diff --git a/cmd/podman/kube/kube.go b/cmd/podman/kube/kube.go new file mode 100644 index 0000000000..68f55a1574 --- /dev/null +++ b/cmd/podman/kube/kube.go @@ -0,0 +1,35 @@ +package pods + +import ( + "github.com/containers/podman/v4/cmd/podman/registry" + "github.com/containers/podman/v4/cmd/podman/validate" + "github.com/spf13/cobra" +) + +var ( + // Command: podman _kube_ + kubeCmd = &cobra.Command{ + Use: "kube", + Short: "Play containers, pods or volumes from a structured file", + Long: "Play structured data (e.g., Kubernetes YAML) based on containers, pods or volumes.", + RunE: validate.SubCommandExists, + } + + playKubeParentCmd = &cobra.Command{ + Use: "play", + Short: "Play containers, pods or volumes from a structured file", + Long: "Play structured data (e.g., Kubernetes YAML) based on containers, pods or volumes.", + Hidden: true, + RunE: validate.SubCommandExists, + } +) + +func init() { + registry.Commands = append(registry.Commands, registry.CliCommand{ + Command: kubeCmd, + }) + + registry.Commands = append(registry.Commands, registry.CliCommand{ + Command: playKubeParentCmd, + }) +} diff --git a/cmd/podman/play/kube.go b/cmd/podman/kube/play.go similarity index 60% rename from cmd/podman/play/kube.go rename to cmd/podman/kube/play.go index 8fd12baafb..685cb521cc 100644 --- a/cmd/podman/play/kube.go +++ b/cmd/podman/kube/play.go @@ -29,23 +29,38 @@ type playKubeOptionsWrapper struct { CredentialsCLI string StartCLI bool BuildCLI bool + annotations []string + macs []string } var ( - annotations []string - macs []string // https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ defaultSeccompRoot = "/var/lib/kubelet/seccomp" - kubeOptions = playKubeOptionsWrapper{} - kubeDescription = `Command reads in a structured file of Kubernetes YAML. + playOptions = playKubeOptionsWrapper{} + playDescription = `Command reads in a structured file of Kubernetes YAML. It creates pods or volumes based on the Kubernetes kind described in the YAML. Supported kinds are Pods, Deployments and PersistentVolumeClaims.` - kubeCmd = &cobra.Command{ + playCmd = &cobra.Command{ + Use: "play [options] KUBEFILE|-", + Short: "Play a pod or volume based on Kubernetes YAML.", + Long: playDescription, + RunE: Play, + Args: cobra.ExactArgs(1), + ValidArgsFunction: common.AutocompleteDefaultOneArg, + Example: `podman kube play nginx.yml + cat nginx.yml | podman kube play - + podman kube play --creds user:password --seccomp-profile-root /custom/path apache.yml`, + } +) + +var ( + playKubeCmd = &cobra.Command{ Use: "kube [options] KUBEFILE|-", Short: "Play a pod or volume based on Kubernetes YAML.", - Long: kubeDescription, - RunE: kube, + Long: playDescription, + Hidden: true, + RunE: playKube, Args: cobra.ExactArgs(1), ValidArgsFunction: common.AutocompleteDefaultOneArg, Example: `podman play kube nginx.yml @@ -56,170 +71,183 @@ var ( func init() { registry.Commands = append(registry.Commands, registry.CliCommand{ - Command: kubeCmd, - Parent: playCmd, + Command: playCmd, + Parent: kubeCmd, }) + playFlags(playCmd) - flags := kubeCmd.Flags() + registry.Commands = append(registry.Commands, registry.CliCommand{ + Command: playKubeCmd, + Parent: playKubeParentCmd, + }) + playFlags(playKubeCmd) +} + +func playFlags(cmd *cobra.Command) { + flags := cmd.Flags() flags.SetNormalizeFunc(utils.AliasFlags) annotationFlagName := "annotation" flags.StringSliceVar( - &annotations, + &playOptions.annotations, annotationFlagName, []string{}, "Add annotations to pods (key=value)", ) - _ = kubeCmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone) + _ = cmd.RegisterFlagCompletionFunc(annotationFlagName, completion.AutocompleteNone) credsFlagName := "creds" - flags.StringVar(&kubeOptions.CredentialsCLI, credsFlagName, "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry") - _ = kubeCmd.RegisterFlagCompletionFunc(credsFlagName, completion.AutocompleteNone) + flags.StringVar(&playOptions.CredentialsCLI, credsFlagName, "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry") + _ = cmd.RegisterFlagCompletionFunc(credsFlagName, completion.AutocompleteNone) staticMACFlagName := "mac-address" - flags.StringSliceVar(&macs, staticMACFlagName, nil, "Static MAC addresses to assign to the pods") - _ = kubeCmd.RegisterFlagCompletionFunc(staticMACFlagName, completion.AutocompleteNone) + flags.StringSliceVar(&playOptions.macs, staticMACFlagName, nil, "Static MAC addresses to assign to the pods") + _ = cmd.RegisterFlagCompletionFunc(staticMACFlagName, completion.AutocompleteNone) networkFlagName := "network" - flags.StringArrayVar(&kubeOptions.Networks, networkFlagName, nil, "Connect pod to network(s) or network mode") - _ = kubeCmd.RegisterFlagCompletionFunc(networkFlagName, common.AutocompleteNetworkFlag) + flags.StringArrayVar(&playOptions.Networks, networkFlagName, nil, "Connect pod to network(s) or network mode") + _ = cmd.RegisterFlagCompletionFunc(networkFlagName, common.AutocompleteNetworkFlag) staticIPFlagName := "ip" - flags.IPSliceVar(&kubeOptions.StaticIPs, staticIPFlagName, nil, "Static IP addresses to assign to the pods") - _ = kubeCmd.RegisterFlagCompletionFunc(staticIPFlagName, completion.AutocompleteNone) + flags.IPSliceVar(&playOptions.StaticIPs, staticIPFlagName, nil, "Static IP addresses to assign to the pods") + _ = cmd.RegisterFlagCompletionFunc(staticIPFlagName, completion.AutocompleteNone) logDriverFlagName := "log-driver" - flags.StringVar(&kubeOptions.LogDriver, logDriverFlagName, common.LogDriver(), "Logging driver for the container") - _ = kubeCmd.RegisterFlagCompletionFunc(logDriverFlagName, common.AutocompleteLogDriver) + flags.StringVar(&playOptions.LogDriver, logDriverFlagName, common.LogDriver(), "Logging driver for the container") + _ = cmd.RegisterFlagCompletionFunc(logDriverFlagName, common.AutocompleteLogDriver) logOptFlagName := "log-opt" flags.StringSliceVar( - &kubeOptions.LogOptions, + &playOptions.LogOptions, logOptFlagName, []string{}, "Logging driver options", ) - _ = kubeCmd.RegisterFlagCompletionFunc(logOptFlagName, common.AutocompleteLogOpt) + _ = cmd.RegisterFlagCompletionFunc(logOptFlagName, common.AutocompleteLogOpt) usernsFlagName := "userns" - flags.StringVar(&kubeOptions.Userns, usernsFlagName, os.Getenv("PODMAN_USERNS"), + flags.StringVar(&playOptions.Userns, usernsFlagName, os.Getenv("PODMAN_USERNS"), "User namespace to use", ) - _ = kubeCmd.RegisterFlagCompletionFunc(usernsFlagName, common.AutocompleteUserNamespace) + _ = cmd.RegisterFlagCompletionFunc(usernsFlagName, common.AutocompleteUserNamespace) - flags.BoolVar(&kubeOptions.NoHosts, "no-hosts", false, "Do not create /etc/hosts within the pod's containers, instead use the version from the image") - flags.BoolVarP(&kubeOptions.Quiet, "quiet", "q", false, "Suppress output information when pulling images") - flags.BoolVar(&kubeOptions.TLSVerifyCLI, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries") - flags.BoolVar(&kubeOptions.StartCLI, "start", true, "Start the pod after creating it") + flags.BoolVar(&playOptions.NoHosts, "no-hosts", false, "Do not create /etc/hosts within the pod's containers, instead use the version from the image") + flags.BoolVarP(&playOptions.Quiet, "quiet", "q", false, "Suppress output information when pulling images") + flags.BoolVar(&playOptions.TLSVerifyCLI, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries") + flags.BoolVar(&playOptions.StartCLI, "start", true, "Start the pod after creating it") authfileFlagName := "authfile" - flags.StringVar(&kubeOptions.Authfile, authfileFlagName, auth.GetDefaultAuthFile(), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") - _ = kubeCmd.RegisterFlagCompletionFunc(authfileFlagName, completion.AutocompleteDefault) + flags.StringVar(&playOptions.Authfile, authfileFlagName, auth.GetDefaultAuthFile(), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") + _ = cmd.RegisterFlagCompletionFunc(authfileFlagName, completion.AutocompleteDefault) downFlagName := "down" - flags.BoolVar(&kubeOptions.Down, downFlagName, false, "Stop pods defined in the YAML file") + flags.BoolVar(&playOptions.Down, downFlagName, false, "Stop pods defined in the YAML file") replaceFlagName := "replace" - flags.BoolVar(&kubeOptions.Replace, replaceFlagName, false, "Delete and recreate pods defined in the YAML file") + flags.BoolVar(&playOptions.Replace, replaceFlagName, false, "Delete and recreate pods defined in the YAML file") if !registry.IsRemote() { certDirFlagName := "cert-dir" - flags.StringVar(&kubeOptions.CertDir, certDirFlagName, "", "`Pathname` of a directory containing TLS certificates and keys") - _ = kubeCmd.RegisterFlagCompletionFunc(certDirFlagName, completion.AutocompleteDefault) + flags.StringVar(&playOptions.CertDir, certDirFlagName, "", "`Pathname` of a directory containing TLS certificates and keys") + _ = cmd.RegisterFlagCompletionFunc(certDirFlagName, completion.AutocompleteDefault) seccompProfileRootFlagName := "seccomp-profile-root" - flags.StringVar(&kubeOptions.SeccompProfileRoot, seccompProfileRootFlagName, defaultSeccompRoot, "Directory path for seccomp profiles") - _ = kubeCmd.RegisterFlagCompletionFunc(seccompProfileRootFlagName, completion.AutocompleteDefault) + flags.StringVar(&playOptions.SeccompProfileRoot, seccompProfileRootFlagName, defaultSeccompRoot, "Directory path for seccomp profiles") + _ = cmd.RegisterFlagCompletionFunc(seccompProfileRootFlagName, completion.AutocompleteDefault) configmapFlagName := "configmap" - flags.StringSliceVar(&kubeOptions.ConfigMaps, configmapFlagName, []string{}, "`Pathname` of a YAML file containing a kubernetes configmap") - _ = kubeCmd.RegisterFlagCompletionFunc(configmapFlagName, completion.AutocompleteDefault) + flags.StringSliceVar(&playOptions.ConfigMaps, configmapFlagName, []string{}, "`Pathname` of a YAML file containing a kubernetes configmap") + _ = cmd.RegisterFlagCompletionFunc(configmapFlagName, completion.AutocompleteDefault) buildFlagName := "build" - flags.BoolVar(&kubeOptions.BuildCLI, buildFlagName, false, "Build all images in a YAML (given Containerfiles exist)") + flags.BoolVar(&playOptions.BuildCLI, buildFlagName, false, "Build all images in a YAML (given Containerfiles exist)") contextDirFlagName := "context-dir" - flags.StringVar(&kubeOptions.ContextDir, contextDirFlagName, "", "Path to top level of context directory") - _ = kubeCmd.RegisterFlagCompletionFunc(contextDirFlagName, completion.AutocompleteDefault) + flags.StringVar(&playOptions.ContextDir, contextDirFlagName, "", "Path to top level of context directory") + _ = cmd.RegisterFlagCompletionFunc(contextDirFlagName, completion.AutocompleteDefault) // NOTE: The service-container flag is marked as hidden as it - // is purely designed for running play-kube in systemd units. + // is purely designed for running kube-play in systemd units. // It is not something users should need to know or care about. // // Having a flag rather than an env variable is cleaner. serviceFlagName := "service-container" - flags.BoolVar(&kubeOptions.ServiceContainer, serviceFlagName, false, "Starts a service container before all pods") + flags.BoolVar(&playOptions.ServiceContainer, serviceFlagName, false, "Starts a service container before all pods") _ = flags.MarkHidden("service-container") - flags.StringVar(&kubeOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)") + flags.StringVar(&playOptions.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)") _ = flags.MarkHidden("signature-policy") } } -func kube(cmd *cobra.Command, args []string) error { +func Play(cmd *cobra.Command, args []string) error { // TLS verification in c/image is controlled via a `types.OptionalBool` // which allows for distinguishing among set-true, set-false, unspecified // which is important to implement a sane way of dealing with defaults of // boolean CLI flags. if cmd.Flags().Changed("tls-verify") { - kubeOptions.SkipTLSVerify = types.NewOptionalBool(!kubeOptions.TLSVerifyCLI) + playOptions.SkipTLSVerify = types.NewOptionalBool(!playOptions.TLSVerifyCLI) } if cmd.Flags().Changed("start") { - kubeOptions.Start = types.NewOptionalBool(kubeOptions.StartCLI) + playOptions.Start = types.NewOptionalBool(playOptions.StartCLI) } if cmd.Flags().Changed("build") { - kubeOptions.Build = types.NewOptionalBool(kubeOptions.BuildCLI) + playOptions.Build = types.NewOptionalBool(playOptions.BuildCLI) } - if kubeOptions.Authfile != "" { - if _, err := os.Stat(kubeOptions.Authfile); err != nil { + if playOptions.Authfile != "" { + if _, err := os.Stat(playOptions.Authfile); err != nil { return err } } - if kubeOptions.ContextDir != "" && kubeOptions.Build != types.OptionalBoolTrue { + if playOptions.ContextDir != "" && playOptions.Build != types.OptionalBoolTrue { return errors.New("--build must be specified when using --context-dir option") } - if kubeOptions.CredentialsCLI != "" { - creds, err := util.ParseRegistryCreds(kubeOptions.CredentialsCLI) + if playOptions.CredentialsCLI != "" { + creds, err := util.ParseRegistryCreds(playOptions.CredentialsCLI) if err != nil { return err } - kubeOptions.Username = creds.Username - kubeOptions.Password = creds.Password + playOptions.Username = creds.Username + playOptions.Password = creds.Password } - for _, annotation := range annotations { + for _, annotation := range playOptions.annotations { splitN := strings.SplitN(annotation, "=", 2) if len(splitN) > 2 { return fmt.Errorf("annotation %q must include an '=' sign", annotation) } - if kubeOptions.Annotations == nil { - kubeOptions.Annotations = make(map[string]string) + if playOptions.Annotations == nil { + playOptions.Annotations = make(map[string]string) } annotation := splitN[1] if len(annotation) > define.MaxKubeAnnotation { return fmt.Errorf("annotation exceeds maximum size, %d, of kubernetes annotation: %s", define.MaxKubeAnnotation, annotation) } - kubeOptions.Annotations[splitN[0]] = annotation + playOptions.Annotations[splitN[0]] = annotation } yamlfile := args[0] if yamlfile == "-" { yamlfile = "/dev/stdin" } - for _, mac := range macs { + for _, mac := range playOptions.macs { m, err := net.ParseMAC(mac) if err != nil { return err } - kubeOptions.StaticMACs = append(kubeOptions.StaticMACs, m) + playOptions.StaticMACs = append(playOptions.StaticMACs, m) } - if kubeOptions.Down { + if playOptions.Down { return teardown(yamlfile) } - if kubeOptions.Replace { + if playOptions.Replace { if err := teardown(yamlfile); err != nil && !errorhandling.Contains(err, define.ErrNoSuchPod) { return err } } - return playkube(yamlfile) + return kubeplay(yamlfile) +} + +func playKube(cmd *cobra.Command, args []string) error { + return Play(cmd, args) } func teardown(yamlfile string) error { @@ -265,13 +293,13 @@ func teardown(yamlfile string) error { return podRmErrors.PrintErrors() } -func playkube(yamlfile string) error { +func kubeplay(yamlfile string) error { f, err := os.Open(yamlfile) if err != nil { return err } defer f.Close() - report, err := registry.ContainerEngine().PlayKube(registry.GetContext(), f, kubeOptions.PlayKubeOptions) + report, err := registry.ContainerEngine().PlayKube(registry.GetContext(), f, playOptions.PlayKubeOptions) if err != nil { return fmt.Errorf("%s: %w", yamlfile, err) } diff --git a/cmd/podman/main.go b/cmd/podman/main.go index 929c8a757f..dc21807b4a 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -9,10 +9,10 @@ import ( _ "github.com/containers/podman/v4/cmd/podman/generate" _ "github.com/containers/podman/v4/cmd/podman/healthcheck" _ "github.com/containers/podman/v4/cmd/podman/images" + _ "github.com/containers/podman/v4/cmd/podman/kube" _ "github.com/containers/podman/v4/cmd/podman/machine" _ "github.com/containers/podman/v4/cmd/podman/manifest" _ "github.com/containers/podman/v4/cmd/podman/networks" - _ "github.com/containers/podman/v4/cmd/podman/play" _ "github.com/containers/podman/v4/cmd/podman/pods" "github.com/containers/podman/v4/cmd/podman/registry" _ "github.com/containers/podman/v4/cmd/podman/secrets" diff --git a/cmd/podman/play/play.go b/cmd/podman/play/play.go deleted file mode 100644 index e277ec9bd1..0000000000 --- a/cmd/podman/play/play.go +++ /dev/null @@ -1,23 +0,0 @@ -package pods - -import ( - "github.com/containers/podman/v4/cmd/podman/registry" - "github.com/containers/podman/v4/cmd/podman/validate" - "github.com/spf13/cobra" -) - -var ( - // Command: podman _play_ - playCmd = &cobra.Command{ - Use: "play", - Short: "Play containers, pods or volumes from a structured file", - Long: "Play structured data (e.g., Kubernetes YAML) based on containers, pods or volumes.", - RunE: validate.SubCommandExists, - } -) - -func init() { - registry.Commands = append(registry.Commands, registry.CliCommand{ - Command: playCmd, - }) -} diff --git a/docs/play_kube_support.md b/docs/kubernetes_support.md similarity index 99% rename from docs/play_kube_support.md rename to docs/kubernetes_support.md index 3cfd3fa50c..851e692cb2 100644 --- a/docs/play_kube_support.md +++ b/docs/kubernetes_support.md @@ -1,6 +1,6 @@ -# Podman Play Kube Support +# Podman Kube Play Support -This document outlines the kube yaml fields that are currently supported by the **podman play kube** command. +This document outlines the kube yaml fields that are currently supported by the **podman kube play** command. Note: **N/A** means that the option cannot be supported in a single-node Podman environment. diff --git a/docs/source/Commands.rst b/docs/source/Commands.rst index 2911efe184..6b26ed1d9f 100644 --- a/docs/source/Commands.rst +++ b/docs/source/Commands.rst @@ -47,6 +47,8 @@ Commands :doc:`kill ` Kill one or more running containers with a specific signal +:doc:`kube ` Play a pod + :doc:`load ` Load an image from container archive :doc:`login ` Login to a container registry @@ -65,8 +67,6 @@ Commands :doc:`pause ` Pause all the processes in one or more containers -:doc:`play ` Play a pod - :doc:`pod ` Manage pods :doc:`port ` List port mappings or a specific mapping for the container diff --git a/docs/source/markdown/links/podman-play-kube.1 b/docs/source/markdown/links/podman-play-kube.1 new file mode 100644 index 0000000000..ffa073b9ae --- /dev/null +++ b/docs/source/markdown/links/podman-play-kube.1 @@ -0,0 +1 @@ +.so man1/podman-kube-play.1 diff --git a/docs/source/markdown/podman-generate-kube.1.md b/docs/source/markdown/podman-generate-kube.1.md index cbb875f603..9b8aa5b80d 100644 --- a/docs/source/markdown/podman-generate-kube.1.md +++ b/docs/source/markdown/podman-generate-kube.1.md @@ -213,7 +213,7 @@ status: ``` ## SEE ALSO -**[podman(1)](podman.1.md)**, **[podman-container(1)](podman-container.