Add container and pod namespaces to configs

Libpod namespaces are a way to logically separate groups of pods
and containers within the state.

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

libpod/container.go

@@ -185,6 +185,8 @@ type ContainerConfig struct {
 	Name string     `json:"name"`
 	// Full ID of the pood the container belongs to
 	Pod string `json:"pod,omitempty"`
+	// Namespace the container is in
+	Namespace string `json:"namespace,omitempty"`
 
 	// TODO consider breaking these subsections up into smaller structs
 
@@ -372,6 +374,12 @@ func (c *Container) PodID() string {
 	return c.config.Pod
 }
 
+// Namespace returns the libpod namespace the container is in.
+// Namespaces are used to logically separate containers and pods in the state.
+func (c *Container) Namespace() string {
+	return c.config.Namespace
+}
+
 // Image returns the ID and name of the image used as the container's rootfs
 func (c *Container) Image() (string, string) {
 	return c.config.RootfsImageID, c.config.RootfsImageName

libpod/options.go

@@ -388,8 +388,9 @@ func WithStdin() CtrCreateOption {
 }
 
 // WithPod adds the container to a pod.
-// Containers which join a pod can only join the namespaces of other containers
-// in the same pod.
+// Containers which join a pod can only join the Linux namespaces of other
+// containers in the same pod.
+// Containers can only join pods in the same libpod namespace.
 func (r *Runtime) WithPod(pod *Pod) CtrCreateOption {
 	return func(ctr *Container) error {
 		if ctr.valid {
@@ -944,7 +945,8 @@ func WithCommand(command []string) CtrCreateOption {
 	}
 }
 
-// WithRootFS sets the rootfs for the container
+// WithRootFS sets the rootfs for the container.
+// This creates a container from a directory on disk and not an image.
 func WithRootFS(rootfs string) CtrCreateOption {
 	return func(ctr *Container) error {
 		if ctr.valid {
@@ -961,6 +963,22 @@ func WithRootFS(rootfs string) CtrCreateOption {
 	}
 }
 
+// WithNamespace sets the namespace the container will be created in.
+// Namespaces are used to create separate views of Podman's state - runtimes can
+// join a specific namespace and see only containers and pods in that namespace.
+// Empty string namespaces are allowed, and correspond to a lack of namespace.
+func WithNamespace(ns string) CtrCreateOption {
+	return func(ctr *Container) error {
+		if ctr.valid {
+			return ErrCtrFinalized
+		}
+
+		ctr.config.Namespace = ns
+
+		return nil
+	}
+}
+
 // Pod Creation Options
 
 // WithPodName sets the name of the pod.
@@ -1025,3 +1043,20 @@ func WithPodCgroups() PodCreateOption {
 		return nil
 	}
 }
+
+// WithPodNamespace sets the namespace for the created pod.
+// Namespaces are used to create separate views of Podman's state - runtimes can
+// join a specific namespace and see only containers and pods in that namespace.
+// Empty string namespaces are allowed, and correspond to a lack of namespace.
+// Containers must belong to the same namespace as the pod they join.
+func WithPodNamespace(ns string) PodCreateOption {
+	return func(pod *Pod) error {
+		if pod.valid {
+			return ErrPodFinalized
+		}
+
+		pod.config.Namespace = ns
+
+		return nil
+	}
+}

libpod/pod.go

@@ -27,6 +27,8 @@ type Pod struct {
 type PodConfig struct {
 	ID   string `json:"id"`
 	Name string `json:"name"`
+	// Namespace the pod is in
+	Namespace string `json:"namespace,omitempty"`
 
 	// Labels contains labels applied to the pod
 	Labels map[string]string `json:"labels"`
@@ -58,6 +60,12 @@ func (p *Pod) Name() string {
 	return p.config.Name
 }
 
+// Namespace returns the pod's libpod namespace.
+// Namespaces are used to logically separate containers and pods in the state.
+func (p *Pod) Namespace() string {
+	return p.config.Namespace
+}
+
 // Labels returns the pod's labels
 func (p *Pod) Labels() map[string]string {
 	labels := make(map[string]string)