kubevirt.core.kubevirt_vm module – Create or delete KubeVirt VirtualMachines

Note

This module is part of the kubevirt.core collection (version 2.2.3).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install kubevirt.core. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: kubevirt.core.kubevirt_vm.

Synopsis

• Use the Kubernetes Python client to perform create or delete operations on KubeVirt VirtualMachines.

• Pass options to create the VirtualMachine as module arguments.

• Authenticate using either a config file, certificates, password or token.

• Supports check mode.

Requirements

The below requirements are needed on the host that executes this module.

• python >= 3.9

• kubernetes >= 28.1.0

• PyYAML >= 3.11

• jsonpatch

Parameters

Parameter	Comments
annotations dictionary	Specify annotations to set on the VirtualMachine. Only used when state=present.
api_key string	Token used to authenticate with the API. Can also be specified via K8S_AUTH_API_KEY environment variable.
api_version string	Use this to set the API version of KubeVirt. Default: "kubevirt.io/v1"
ca_cert aliases: ssl_ca_cert path	Path to a CA certificate used to authenticate with the API. The full certificate chain must be provided to avoid certificate validation errors. Can also be specified via K8S_AUTH_SSL_CA_CERT environment variable.
client_cert aliases: cert_file path	Path to a certificate used to authenticate with the API. Can also be specified via K8S_AUTH_CERT_FILE environment variable.
client_key aliases: key_file path	Path to a key file used to authenticate with the API. Can also be specified via K8S_AUTH_KEY_FILE environment variable.
context string	The name of a context found in the config file. Can also be specified via K8S_AUTH_CONTEXT environment variable.
data_volume_templates list / elements=dictionary	Specify the DataVolume templates of the VirtualMachine. See https://kubevirt.io/api-reference/main/definitions.html#_v1_datavolumetemplatespec
delete_options dictionary	Configure behavior when deleting an object. Only used when state=absent.
preconditions dictionary	Specify condition that must be met for delete to proceed.
resourceVersion string	Specify the resource version of the target object.
uid string	Specify the UID of the target object.
propagationPolicy string	Use to control how dependent objects are deleted. If not specified, the default policy for the object type will be used. This may vary across object types. Choices: "Foreground" "Background" "Orphan"
force boolean	If set to force=yes, and state=present is set, an existing object will be replaced. Choices: false ← (default) true
generate_name string	Specify the basis of the VirtualMachine name and random characters will be added automatically on the cluster to generate a unique name. Only used when state=present. Mutually exclusive with name.
hidden_fields list / elements=string added in kubevirt.core 2.2.0	Hide fields matching this option in the result. An example might be hidden_fields=[metadata.managedFields] or hidden_fields=[metadata.annotations[kubemacpool.io/transaction-timestamp]]. Default: ["metadata.annotations[kubemacpool.io/transaction-timestamp]", "metadata.managedFields"]
host string	Provide a URL for accessing the API. Can also be specified via K8S_AUTH_HOST environment variable.
impersonate_groups list / elements=string	Group(s) to impersonate for the operation. Can also be specified via K8S_AUTH_IMPERSONATE_GROUPS environment variable, e.g. Group1,Group2.
impersonate_user string	Username to impersonate for the operation. Can also be specified via K8S_AUTH_IMPERSONATE_USER environment variable.
instancetype dictionary	Specify the Instancetype matcher of the VirtualMachine. Only used when state=present.
kubeconfig any	Path to an existing Kubernetes config file. If not provided, and no other connection options are provided, the Kubernetes client will attempt to load the default configuration file from ~/.kube/config. Can also be specified via K8S_AUTH_KUBECONFIG environment variable. Multiple Kubernetes config file can be provided using separator ; for Windows platform or : for others platforms. The kubernetes configuration can be provided as dictionary. This feature requires a python kubernetes client version >= 17.17.0.
labels dictionary	Specify labels to set on the VirtualMachine.
name string	Specify the name of the VirtualMachine. This option is ignored when state=present is not set. Mutually exclusive with generate_name.
namespace string / required	Specify the namespace of the VirtualMachine.
no_proxy string	The comma separated list of hosts/domains/IP/CIDR that shouldn’t go through proxy. Can also be specified via K8S_AUTH_NO_PROXY environment variable. Please note that this module does not pick up typical proxy settings from the environment (e.g. NO_PROXY). This feature requires kubernetes>=19.15.0. When kubernetes library is less than 19.15.0, it fails even no_proxy set in correct. Example value is localhost,.local,.example.com,127.0.0.1,127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16.
password string	Provide a password for authenticating with the API. Can also be specified via K8S_AUTH_PASSWORD environment variable. Please read the description of the username option for a discussion of when this option is applicable.
persist_config boolean	Whether or not to save the kube config refresh tokens. Can also be specified via K8S_AUTH_PERSIST_CONFIG environment variable. When the k8s context is using a user credentials with refresh tokens (like oidc or gke/gcloud auth), the token is refreshed by the k8s python client library but not saved by default. So the old refresh token can expire and the next auth might fail. Setting this flag to true will tell the k8s python client to save the new refresh token to the kube config file. Disabled by default. Choices: false true
preference dictionary	Specify the Preference matcher of the VirtualMachine. Only used when state=present.
proxy string	The URL of an HTTP proxy to use for the connection. Can also be specified via K8S_AUTH_PROXY environment variable. Please note that this module does not pick up typical proxy settings from the environment (e.g. HTTP_PROXY).
proxy_headers dictionary	The Header used for the HTTP proxy. Documentation can be found here https://urllib3.readthedocs.io/en/latest/reference/urllib3.util.html?highlight=proxy_headers#urllib3.util.make_headers.
basic_auth string	Colon-separated username:password for basic authentication header. Can also be specified via K8S_AUTH_PROXY_HEADERS_BASIC_AUTH environment variable.
proxy_basic_auth string	Colon-separated username:password for proxy basic authentication header. Can also be specified via K8S_AUTH_PROXY_HEADERS_PROXY_BASIC_AUTH environment variable.
user_agent string	String representing the user-agent you want, such as foo/1.0. Can also be specified via K8S_AUTH_PROXY_HEADERS_USER_AGENT environment variable.
run_strategy string added in kubevirt.core 2.0.0	Specify the RunStrategy of the VirtualMachine. Mutually exclusive with running. Choices: "Always" "Halted" "Manual" "RerunOnFailure" "Once"
running boolean	Specify whether the VirtualMachine should be running or not. Mutually exclusive with run_strategy. Defaults to running=yes when running and run_strategy are not set. Choices: false true
spec dictionary	Specify the template spec of the VirtualMachine. See https://kubevirt.io/api-reference/main/definitions.html#_v1_virtualmachineinstancespec
state string	Determines if an object should be created, patched, or deleted. When set to state=present, an object will be created, if it does not already exist. If set to state=absent, an existing object will be deleted. If set to state=present, an existing object will be patched, if its attributes differ from those specified. Choices: "absent" "present" ← (default)
username string	Provide a username for authenticating with the API. Can also be specified via K8S_AUTH_USERNAME environment variable.
validate_certs aliases: verify_ssl boolean	Whether or not to verify the API server’s SSL certificates. Can also be specified via K8S_AUTH_VERIFY_SSL environment variable. Choices: false true
wait boolean	Whether to wait for the VirtualMachine to end up in the ready state. Choices: false ← (default) true
wait_sleep integer	Number of seconds to sleep between checks. Ignored if wait is not set. Default: 5
wait_timeout integer	How long in seconds to wait for the resource to end up in the ready state. Ignored if wait is not set. Default: 120