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-play-kube(1)](podman-play-kube.1.md)** +**[podman(1)](podman.1.md)**, **[podman-container(1)](podman-container.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-kube-play(1)](podman-kube-play.1.md)** ## HISTORY December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com) diff --git a/docs/source/markdown/podman-generate-systemd.1.md b/docs/source/markdown/podman-generate-systemd.1.md index 56ad4e446f..3d63c83c00 100644 --- a/docs/source/markdown/podman-generate-systemd.1.md +++ b/docs/source/markdown/podman-generate-systemd.1.md @@ -55,7 +55,7 @@ Use the name of the container for the start, stop, and description in the unit f Using this flag will yield unit files that do not expect containers and pods to exist. Instead, new containers and pods are created based on their configuration files. The unit files are created best effort and may need to be further edited; please review the generated files carefully before using them in production. -Note that `--new` only works on containers and pods created directly via Podman (i.e., `podman [container] {create,run}` or `podman pod create`). It does not work on containers or pods created via the REST API or via `podman play kube`. +Note that `--new` only works on containers and pods created directly via Podman (i.e., `podman [container] {create,run}` or `podman pod create`). It does not work on containers or pods created via the REST API or via `podman kube play`. #### **--no-header** diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-kube-play.1.md similarity index 89% rename from docs/source/markdown/podman-play-kube.1.md rename to docs/source/markdown/podman-kube-play.1.md index 92cb694b0c..37d2069e01 100644 --- a/docs/source/markdown/podman-play-kube.1.md +++ b/docs/source/markdown/podman-kube-play.1.md @@ -1,15 +1,15 @@ -% podman-play-kube(1) +% podman-kube-play(1) ## NAME -podman-play-kube - Create containers, pods or volumes based on Kubernetes YAML +podman-kube-play - Create containers, pods or volumes based on Kubernetes YAML ## SYNOPSIS -**podman play kube** [*options*] *file.yml|-* +**podman kube play** [*options*] *file.yml|-* ## DESCRIPTION -**podman play kube** will read in a structured file of Kubernetes YAML. It will then recreate the containers, pods or volumes described in the YAML. Containers within a pod are then started and the ID of the new Pod or the name of the new Volume is output. If the yaml file is specified as "-" then `podman play kube` will read the YAML file from stdin. -Using the `--down` command line option, it is also capable of tearing down the pods created by a previous run of `podman play kube`. -Using the `--replace` command line option, it will tear down the pods(if any) created by a previous run of `podman play kube` and recreate the pods with the Kubernetes YAML file. +**podman kube play** will read in a structured file of Kubernetes YAML. It will then recreate the containers, pods or volumes described in the YAML. Containers within a pod are then started and the ID of the new Pod or the name of the new Volume is output. If the yaml file is specified as "-" then `podman kube play` will read the YAML file from stdin. +Using the `--down` command line option, it is also capable of tearing down the pods created by a previous run of `podman kube play`. +Using the `--replace` command line option, it will tear down the pods(if any) created by a previous run of `podman kube play` and recreate the pods with the Kubernetes YAML file. Ideally the input file would be one created by Podman (see podman-generate-kube(1)). This would guarantee a smooth import and expected results. Currently, the supported Kubernetes kinds are: @@ -20,14 +20,16 @@ Currently, the supported Kubernetes kinds are: `Kubernetes Pods or Deployments` -Only two volume types are supported by play kube, the *hostPath* and *persistentVolumeClaim* volume types. For the *hostPath* volume type, only the *default (empty)*, *DirectoryOrCreate*, *Directory*, *FileOrCreate*, *File*, *Socket*, *CharDevice* and *BlockDevice* subtypes are supported. Podman interprets the value of *hostPath* *path* as a file path when it contains at least one forward slash, otherwise Podman treats the value as the name of a named volume. When using a *persistentVolumeClaim*, the value for *claimName* is the name for the Podman named volume. +Only two volume types are supported by kube play, the *hostPath* and *persistentVolumeClaim* volume types. For the *hostPath* volume type, only the *default (empty)*, *DirectoryOrCreate*, *Directory*, *FileOrCreate*, *File*, *Socket*, *CharDevice* and *BlockDevice* subtypes are supported. Podman interprets the value of *hostPath* *path* as a file path when it contains at least one forward slash, otherwise Podman treats the value as the name of a named volume. When using a *persistentVolumeClaim*, the value for *claimName* is the name for the Podman named volume. Note: When playing a kube YAML with init containers, the init container will be created with init type value `always`. -Note: *hostPath* volume types created by play kube will be given an SELinux shared label (z), bind mounts are not relabeled (use `chcon -t container_file_t -R `). +Note: *hostPath* volume types created by kube play will be given an SELinux shared label (z), bind mounts are not relabeled (use `chcon -t container_file_t -R `). Note: If the `:latest` tag is used, Podman will attempt to pull the image from a registry. If the image was built locally with Podman or Buildah, it will have `localhost` as the domain, in that case, Podman will use the image from the local store even if it has the `:latest` tag. +Note: The command `podman play kube` is an alias of `podman kube play`, and will perform the same function. + `Kubernetes PersistentVolumeClaims` A Kubernetes PersistentVolumeClaim represents a Podman named volume. Only the PersistentVolumeClaim name is required by Podman to create a volume. Kubernetes annotations can be used to make use of the available options for Podman volumes. @@ -39,7 +41,7 @@ A Kubernetes PersistentVolumeClaim represents a Podman named volume. Only the Pe - volume.podman.io/gid - volume.podman.io/mount-options -Play kube is capable of building images on the fly given the correct directory layout and Containerfiles. This +Kube play is capable of building images on the fly given the correct directory layout and Containerfiles. This option is not available for remote clients, including Mac and Windows (excluding WSL2) machines, yet. Consider the following excerpt from a YAML file: ``` apiVersion: v1 @@ -57,7 +59,7 @@ spec: ``` If there is a directory named `foobar` in the current working directory with a file named `Containerfile` or `Dockerfile`, -Podman play kube will build that image and name it `foobar`. An example directory structure for this example would look +Podman kube play will build that image and name it `foobar`. An example directory structure for this example would look like: ``` |- mykubefiles @@ -103,19 +105,6 @@ spec: and as a result environment variable `FOO` will be set to `bar` for container `container-1`. -### Systemd Integration - -A Kubernetes YAML can be executed in systemd via the `podman-kube@.service` systemd template. The template's argument is the path to the YAML file. Given a `workload.yaml` file in the home directory, it can be executed as follows: - -``` -$ escaped=$(systemd-escape ~/sysadmin.yaml) -$ systemctl --user start podman-kube@$escaped.service -$ systemctl --user is-active podman-kube@$escaped.service -active -``` - -Note that the path to the YAML file must be escaped via `systemd-escape`. - ## OPTIONS #### **--annotation**=*key=value* @@ -158,7 +147,7 @@ value can be entered. The password is entered without echo. #### **--down** -Tears down the pods that were created by a previous run of `play kube`. The pods are stopped and then +Tears down the pods that were created by a previous run of `kube play`. The pods