Add auto-update support to `podman kube play`. Auto-update policies can
be configured for:
* the entire pod via the `io.containers.autoupdate` annotation
* a specific container via the `io.containers.autoupdate/$name` annotation
To make use of rollbacks, the `io.containers.sdnotify` policy should be
set to `container` such that the workload running _inside_ the container
can send the READY message via the NOTIFY_SOCKET once ready. For
further details on auto updates and rollbacks, please refer to the
specific article [1].
Since auto updates and rollbacks bases on Podman's systemd integration,
the k8s YAML must be executed in the `podman-kube@` systemd template.
For further details on how to run k8s YAML in systemd via Podman, please
refer to the specific article [2].
An examplary k8s YAML may look as follows:
```YAML
apiVersion: v1
kind: Pod
metadata:
annotations:
io.containers.autoupdate: "local"
io.containers.autoupdate/b: "registry"
labels:
app: test
name: test_pod
spec:
containers:
- command:
- top
image: alpine
name: a
- command:
- top
image: alpine
name: b
```
[1] https://www.redhat.com/sysadmin/podman-auto-updates-rollbacks
[2] https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Refactor the --authfile option.
My suggestion for review:
1) run hack/markdown-preprocess-review and immediately Ctrl-Q to
quit out of diffuse, which is completely unusable for this
many files; then
2) cd /tmp/markdown-preprocess-review.diffs/authfile
- this is the directory created by the review script
3) rm podman-image-sign* podman-log* podman-search.1.md.in
- because they're essentially identical to podman-create
4) rm podman-manifest-* podman-push.*
- because they're 100% identical to podman-kube-play
5) rm podman-kube-play*
- because it's apart-from-whitespace identical to podman-build
(use "wdiff" to confirm)
6) rm podman-auto-update*
- because that's the one I chose (hence == zzz-chosen.md)
(You should obviously run your own diff/cmp before rm, to confirm
my assertions about which files are identical).
After all that, you have a manageable number of files which
you can scan, read, diff against zzz-chosen.md, even run diffuse.
This option is IMHO the poster child for why we need this kind
of man page refactoring.
Signed-off-by: Ed Santiago <santiago@redhat.com>
OpenShift Merge Robot
Andrew Denton
Valentin Rothberg
Ed Santiago