states.azurerm.containerinstance.group

Azure Resource Manager (ARM) Container Instance Group State Module

New in version 3.0.0.

Changed in version 4.0.0.

maintainer:

<devops@eitr.tech>

configuration:

This module requires Azure Resource Manager credentials to be passed via acct. Note that the authentication parameters are case sensitive.

Required provider parameters:

if using username and password:
  • subscription_id
  • username
  • password
if using a service principal:
  • subscription_id
  • tenant
  • client_id
  • secret

Optional provider parameters:

cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:

  • AZURE_PUBLIC_CLOUD (default)
  • AZURE_CHINA_CLOUD
  • AZURE_US_GOV_CLOUD
  • AZURE_GERMAN_CLOUD

Example configuration for Azure Resource Manager authentication:

azurerm:
    default:
        subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
        tenant: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
        client_id: ABCDEFAB-1234-ABCD-1234-ABCDEFABCDEF
        secret: XXXXXXXXXXXXXXXXXXXXXXXX
        cloud_environment: AZURE_PUBLIC_CLOUD
    user_pass_auth:
        subscription_id: 3287abc8-f98a-c678-3bde-326766fd3617
        username: fletch
        password: 123pass

The authentication parameters can also be passed as a dictionary of keyword arguments to the connection_auth parameter of each state, but this is not preferred and could be deprecated in the future.

idem_azurerm.states.azurerm.containerinstance.group.absent(hub, ctx, name, resource_group, connection_auth=None, **kwargs)

New in version 3.0.0.

Ensure a container instance group does not exist in a resource group.

Parameters:
  • name – Name of the container instance group.
  • resource_group – The name of the resource group to which the container instance group belongs.
  • connection_auth – A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.
Ensure container instance group is absent:
    azurerm.containerinstance.group.absent:
        - name: containergroup
        - resource_group: testgroup
idem_azurerm.states.azurerm.containerinstance.group.present(hub, ctx, name, resource_group, containers, os_type, restart_policy='OnFailure', identity=None, image_registry_credentials=None, ip_address=None, volumes=None, diagnostics=None, network_profile=None, dns_config=None, sku=None, encryption_properties=None, init_containers=None, tags=None, connection_auth=None, **kwargs)

New in version 3.0.0.

Changed in version 4.0.0.

Ensure a container instance group exists.

Parameters:
  • name – The name of the container group.
  • resource_group – The name of the resource group to which the container group belongs.
  • containers

    A list of the containers within the container group. The following are possible parameters for the containers:

    • name: Required. The user-provided name of the container instance.
    • image: Required. The name of the image used to create the container instance.
    • resources:
      • requests:
        • memory_in_gb: Required. The memory request in GB of this container instance.
        • cpu: Required. The CPU request of this container instance.
        • gpu: The GPU request of this container instance.
      • limits:
        • memory_in_gb: The memory limit in GB of this container instance.
        • cpu: The CPU limit of this container instance.
        • gpu: The GPU limit of this container instance.
    • command: A list of commands to execute within the container instance in exec form.
    • ports: A list of the dictionaries of exposed ports on the container instance (i.e., {"protocol": "TCP", "port": 80}).
    • environment_variables: A list of environment variables to set in the container instance.
      • name: Required if environment_variables is used. The name of the environment variable.
      • value: The value of the environment variable.
      • secure_value: The value of the secure environment variable.
    • volume_mounts: A list of volume mounts available to the container instance.
      • name: Required if volume_mounts is used. The name of the volume mount.
      • mount_path: Required if volume_mounts is used. The path within the container where the volume should be mounted. Must not contain colon (:).
      • read_only: Boolean flag indicating whether the volume mount is read-only.
    • liveness_probe:
      • exec_property:
        • command: The commands to execute within the container.
      • http_get:
        • path: The path to probe.
        • port: Required if http_get is used. The port number to probe.
        • scheme: The scheme. Possible values include: ‘http’, ‘https’.
      • initial_delay_seconds: The initial delay seconds.
      • period_seconds: The period seconds.
      • failure_threshold: The failure threshold.
      • success_threshold: The success threshold.
      • timeout_seconds: The timeout seconds.
    • readiness_probe:
      • exec_property:
        • command: The commands to execute within the container.
      • http_get:
        • path: The path to probe.
        • port: Required if http_get is used. The port number to probe.
        • scheme: The scheme. Possible values include: ‘http’, ‘https’
      • initial_delay_seconds: The initial delay seconds.
      • period_seconds: The period seconds.
      • failure_threshold: The failure threshold.
      • success_threshold: The success threshold.
      • timeout_seconds: The timeout seconds.
  • os_type – The operating system type required by the containers in the container group. Possible values include: ‘Windows’, ‘Linux’.
  • restart_policy

    Restart policy for all containers within the container group. Possible values are:

    • Always: Always restart.
    • OnFailure: Restart on failure.
    • Never: Never restart.
  • identity – A dictionary defining a ContainerGroupIdentity object which represents the identity for the container group.
  • image_registry_credentials – A list of dictionaries defining ImageRegistryCredential objects for the image registry credentials.
  • ip_address

    A dictionary defining an IpAddress object which represents the IP address for the container group. Possible keys are:

    • ports: The list of ports exposed on the container group. Required if ip_address is used.
    • type: Specifies if the IP is exposed to the public internet or private VNET. Required if ip_address is used. Possible values include: ‘Public’, ‘Private’.
    • ip: The IP exposed to the public internet.
    • dns_name_label: The Dns name label for the IP.
  • volumes – The list of dictionaries representing Volume objects that can be mounted by containers in this container group.
  • diagnostics – A dictionary defining a ContainerGroupDiagnostics object which represents the diagnostic information for the container group.
  • network_profile – A dictionary defining a ContainerGroupNetworkProfile object which represents the network profile information for the container group.
  • dns_config – A dictionary defining a DnsConfiguration object which represents the DNS config information for the container group.
  • sku – The SKU for a container group. Possible values include: ‘Standard’, ‘Dedicated’.
  • encryption_properties – A dictionary defining an EncryptionProperties object which represents the encryption properties for the container group.
  • init_containers – A list of dictionaries defining InitContainerDefinition objects which represent the init containers for the container group.
  • tags – A dictionary of strings can be passed as tag metadata to the object.
  • connection_auth – A dict with subscription and authentication parameters to be used in connecting to the Azure Resource Manager API.

Example usage:

Ensure container instance group exists:
    azurerm.containerinstance.group.present:
        - name: containergroup
        - resource_group: testgroup
        - containers:
            - name: mycoolwebcontainer
              image: "nginx:latest"
              ports:
                - protocol: TCP
                  port: 80
              resources:
                  requests:
                      memory_in_gb: 1
                      cpu: 1
              volume_mounts:
                - name: testwebsite
                  mount_path: /usr/share/nginx
                  read_only: True
        - os_type: Linux
        - restart_policy: OnFailure
        - ip_address:
            ports:
              - protocol: TCP
                port: 80
            type: Public
            dns_name_label: supercoolcontainergroup
        - volumes:
            - name: testwebsite
              git_repo:
                directory: html
                repository: "https://github.com/WooxSolo/test-website"
        - tags:
            how_awesome: very
            contact_name: Elmer Fudd Gantry