are stopped and then removed. Any volumes created are left intact. #### **--help**, **-h** @@ -167,7 +156,7 @@ Print usage statement #### **--ip**=*IP address* -Assign a static ip address to the pod. This option can be specified several times when play kube creates more than one pod. +Assign a static ip address to the pod. This option can be specified several times when kube play creates more than one pod. Note: When joining multiple networks you should use the **--network name:ip=\** syntax. #### **--log-driver**=driver @@ -193,7 +182,7 @@ This option is currently supported only by the **journald** log driver. #### **--mac-address**=*MAC address* -Assign a static mac address to the pod. This option can be specified several times when play kube creates more than one pod. +Assign a static mac address to the pod. This option can be specified several times when kube play creates more than one pod. Note: When joining multiple networks you should use the **--network name:mac=\** syntax. #### **--network**=*mode*, **--net** @@ -240,7 +229,7 @@ Suppress output information when pulling images #### **--replace** -Tears down the pods created by a previous run of `play kube` and recreates the pods. This option is used to keep the existing pods up to date based upon the Kubernetes YAML. +Tears down the pods created by a previous run of `kube play` and recreates the pods. This option is used to keep the existing pods up to date based upon the Kubernetes YAML. #### **--seccomp-profile-root**=*path* @@ -299,19 +288,19 @@ Podman allocates unique ranges of UIDs and GIDs from the `containers` subordinat Recreate the pod and containers as described in a file called `demo.yml` ``` -$ podman play kube demo.yml +$ podman kube play demo.yml 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 ``` Recreate the pod and containers as described in a file `demo.yml` sent to stdin ``` -$ cat demo.yml | podman play kube - +$ cat demo.yml | podman kube play - 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 ``` Teardown the pod and containers as described in a file `demo.yml` ``` -$ podman play kube --down demo.yml +$ podman kube play --down demo.yml Pods stopped: 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 Pods removed: @@ -320,23 +309,23 @@ Pods removed: Provide `configmap-foo.yml` and `configmap-bar.yml` as sources for environment variables within the containers. ``` -$ podman play kube demo.yml --configmap configmap-foo.yml,configmap-bar.yml +$ podman kube play demo.yml --configmap configmap-foo.yml,configmap-bar.yml 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 -$ podman play kube demo.yml --configmap configmap-foo.yml --configmap configmap-bar.yml +$ podman kube play demo.yml --configmap configmap-foo.yml --configmap configmap-bar.yml 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 ``` Create a pod connected to two networks (called net1 and net2) with a static ip ``` -$ podman play kube demo.yml --network net1:ip=10.89.1.5 --network net2:ip=10.89.10.10 +$ podman kube play demo.yml --network net1:ip=10.89.1.5 --network net2:ip=10.89.10.10 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 ``` Please take into account that CNI networks must be created first using podman-network-create(1). ## SEE ALSO -**[podman(1)](podman.1.md)**, **[podman-play(1)](podman-play.1.md)**, **[podman-network-create(1)](podman-network-create.1.md)**, **[podman-generate-kube(1)](podman-generate-kube.1.md)**, **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)** +**[podman(1)](podman.1.md)**, **[podman-kube(1)](podman-kube.1.md)**, **[podman-network-create(1)](podman-network-create.1.md)**, **[podman-generate-kube(1)](podman-generate-kube.1.md)**, **[containers-certs.d(5)](https://github.com/containers/image/blob/main/docs/containers-certs.d.5.md)** ## HISTORY December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com) diff --git a/docs/source/markdown/podman-play.1.md b/docs/source/markdown/podman-kube.1.md similarity index 68% rename from docs/source/markdown/podman-play.1.md rename to docs/source/markdown/podman-kube.1.md index e5f0d315ee..f815ffae29 100644 --- a/docs/source/markdown/podman-play.1.md +++ b/docs/source/markdown/podman-kube.1.md @@ -1,20 +1,20 @@ -% podman-play(1) +% podman-kube(1) ## NAME -podman\-play - Play containers, pods or volumes based on a structured input file +podman\-kube - Play containers, pods or volumes based on a structured input file ## SYNOPSIS -**podman play** *subcommand* +**podman kube** *subcommand* ## DESCRIPTION -The play command will recreate containers, pods or volumes based on the input from a structured (like YAML) +The kube command will recreate containers, pods or volumes based on the input from a structured (like YAML) file input. Containers will be automatically started. ## COMMANDS | Command | Man Page | Description | | ------- | --------------------------------------------------- | ---------------------------------------------------------------------------- | -| kube | [podman-play-kube(1)](podman-play-kube.1.md) | Create containers, pods or volumes based on Kubernetes YAML. | +| play | [podman-kube-play(1)](podman-kube-play.1.md) | Create containers, pods or volumes based on Kubernetes YAML. | ## SEE ALSO -**[podman(1)](podman.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-container(1)](podman-container.1.md)**, **[podman-generate(1)](podman-generate.1.md)**, **[podman-play-kube(1)](podman-play-kube.1.md)** +**[podman(1)](podman.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-container(1)](podman-container.1.md)**, **[podman-generate(1)](podman-generate.1.md)**, **[podman-kube-play(1)](podman-kube-play.1.md)** diff --git a/docs/source/markdown/podman-pod-create.1.md b/docs/source/markdown/podman-pod-create.1.md index 53d1e33278..f7bdb623ac 100644 --- a/docs/source/markdown/podman-pod-create.1.md +++ b/docs/source/markdown/podman-pod-create.1.md @@ -92,7 +92,7 @@ Set the exit policy of the pod when the last container exits. Supported policie | Exit Policy | Description | | ------------------ | --------------------------------------------------------------------------- | | *continue* | The pod continues running when the last container exits. Used by default. | -| *stop* | The pod is stopped when the last container exits. Used in `play kube`. | +| *stop* | The pod is stopped when the last container exits. Used in `kube play`. | #### **--gidmap**=*container_gid:host_gid:amount* @@ -603,7 +603,7 @@ $ podman pod create --network net1:ip=10.89.1.5 --network net2:ip=10.89.10.10 ``` ## SEE ALSO -**[podman(1)](podman.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-play-kube(1)](podman-play-kube.1.md)**, **containers.conf(1)** +**[podman(1)](podman.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-kube-play(1)](podman-kube-play.1.md)**, **containers.conf(1)** ## HISTORY diff --git a/docs/source/markdown/podman.1.md b/docs/source/markdown/podman.1.md index 3d1578ea1b..4c019ae978 100644 --- a/docs/source/markdown/podman.1.md +++ b/docs/source/markdown/podman.1.md @@ -325,7 +325,7 @@ the exit codes follow the `chroot` standard, see below: | [podman-mount(1)](podman-mount.1.md) | Mount a working container's root filesystem. | | [podman-network(1)](podman-network.1.md) | Manage Podman networks. | | [podman-pause(1)](podman-pause.1.md) | Pause one or more containers. | -| [podman-play(1)](podman-play.1.md) | Play containers, pods or volumes based on a structured input file. | +| [podman-kube(1)](podman-kube.1.md) | Play containers, pods or volumes based on a structured input file. | | [podman-pod(1)](podman-pod.1.md) | Management tool for groups of containers, called pods. | | [podman-port(1)](podman-port.1.md) | List port mappings for a container. | | [podman-ps(1)](podman-ps.1.md) | Prints out information about containers. | diff --git a/hack/swagger-check b/hack/swagger-check index b4481f5bbc..1e5b95c3af 100755 --- a/hack/swagger-check +++ b/hack/swagger-check @@ -320,8 +320,8 @@ sub operation_name { if ($action eq 'df') { $action = 'dataUsage'; } - elsif ($action eq "delete" && $endpoint eq "/libpod/play/kube") { - $action = "KubeDown" + elsif ($action eq "delete" && $endpoint eq "/libpod/kube/play") { + $action = "PlayDown" } # Grrrrrr, this one is annoying: some operations get an extra 'All' elsif ($action =~ /^(delete|get|stats)$/ && $endpoint !