type: arrayContainer's devices.
No Additional ItemsEach item of this array must be:
Cpuset
List of physical CPU numbers that domain process and virtual CPUs can be pinned to by default.
Autostart
Type: booleanAutomatically start the container on boot.
Time
Type: enum (of string)Whether container time should be local time or UTC time.
Must be one of:
- "LOCAL"
- "UTC"
Shutdown Timeout
Type: integerHow many seconds to wait for container to shut down before killing it.
Value must be greater or equal to 5 and lesser or equal to 300
Dataset
Type: stringWhich dataset to use as the container root filesystem.
Init
Type: string"init" process commandline.
Initdir
"init" process working dir.
Initenv
Type: object"init" process environment variables.
Each additional property must conform to the following schema
Type: stringInituser
"init" process username.
Initgroup
"init" process group.
Idmap
Idmap configuration for the container There are three two possible values: DEFAULT: This applies the standard TrueNAS idmap namespace configuration. It changes user ID (UID) 0 (root) in the container to UID 2147000001 (truenascontainerunpriv_root). It offsets the other container UIDs by the same amount. For example, UID 1000 in the container becomes UID 2147001001 in the host. ISOLATED: Same as DEFAULT, but UID will be calculated as 2147000001 + 65536 * slice. This will ensure unique ID for each container (provided that the slice is also unique).
None: The container does not apply any idmap namespace. Container UIDs map directly to host UIDs. For example, UID 0 in the container is UID 0 in the host. WARNING: For security, use the DEFAULT value. Security best practice is to run containers with idmap namespaces.
Capabilities Policy
Type: enum (of string)Default rules for capabilities: either keep the default behavior that is dropping the following capabilities: sysmodule, systime, mknod, auditcontrol, macadmin. Or keep all capabilities, or drop all capabilities.
Must be one of:
- "DEFAULT"
- "ALLOW"
- "DENY"
Capabilities State
Type: objectEnable or disable specific capabilities.
Each additional property must conform to the following schema
Type: booleanContainer state.
Required roles: CONTAINER_READ