Notes

Note

• To avoid SSL certificate validation errors when validate_certs=yes, the full certificate chain for the API server must be provided via ca_cert or in the kubeconfig file.

Examples

- name: Create a VirtualMachine
  kubevirt.core.kubevirt_vm:
    state: present
    name: testvm
    namespace: default
    labels:
      app: test
    instancetype:
      name: u1.medium
    preference:
      name: fedora
    spec:
      domain:
        devices:
          interfaces:
            - name: default
              masquerade: {}
            - name: bridge-network
              bridge: {}
      networks:
        - name: default
          pod: {}
        - name: bridge-network
          multus:
            networkName: kindexgw
      volumes:
        - containerDisk:
            image: quay.io/containerdisks/fedora:latest
          name: containerdisk
        - cloudInitNoCloud:
            userData: |-
              #cloud-config
              # The default username is: fedora
              ssh_authorized_keys:
                - ssh-ed25519 AAAA...
          name: cloudinit

- name: Create a VirtualMachine with a DataVolume template
  kubevirt.core.kubevirt_vm:
    state: present
    name: testvm-with-dv
    namespace: default
    labels:
      app: test
    instancetype:
      name: u1.medium
    preference:
      name: fedora
    data_volume_templates:
      - metadata:
          name: testdv
        spec:
          source:
            registry:
              url: docker://quay.io/containerdisks/fedora:latest
          storage:
            accessModes:
              - ReadWriteOnce
            resources:
              requests:
                storage: 5Gi
    spec:
      domain:
        devices: {}
      volumes:
        - dataVolume:
            name: testdv
          name: datavolume
        - cloudInitNoCloud:
            userData: |-
              #cloud-config
              # The default username is: fedora
              ssh_authorized_keys:
                - ssh-ed25519 AAAA...
          name: cloudinit
    wait: true

- name: Delete a VirtualMachine
  kubevirt.core.kubevirt_vm:
    name: testvm
    namespace: default
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Description
result complex	The created object. Will be empty in the case of a deletion. Returned: success
changed boolean	Whether the VirtualMachine was changed or not. Returned: success Sample: true
duration integer	Elapsed time of the task in seconds. Returned: When wait=true. Sample: 48
method string	Method executed on the Kubernetes API. Returned: success

Authors

• KubeVirt.io Project

Collection links

• Issue Tracker
• Homepage
• Repository (Sources)
• Report an issue
• Communication