~ /\{/) { diff --git a/pkg/api/handlers/libpod/kube.go b/pkg/api/handlers/libpod/kube.go new file mode 100644 index 0000000000..6cad58795e --- /dev/null +++ b/pkg/api/handlers/libpod/kube.go @@ -0,0 +1,123 @@ +package libpod + +import ( + "fmt" + "net" + "net/http" + + "github.com/containers/image/v5/types" + "github.com/containers/podman/v4/libpod" + "github.com/containers/podman/v4/pkg/api/handlers/utils" + api "github.com/containers/podman/v4/pkg/api/types" + "github.com/containers/podman/v4/pkg/auth" + "github.com/containers/podman/v4/pkg/domain/entities" + "github.com/containers/podman/v4/pkg/domain/infra/abi" + "github.com/gorilla/schema" +) + +func KubePlay(w http.ResponseWriter, r *http.Request) { + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) + query := struct { + Annotations map[string]string `schema:"annotations"` + Network []string `schema:"network"` + TLSVerify bool `schema:"tlsVerify"` + LogDriver string `schema:"logDriver"` + LogOptions []string `schema:"logOptions"` + Start bool `schema:"start"` + StaticIPs []string `schema:"staticIPs"` + StaticMACs []string `schema:"staticMACs"` + NoHosts bool `schema:"noHosts"` + }{ + TLSVerify: true, + Start: true, + } + + if err := decoder.Decode(&query, r.URL.Query()); err != nil { + utils.Error(w, http.StatusBadRequest, fmt.Errorf("failed to parse parameters for %s: %w", r.URL.String(), err)) + return + } + + staticIPs := make([]net.IP, 0, len(query.StaticIPs)) + for _, ipString := range query.StaticIPs { + ip := net.ParseIP(ipString) + if ip == nil { + utils.Error(w, http.StatusBadRequest, fmt.Errorf("invalid IP address %s", ipString)) + return + } + staticIPs = append(staticIPs, ip) + } + + staticMACs := make([]net.HardwareAddr, 0, len(query.StaticMACs)) + for _, macString := range query.StaticMACs { + mac, err := net.ParseMAC(macString) + if err != nil { + utils.Error(w, http.StatusBadRequest, err) + return + } + staticMACs = append(staticMACs, mac) + } + + authConf, authfile, err := auth.GetCredentials(r) + if err != nil { + utils.Error(w, http.StatusBadRequest, err) + return + } + defer auth.RemoveAuthfile(authfile) + var username, password string + if authConf != nil { + username = authConf.Username + password = authConf.Password + } + + logDriver := query.LogDriver + if logDriver == "" { + config, err := runtime.GetConfig() + if err != nil { + utils.Error(w, http.StatusInternalServerError, err) + return + } + logDriver = config.Containers.LogDriver + } + + containerEngine := abi.ContainerEngine{Libpod: runtime} + options := entities.PlayKubeOptions{ + Annotations: query.Annotations, + Authfile: authfile, + Username: username, + Password: password, + Networks: query.Network, + NoHosts: query.NoHosts, + Quiet: true, + LogDriver: logDriver, + LogOptions: query.LogOptions, + StaticIPs: staticIPs, + StaticMACs: staticMACs, + } + if _, found := r.URL.Query()["tlsVerify"]; found { + options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) + } + if _, found := r.URL.Query()["start"]; found { + options.Start = types.NewOptionalBool(query.Start) + } + report, err := containerEngine.PlayKube(r.Context(), r.Body, options) + _ = r.Body.Close() + if err != nil { + utils.Error(w, http.StatusInternalServerError, fmt.Errorf("error playing YAML file: %w", err)) + return + } + utils.WriteResponse(w, http.StatusOK, report) +} + +func KubePlayDown(w http.ResponseWriter, r *http.Request) { + runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) + containerEngine := abi.ContainerEngine{Libpod: runtime} + options := new(entities.PlayKubeDownOptions) + report, err := containerEngine.PlayKubeDown(r.Context(), r.Body, *options) + _ = r.Body.Close() + if err != nil { + utils.Error(w, http.StatusInternalServerError, fmt.Errorf("error tearing down YAML file: %w", err)) + return + } + utils.WriteResponse(w, http.StatusOK, report) +} diff --git a/pkg/api/handlers/libpod/play.go b/pkg/api/handlers/libpod/play.go index f8ce52a729..74830badbf 100644 --- a/pkg/api/handlers/libpod/play.go +++ b/pkg/api/handlers/libpod/play.go @@ -1,123 +1,13 @@ package libpod import ( - "fmt" - "net" "net/http" - - "github.com/containers/image/v5/types" - "github.com/containers/podman/v4/libpod" - "github.com/containers/podman/v4/pkg/api/handlers/utils" - api "github.com/containers/podman/v4/pkg/api/types" - "github.com/containers/podman/v4/pkg/auth" - "github.com/containers/podman/v4/pkg/domain/entities" - "github.com/containers/podman/v4/pkg/domain/infra/abi" - "github.com/gorilla/schema" ) func PlayKube(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) - decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) - query := struct { - Annotations map[string]string `schema:"annotations"` - Network []string `schema:"network"` - TLSVerify bool `schema:"tlsVerify"` - LogDriver string `schema:"logDriver"` - LogOptions []string `schema:"logOptions"` - Start bool `schema:"start"` - StaticIPs []string `schema:"staticIPs"` - StaticMACs []string `schema:"staticMACs"` - NoHosts bool `schema:"noHosts"` - }{ - TLSVerify: true, - Start: true, - } - - if err := decoder.Decode(&query, r.URL.Query()); err != nil { - utils.Error(w, http.StatusBadRequest, fmt.Errorf("failed to parse parameters for %s: %w", r.URL.String(), err)) - return - } - - staticIPs := make([]net.IP, 0, len(query.StaticIPs)) - for _, ipString := range query.StaticIPs { - ip := net.ParseIP(ipString) - if ip == nil { - utils.Error(w, http.StatusBadRequest, fmt.Errorf("invalid IP address %s", ipString)) - return - } - staticIPs = append(staticIPs, ip) - } - - staticMACs := make([]net.HardwareAddr, 0, len(query.StaticMACs)) - for _, macString := range query.StaticMACs { - mac, err := net.ParseMAC(macString) - if err != nil { - utils.Error(w, http.StatusBadRequest, err) - return - } - staticMACs = append(staticMACs, mac) - } - - authConf, authfile, err := auth.GetCredentials(r) - if err != nil { - utils.Error(w, http.StatusBadRequest, err) - return - } - defer auth.RemoveAuthfile(authfile) - var username, password string - if authConf != nil { - username = authConf.Username - password = authConf.Password - } - - logDriver := query.LogDriver - if logDriver == "" { - config, err := runtime.GetConfig() - if err != nil { - utils.Error(w, http.StatusInternalServerError, err) - return - } - logDriver = config.Containers.LogDriver - } - - containerEngine := abi.ContainerEngine{Libpod: runtime} - options := entities.PlayKubeOptions{ - Annotations: query.Annotations, - Authfile: authfile, - Username: username, - Password: password, - Networks: query.Network, - NoHosts: query.NoHosts, - Quiet: true, - LogDriver: logDriver, - LogOptions: query.LogOptions, - StaticIPs: staticIPs, - StaticMACs: staticMACs, - } - if _, found := r.URL.Query()["tlsVerify"]; found { - options.SkipTLSVerify = types.NewOptionalBool(!query.TLSVerify) - } - if _, found := r.URL.Query()["start"]; found { - options.Start = types.NewOptionalBool(query.Start) - } - report, err := containerEngine.PlayKube(r.Context(), r.Body, options) - _ = r.Body.Close() - if err != nil { - utils.Error(w, http.StatusInternalServerError, fmt.Errorf("error playing YAML file: %w", err)) - return - } - utils.WriteResponse(w, http.StatusOK, report) + KubePlay(w, r) } func PlayKubeDown(w http.ResponseWriter, r *http.Request) { - runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) - containerEngine := abi.ContainerEngine{Libpod: runtime} - options := new(entities.PlayKubeDownOptions) - report, err := containerEngine.PlayKubeDown(r.Context(), r.Body, *options) - _ = r.Body.Close() - if err != nil { - utils.Error(w, http.StatusInternalServerError, fmt.Errorf("error tearing down YAML file: %w", err)) - return - } - utils.WriteResponse(w, http.StatusOK, report) + KubePlayDown(w, r) } diff --git a/pkg/api/handlers/swagger/responses.go b/pkg/api/handlers/swagger/responses.go index 93a508b393..5731f8eddf 100644 --- a/pkg/api/handlers/swagger/responses.go +++ b/pkg/api/handlers/swagger/responses.go @@ -71,7 +71,7 @@ type imagesRemoveResponseLibpod struct { // PlayKube response // swagger:response -type playKubeResponseLibpod struct { +type kubePlayResponseLibpod struct { // in:body Body entities.PlayKubeReport } diff --git a/pkg/api/server/register_play.go b/pkg/api/server/register_kube.go similarity index 77% rename from pkg/api/server/register_play.go rename to pkg/api/server/register_kube.go index 35da80cccd..6ae9e81239 100644 --- a/pkg/api/server/register_play.go +++ b/pkg/api/server/register_kube.go @@ -7,8 +7,8 @@ import ( "github.com/gorilla/mux" ) -func (s *APIServer) registerPlayHandlers(r *mux.Router) error { - // swagger:operation POST /libpod/play/kube libpod PlayKubeLibpod +func (s *APIServer) registerKubeHandlers(r *mux.Router) error { + // swagger:operation POST /libpod/kube/play libpod KubePlayLibpod // --- // tags: // - containers @@ -57,24 +57,26 @@ func (s *APIServer) registerPlayHandlers(r *mux.Router) error { // - application/json // responses: // 200: - // $ref: "#/responses/playKubeResponseLibpod" + // $ref: "#/responses/kubePlayResponseLibpod" // 500: // $ref: "#/responses/internalError" + r.HandleFunc(VersionedPath("/libpod/kube/play"), s.APIHandler(libpod.KubePlay)).Methods(http.MethodPost) r.HandleFunc(VersionedPath("/libpod/play/kube"), s.APIHandler(libpod.PlayKube)).Methods(http.MethodPost) - // swagger:operation DELETE /libpod/play/kube libpod PlayKubeDownLibpod + // swagger:operation DELETE /libpod/kube/play libpod KubePlayDownLibpod // --- // tags: // - containers // - pods - // summary: Remove pods from play kube + // summary: Remove pods from kube play // description: Tears down pods defined in a YAML file // produces: // - application/json // responses: // 200: - // $ref: "#/responses/playKubeResponseLibpod" + // $ref: "#/responses/kubePlayResponseLibpod" // 500: // $ref: "#/responses/internalError" + r.HandleFunc(VersionedPath("/libpod/kube/play"), s.APIHandler(libpod.KubePlayDown)).Methods(http.MethodDelete) r.HandleFunc(VersionedPath("/libpod/play/kube"), s.APIHandler(libpod.PlayKubeDown)).Methods(http.MethodDelete) return nil } diff --git a/pkg/api/server/server.go b/pkg/api/server/server.go index 5482a8ec24..a6d8b5e4c1 100644 --- a/pkg/api/server/server.go +++ b/pkg/api/server/server.go @@ -126,11 +126,11 @@ func newServer(runtime *libpod.Runtime, listener net.Listener, opts entities.Ser server.registerHealthCheckHandlers, server.registerImagesHandlers, server.registerInfoHandlers, + server.registerKubeHandlers, server.registerManifestHandlers, server.registerMonitorHandlers, server.registerNetworkHandlers, server.registerPingHandlers, - server.registerPlayHandlers, server.registerPluginsHandlers, server.registerPodsHandlers, server.registerSecretHandlers, diff --git a/pkg/bindings/kube/kube.go b/pkg/bindings/kube/kube.go new file mode 100644 index 0000000000..b9cc0efa7f --- /dev/null +++ b/pkg/bindings/kube/kube.go @@ -0,0 +1,96 @@ +package kube + +import ( + "context" + "io" + "net/http" + "os" + "strconv" + + "github.com/containers/image/v5/types" + "github.com/containers/podman/v4/pkg/auth" + "github.com/containers/podman/v4/pkg/bindings" + "github.com/containers/podman/v4/pkg/domain/entities" + "github.com/sirupsen/logrus" +) + +func Play(ctx context.Context, path string, options *PlayOptions) (*entities.KubePlayReport, error) { + f, err := os.Open(path) + if err != nil { + return nil, err + } + defer f.Close() + + return PlayWithBody(ctx, f, options) +} + +func PlayWithBody(ctx context.Context, body io.Reader, options *PlayOptions) (*entities.KubePlayReport, error) { + var report entities.KubePlayReport + if options == nil { + options = new(PlayOptions) + } + + conn, err := bindings.GetClient(ctx) + if err != nil { + return nil, err + } + + params, err := options.ToParams() + if err != nil { + return nil, err + } + if options.SkipTLSVerify != nil { + params.Set("tlsVerify", strconv.FormatBool(options.GetSkipTLSVerify())) + } + if options.Start != nil { + params.Set("start", strconv.FormatBool(options.GetStart())) + } + + header, err := auth.MakeXRegistryAuthHeader(&types.SystemContext{AuthFilePath: options.GetAuthfile()}, options.GetUsername(), options.GetPassword()) + if err != nil { + return nil, err + } + + response, err := conn.DoRequest(ctx, body, http.MethodPost, "/kube/play", params, header) + if err != nil { + return nil, err + } + defer response.Body.Close() + + if err := response.Process(&report); err != nil { + return nil, err + } + + return &report, nil +} + +func Down(ctx context.Context, path string) (*entities.KubePlayReport, error) { + f, err := os.Open(path) + if err != nil { + return nil, err + } + defer func() { + if err := f.Close(); err != nil { + logrus.Warn(err) + } + }() + + return DownWithBody(ctx, f) +} + +func DownWithBody(ctx context.Context, body io.Reader) (*entities.KubePlayReport, error) { + var report entities.KubePlayReport + conn, err := bindings.GetClient(ctx) + if err != nil { + return nil, err + } + + response, err := conn.DoRequest(ctx, body, http.MethodDelete, "/kube/play", nil, nil) + if err != nil { + return nil, err + } + if err := response.Process(&report); err != nil { + return nil, err + } + return &report, nil +} diff --git a/pkg/bindings/play/types.go b/pkg/bindings/kube/types.go similarity index 89% rename from pkg/bindings/play/types.go rename to pkg/bindings/kube/types.go index 5aaa87b8ce..783d1912a8 100644 --- a/pkg/bindings/play/types.go +++ b/pkg/bindings/kube/types.go @@ -1,12 +1,12 @@ -package play +package kube import ( "net" ) -//go:generate go run ../generator/generator.go KubeOptions -// KubeOptions are optional options for replaying kube YAML files -type KubeOptions struct { +//go:generate go run ../generator/generator.go PlayOptions +// PlayOptions are optional options for replaying kube YAML files +type PlayOptions struct { // Annotations - Annotations to add to Pods Annotations map[string]string // Authfile - path to an authentication file. diff --git a/pkg/bindings/play/types_kube_options.go b/pkg/bindings/kube/types_play_options.go similarity index 66% rename from pkg/bindings/play/types_kube_options.go rename to pkg/bindings/kube/types_play_options.go index 54c9a8e741..cdc2e9dd85 100644 --- a/pkg/bindings/play/types_kube_options.go +++ b/pkg/bindings/kube/types_play_options.go @@ -1,5 +1,5 @@ // Code generated by go generate; DO NOT EDIT. -package play +package kube import ( "net" @@ -9,23 +9,23 @@ import ( ) // Changed returns true if named field has been set -func (o *KubeOptions) Changed(fieldName string) bool { +func (o *PlayOptions) Changed(fieldName string) bool { return util.Changed(o, fieldName) } // ToParams formats struct fields to be passed to API service -func (o *KubeOptions) ToParams() (url.Values, error) { +func (o *PlayOptions) ToParams() (url.Values, error) { return util.ToParams(o) } // WithAnnotations set field Annotations to given value -func (o *KubeOptions) WithAnnotations(value map[string]string) *KubeOptions { +func (o *PlayOptions) WithAnnotations(value map[string]string) *PlayOptions { o.Annotations = value return o } // GetAnnotations returns value of field Annotations -func (o *KubeOptions) GetAnnotations() map[string]string { +func (o *PlayOptions) GetAnnotations() map[string]string { if o.Annotations == nil { var z map[string]string return z @@ -34,13 +34,13 @@ func (o *KubeOptions) GetAnnotations() map[string]string { } // WithAuthfile set field Authfile to given value -func (o *KubeOptions) WithAuthfile(value string) *KubeOptions { +func (o *PlayOptions) WithAuthfile(value string) *PlayOptions { o.Authfile = &value return o } // GetAuthfile returns value of field Authfile -func (o *KubeOptions) GetAuthfile() string { +func (o *PlayOptions) GetAuthfile() string { if o.Authfile == nil { var z string return z @@ -49,13 +49,13 @@ func (o *KubeOptions) GetAuthfile() string { } // WithCertDir set field CertDir to given value -func (o *KubeOptions) WithCertDir(value string) *KubeOptions { +func (o *PlayOptions) WithCertDir(value string) *PlayOptions { o.CertDir = &value return o } // GetCertDir returns value of field CertDir -func (o *KubeOptions) GetCertDir() string { +func (o *PlayOptions) GetCertDir() string { if o.CertDir == nil { var z string return z @@ -64,13 +64,13 @@ func (o *KubeOptions) GetCertDir() string { } // WithUsername set field Username to given value -func (o *KubeOptions) WithUsername(value string) *KubeOptions { +func (o *PlayOptions) WithUsername(value string) *PlayOptions { o.Username = &value return o } // GetUsername returns value of field Username -func (o *KubeOptions) GetUsername() string { +func (o *PlayOptions) GetUsername() string { if o.Username == nil { var z string return z @@ -79,13 +79,13 @@ func (o *KubeOptions) GetUsername() string { } // WithPassword set field Password to given value -func (o *KubeOptions) WithPassword(value string) *KubeOptions { +func (o *PlayOptions) WithPassword(value string) *PlayOptions { o.Password = &value return o } // GetPassword returns value of field Password -func (o *KubeOptions) GetPassword() string { +func (o *PlayOptions) GetPassword() string { if o.Password == nil { var z string return z @@ -94,13 +94,13 @@ func (o *KubeOptions) GetPassword() string { } // WithNetwork set field Network to given value -func (o *KubeOptions) WithNetwork(value []string) *KubeOptions { +func (o *PlayOptions) WithNetwork(value []string) *PlayOptions { o.Network = &value return o } // GetNetwork returns value of field Network -func (o *KubeOptions) GetNetwork() []string { +func (o *PlayOptions) GetNetwork() []string { if o.Network == nil { var z []string return z @@ -109,13 +109,13 @@ func (o *KubeOptions) GetNetwork() []string { } // WithNoHosts set field NoHosts to given value -func (o *KubeOptions) WithNoHosts(value bool) *KubeOptions { +func (o *PlayOptions) WithNoHosts(value bool) *PlayOptions { o.NoHosts = &value return o } // GetNoHosts returns value of field NoHosts -func (o *KubeOptions) GetNoHosts() bool { +func (o *PlayOptions) GetNoHosts() bool { if o.NoHosts == nil { var z bool return z @@ -124,13 +124,13 @@ func (o *KubeOptions) GetNoHosts() bool { } // WithQuiet set field Quiet to given value -func (o *KubeOptions) WithQuiet(value bool) *KubeOptions { +func (o *PlayOptions) WithQuiet(value bool) *PlayOptions { o.Quiet = &value return o } // GetQuiet returns value of field Quiet -func (o *KubeOptions) GetQuiet() bool { +func (o *PlayOptions) GetQuiet() bool { if o.Quiet == nil { var z bool return z @@ -139,13 +139,13 @@ func (o *KubeOptions) GetQuiet() bool { } // WithSignaturePolicy set field SignaturePolicy to given value -func (o *KubeOptions) WithSignaturePolicy(value string) *KubeOptions { +func (o *PlayOptions) WithSignaturePolicy(value string) *PlayOptions { o.SignaturePolicy = &value return o } // GetSignaturePolicy returns value of field SignaturePolicy -func (o *KubeOptions) GetSignaturePolicy() string { +func (o *PlayOptions) GetSignaturePolicy() string { if o.SignaturePolicy == nil { var z string return z @@ -154,13 +154,13 @@ func (o *KubeOptions) GetSignaturePolicy() string { } // WithSkipTLSVerify set field SkipTLSVerify to given value -func (o *KubeOptions) WithSkipTLSVerify(value bool) *KubeOptions { +func (o *PlayOptions) WithSkipTLSVerify(value bool) *PlayOptions { o.SkipTLSVerify = &value return o } // GetSkipTLSVerify returns value of field SkipTLSVerify -func (o *KubeOptions) GetSkipTLSVerify() bool { +func (o *PlayOptions) GetSkipTLSVerify() bool { if o.SkipTLSVerify == nil { var z bool return z @@ -169,13 +169,13 @@ func (o *KubeOptions) GetSkipTLSVerify() bool { } // WithSeccompProfileRoot set field SeccompProfileRoot to given value -func (o *KubeOptions) WithSeccompProfileRoot(value string) *KubeOptions { +func (o *PlayOptions) WithSeccompProfileRoot(value string) *PlayOptions { o.SeccompProfileRoot = &value return o } // GetSeccompProfileRoot returns value of field SeccompProfileRoot -func (o *KubeOptions) GetSeccompProfileRoot() string { +func (o *PlayOptions) GetSeccompProfileRoot() string { if o.SeccompProfileRoot == nil { var z string return z @@ -184,13 +184,13 @@ func (o *KubeOptions) GetSeccompProfileRoot() string { } // WithStaticIPs set field StaticIPs to given value -func (o *KubeOptions) WithStaticIPs(value []net.IP) *KubeOptions { +func (o *PlayOptions) WithStaticIPs(value []net.IP) *PlayOptions { o.StaticIPs = &value return o } // GetStaticIPs returns value of field StaticIPs -func (o *KubeOptions) GetStaticIPs() []net.IP { +func (o *PlayOptions) GetStaticIPs() []net.IP { if o.StaticIPs == nil { var z []net.IP return z @@ -199,13 +199,13 @@ func (o *KubeOptions) GetStaticIPs() []net.IP { } // WithStaticMACs set field StaticMACs to given value -func (o *KubeOptions) WithStaticMACs(value []net.HardwareAddr) *KubeOptions { +func (o *PlayOptions) WithStaticMACs(value []net.HardwareAddr) *PlayOptions { o.StaticMACs = &value return o } // GetStaticMACs returns value of field StaticMACs -func (o *KubeOptions) GetStaticMACs() []net.HardwareAddr { +func (o *PlayOptions) GetStaticMACs() []net.HardwareAddr { if o.StaticMACs == nil { var z []net.HardwareAddr return z @@ -214,13 +214,13 @@ func (o *KubeOptions) GetStaticMACs() []net.HardwareAddr { } // WithConfigMaps set field ConfigMaps to given value -func (o *KubeOptions) WithConfigMaps(value []string) *KubeOptions { +func (o *PlayOptions) WithConfigMaps(value []string) *PlayOptions { o.ConfigMaps = &value return o } // GetConfigMaps returns value of field ConfigMaps -func (o *KubeOptions) GetConfigMaps() []string { +func (o *PlayOptions) GetConfigMaps() []string { if o.ConfigMaps == nil { var z []string return z @@ -229,13 +229,13 @@ func (o *KubeOptions) GetConfigMaps() []string { } // WithLogDriver set field LogDriver to given value -func (o *KubeOptions) WithLogDriver(value string) *KubeOptions { +func (o *PlayOptions) WithLogDriver(value string) *PlayOptions { o.LogDriver = &value return o } // GetLogDriver returns value of field LogDriver -func (o *KubeOptions) GetLogDriver() string { +func (o *PlayOptions) GetLogDriver() string { if o.LogDriver == nil { var z string return z @@ -244,13 +244,13 @@ func (o *KubeOptions) GetLogDriver() string { } // WithLogOptions set field LogOptions to given value -func (o *KubeOptions) WithLogOptions(value []string) *KubeOptions { +func (o *PlayOptions) WithLogOptions(value []string) *PlayOptions { o.LogOptions = &value return o } // GetLogOptions returns value of field LogOptions -func (o *KubeOptions) GetLogOptions() []string { +func (o *PlayOptions) GetLogOptions() []string { if o.LogOptions == nil { var z []string return z @@ -259,13 +259,13 @@ func (o *KubeOptions) GetLogOptions() []string { } // WithStart set field Start to given value -func (o *KubeOptions) WithStart(value bool) *KubeOptions { +func (o *PlayOptions) WithStart(value bool) *PlayOptions { o.Start = &value return o } // GetStart returns value of field Start -func (o *KubeOptions) GetStart() bool { +func (o *PlayOptions) GetStart() bool { if o.Start == nil { var z bool return z @@ -274,13 +274,13 @@ func (o *KubeOptions) GetStart() bool { } // WithUserns set field Userns to given value -func (o *KubeOptions) WithUserns(value string) *KubeOptions { +func (o *PlayOptions) WithUserns(value string) *PlayOptions { o.Userns = &value return o } // GetUserns returns value of field Userns -func (o *KubeOptions) GetUserns() string { +func (o *PlayOptions) GetUserns() string { if o.Userns == nil { var z string return z diff --git a/pkg/bindings/play/play.go b/pkg/bindings/play/play.go index 0261b02500..d5d6491353 100644 --- a/pkg/bindings/play/play.go +++ b/pkg/bindings/play/play.go @@ -3,95 +3,25 @@ package play import ( "context" "io" - "net/http" - "os" - "strconv" - "github.com/containers/image/v5/types" - "github.com/containers/podman/v4/pkg/auth" - "github.com/containers/podman/v4/pkg/bindings" + "github.com/containers/podman/v4/pkg/bindings/kube" "github.com/containers/podman/v4/pkg/domain/entities" - "github.com/sirupsen/logrus" ) -func Kube(ctx context.Context, path string, options *KubeOptions) (*entities.PlayKubeReport, error) { - f, err := os.Open(path) - if err != nil { - return nil, err - } - defer f.Close() +type KubeOptions = kube.PlayOptions - return KubeWithBody(ctx, f, options) +func Kube(ctx context.Context, path string, options *KubeOptions) (*entities.PlayKubeReport, error) { + return kube.Play(ctx, path, options) } func KubeWithBody(ctx context.Context, body io.Reader, options *KubeOptions) (*entities.PlayKubeReport, error) { - var report entities.PlayKubeReport - if options == nil { - options = new(KubeOptions) - } - - conn, err := bindings.GetClient(ctx) - if err != nil { - return nil, err - } - - params, err := options.ToParams() - if err != nil { - return nil, err - } - if options.SkipTLSVerify != nil { - params.Set("tlsVerify", strconv.FormatBool(options.GetSkipTLSVerify())) - } - if options.Start != nil { - params.Set("start", strconv.FormatBool(options.GetStart())) - } - - header, err := auth.MakeXRegistryAuthHeader(&types.SystemContext{AuthFilePath: options.GetAuthfile()}, options.GetUsername(), options.GetPassword()) - if err != nil { - return nil, err - } - - response, err := conn.DoRequest(ctx, body, http.MethodPost, "/play/kube", params, header) - if err != nil { - return nil, err - } - defer response.Body.Close() - - if err := response.Process(&report); err != nil { - return nil, err - } - - return &report, nil + return kube.PlayWithBody(ctx, body, options) } -func KubeDown(ctx context.Context, path string) (*entities.PlayKubeReport, error) { - f, err := os.Open(path) - if err != nil { - return nil, err - } - defer func() { - if err := f.Close(); err != nil { - logrus.Warn(err) - } - }() - - return KubeDownWithBody(ctx, f) +func Down(ctx context.Context, path string) (*entities.PlayKubeReport, error) { + return kube.Down(ctx, path) } -func KubeDownWithBody(ctx context.Context, body io.Reader) (*entities.PlayKubeReport, error) { - var report entities.PlayKubeReport - conn, err := bindings.GetClient(ctx) - if err != nil { - return nil, err - } - - response, err := conn.DoRequest(ctx, body, http.MethodDelete, "/play/kube", nil, nil) - if err != nil { - return nil, err - } - if err := response.Process(&report); err != nil { - return nil, err - } - - return &report, nil +func DownWithBody(ctx context.Context, body io.Reader) (*entities.PlayKubeReport, error) { + return kube.DownWithBody(ctx, body) } diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go index f1ba21650d..35a5d8a4a0 100644 --- a/pkg/domain/entities/play.go +++ b/pkg/domain/entities/play.go @@ -90,6 +90,8 @@ type PlayKubeReport struct { PlayKubeTeardown } +type KubePlayReport = PlayKubeReport + // PlayKubeDownOptions are options for tearing down pods type PlayKubeDownOptions struct{} diff --git a/pkg/domain/infra/tunnel/play.go b/pkg/domain/infra/tunnel/play.go index d731a1d6c6..ee9195681a 100644 --- a/pkg/domain/infra/tunnel/play.go +++ b/pkg/domain/infra/tunnel/play.go @@ -5,12 +5,13 @@ import ( "io" "github.com/containers/image/v5/types" + "github.com/containers/podman/v4/pkg/bindings/kube" "github.com/containers/podman/v4/pkg/bindings/play" "github.com/containers/podman/v4/pkg/domain/entities" ) func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, opts entities.PlayKubeOptions) (*entities.PlayKubeReport, error) { - options := new(play.KubeOptions).WithAuthfile(opts.Authfile).WithUsername(opts.Username).WithPassword(opts.Password) + options := new(kube.PlayOptions).WithAuthfile(opts.Authfile).WithUsername(opts.Username).WithPassword(opts.Password) options.WithCertDir(opts.CertDir).WithQuiet(opts.Quiet).WithSignaturePolicy(opts.SignaturePolicy).WithConfigMaps(opts.ConfigMaps) options.WithLogDriver(opts.LogDriver).WithNetwork(opts.Networks).WithSeccompProfileRoot(opts.SeccompProfileRoot) options.WithStaticIPs(opts.StaticIPs).WithStaticMACs(opts.StaticMACs) @@ -31,5 +32,5 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, opts en } func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, body io.Reader, _ entities.PlayKubeDownOptions) (*entities.PlayKubeReport, error) { - return play.KubeDownWithBody(ic.ClientCtx, body) + return play.DownWithBody(ic.ClientCtx, body) } diff --git a/test/apiv2/25-containersMore.at b/test/apiv2/25-containersMore.at index c9fda8c6f5..9cdc2a33f5 100644 --- a/test/apiv2/25-containersMore.at +++ b/test/apiv2/25-containersMore.at @@ -53,34 +53,6 @@ t POST libpod/containers/foo/unmount 204 t DELETE libpod/containers/foo?force=true 200 -podman run $IMAGE true - -t GET libpod/containers/json?last=1 200 \ - length=1 \ - .[0].Id~[0-9a-f]\\{64\\} \ - .[0].Image=$IMAGE \ - .[0].Command[0]="true" \ - .[0].State~\\\(exited\\\|stopped\\\) \ - .[0].ExitCode=0 \ - .[0].IsInfra=false - -cid=$(jq -r '.[0].Id' <<<"$output") - -t GET libpod/generate/kube?names=$cid 200 -like "$output" ".*apiVersion:.*" "Check generated kube yaml - apiVersion" -like "$output" ".*kind:\\sPod.*" "Check generated kube yaml - kind: Pod" -like "$output" ".*metadata:.*" "Check generated kube yaml - metadata" -like "$output" ".*spec:.*" "Check generated kube yaml - spec" - -t GET "libpod/generate/kube?service=true&names=$cid" 200 -like "$output" ".*apiVersion:.*" "Check generated kube yaml(service=true) - apiVersion" -like "$output" ".*kind:\\sPod.*" "Check generated kube yaml(service=true) - kind: Pod" -like "$output" ".*metadata:.*" "Check generated kube yaml(service=true) - metadata" -like "$output" ".*spec:.*" "Check generated kube yaml(service=true) - spec" -like "$output" ".*kind:\\sService.*" "Check generated kube yaml(service=true) - kind: Service" - -t DELETE libpod/containers/$cid 200 .[0].Id=$cid - # Create 3 stopped containers to test containers prune podman run $IMAGE true podman run $IMAGE true diff --git a/test/apiv2/80-kube.at b/test/apiv2/80-kube.at new file mode 100644 index 0000000000..40b26d75e1 --- /dev/null +++ b/test/apiv2/80-kube.at @@ -0,0 +1,50 @@ +# -*- sh -*- +# +# test more container-related endpoints +# + +podman create $IMAGE true + +t GET libpod/containers/json?last=1 200 \ + length=1 \ + .[0].Id~[0-9a-f]\\{64\\} \ + .[0].Image=$IMAGE \ + .[0].Command[0]="true" \ + .[0].IsInfra=false + +cid=$(jq -r '.[0].Id' <<<"$output") + +# Make sure that generate-kube works + +t GET libpod/generate/kube?names=$cid 200 +like "$output" ".*apiVersion:.*" "Check generated kube yaml - apiVersion" +like "$output" ".*kind:\\sPod.*" "Check generated kube yaml - kind: Pod" +like "$output" ".*metadata:.*" "Check generated kube yaml - metadata" +like "$output" ".*spec:.*" "Check generated kube yaml - spec" + +t GET "libpod/generate/kube?service=true&names=$cid" 200 +like "$output" ".*apiVersion:.*" "Check generated kube yaml(service=true) - apiVersion" +like "$output" ".*kind:\\sPod.*" "Check generated kube yaml(service=true) - kind: Pod" +like "$output" ".*metadata:.*" "Check generated kube yaml(service=true) - metadata" +like "$output" ".*spec:.*" "Check generated kube yaml(service=true) - spec" +like "$output" ".*kind:\\sService.*" "Check generated kube yaml(service=true) - kind: Service" + +TMPD=$(mktemp -d podman-apiv2-test-kube.XXXXXX) +YAML="${TMPD}/kube.yaml" +echo "$output" > $YAML + +t DELETE libpod/containers/$cid 200 .[0].Id=$cid + +# Make sure that kube-play works + +t POST libpod/kube/play $YAML 200 +t DELETE libpod/kube/play $YAML 200 + +# Make sure that play-kube works + +t POST libpod/play/kube $YAML 200 +t DELETE libpod/play/kube $YAML 200 + +rm -rf $TMPD + +# vim: filetype=sh diff --git a/test/apiv2/test-apiv2 b/test/apiv2/test-apiv2 index 0fd282854c..0c3c6e672f 100755 --- a/test/apiv2/test-apiv2 +++ b/test/apiv2/test-apiv2 @@ -252,7 +252,7 @@ function t() { fi # POST and PUT requests may be followed by one or more key=value pairs. # Slurp the command line until we see a 3-digit status code. - if [[ $method = "POST" || $method == "PUT" ]]; then + if [[ $method = "POST" || $method == "PUT" || $method = "DELETE" ]]; then local -a post_args for arg; do case "$arg" in @@ -261,6 +261,8 @@ function t() { *.tar) curl_args+=(--data-binary @$arg); content_type="application/x-tar"; shift;; + *.yaml) curl_args+=(--data-binary @$arg); + shift;; application/*) content_type="$arg"; shift;; [1-9][0-9][0-9]) break;; diff --git a/test/system/700-play.bats b/test/system/700-play.bats index 6c2a8c8b18..53e9a52742 100644 --- a/test/system/700-play.bats +++ b/test/system/700-play.bats @@ -65,12 +65,12 @@ status: {} RELABEL="system_u:object_r:container_file_t:s0" -@test "podman play with stdin" { +@test "podman kube with stdin" { TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - run_podman play kube - < $PODMAN_TMPDIR/test.yaml + run_podman kube play - < $PODMAN_TMPDIR/test.yaml if [ -e /usr/sbin/selinuxenabled -a /usr/sbin/selinuxenabled ]; then run ls -Zd $TESTDIR is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" @@ -86,6 +86,20 @@ RELABEL="system_u:object_r:container_file_t:s0" run_podman pod rm -t 0 -f test_pod } +@test "podman kube" { + TESTDIR=$PODMAN_TMPDIR/testdir + mkdir -p $TESTDIR + echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml + run_podman kube play $PODMAN_TMPDIR/test.yaml + if [ -e /usr/sbin/selinuxenabled -a /usr/sbin/selinuxenabled ]; then + run ls -Zd $TESTDIR + is "$output" "${RELABEL} $TESTDIR" "selinux relabel should have happened" + fi + + run_podman stop -a -t 0 + run_podman pod rm -t 0 -f test_pod +} + @test "podman play" { TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR @@ -159,13 +173,13 @@ EOF run_podman 1 container exists $service_container } -@test "podman play --network" { +@test "podman kube --network" { TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - run_podman 125 play kube --network host $PODMAN_TMPDIR/test.yaml + run_podman 125 kube play --network host $PODMAN_TMPDIR/test.yaml is "$output" ".*invalid value passed to --network: bridge or host networking must be configured in YAML" "podman plan-network should fail with --network host" - run_podman play kube --network slirp4netns:port_handler=slirp4netns $PODMAN_TMPDIR/test.yaml + run_podman kube play --network slirp4netns:port_handler=slirp4netns $PODMAN_TMPDIR/test.yaml run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" infraID="$output" run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID @@ -174,7 +188,7 @@ EOF run_podman stop -a -t 0 run_podman pod rm -t 0 -f test_pod - run_podman play kube --network none $PODMAN_TMPDIR/test.yaml + run_podman kube play --network none $PODMAN_TMPDIR/test.yaml run_podman pod inspect --format {{.InfraContainerID}} "${lines[1]}" infraID="$output" run_podman container inspect --format "{{.HostConfig.NetworkMode}}" $infraID @@ -280,12 +294,12 @@ _EOF run_podman rmi -f userimage:latest } -@test "podman play --annotation" { +@test "podman kube --annotation" { TESTDIR=$PODMAN_TMPDIR/testdir RANDOMSTRING=$(random_string 15) mkdir -p $TESTDIR echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml - run_podman play kube --annotation "name=$RANDOMSTRING" $PODMAN_TMPDIR/test.yaml + run_podman kube play --annotation "name=$RANDOMSTRING" $PODMAN_TMPDIR/test.yaml run_podman inspect --format "{{ .Config.Annotations }}" test_pod-test is "$output" ".*name:$RANDOMSTRING" "Annotation should be added to pod" @@ -338,7 +352,7 @@ status: {} assert "$output" =~ "invalid annotation \"test\"=\"$RANDOMSTRING\"" "Expected to fail with annotation length greater than 63" } -@test "podman play kube - default log driver" { +@test "podman kube play - default log driver" { TESTDIR=$PODMAN_TMPDIR/testdir mkdir -p $TESTDIR echo "$testYaml" | sed "s|TESTDIR|${TESTDIR}|g" > $PODMAN_TMPDIR/test.yaml @@ -347,7 +361,7 @@ status: {} default_driver=$output # Make sure that the default log driver is used - run_podman play kube $PODMAN_TMPDIR/test.yaml + run_podman kube play $PODMAN_TMPDIR/test.yaml run_podman inspect --format "{{.HostConfig.LogConfig.Type}}" test_pod-test is "$output" "$default_driver" "play kube uses default log driver"