diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-07-15 17:30:16 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-15 17:30:16 -0400 |
| commit | 12b67aaf62b6e99f94db7ea89dad87f16a9fbd86 (patch) | |
| tree | ce0c74860f2ccaeb7e85dceb4bbd370d1b282b93 /pkg | |
| parent | 9d87dc74084b9b1ae67106a23cf3ed5327ca0681 (diff) | |
| parent | f7321681d04d65da3b307d1e5e4ba12c42b5c456 (diff) | |
| download | podman-12b67aaf62b6e99f94db7ea89dad87f16a9fbd86.tar.gz podman-12b67aaf62b6e99f94db7ea89dad87f16a9fbd86.tar.bz2 podman-12b67aaf62b6e99f94db7ea89dad87f16a9fbd86.zip | |
Merge pull request #10894 from cdoern/pidPod
podman pod create --pid flag
Diffstat (limited to 'pkg')
| -rw-r--r-- | pkg/domain/entities/pods.go | 21 | ||||
| -rw-r--r-- | pkg/specgen/generate/pod_create.go | 4 | ||||
| -rw-r--r-- | pkg/specgen/podspecgen.go | 4 |
3 files changed, 29 insertions, 0 deletions
diff --git a/pkg/domain/entities/pods.go b/pkg/domain/entities/pods.go index 35f940bca..a0a2a1790 100644 --- a/pkg/domain/entities/pods.go +++ b/pkg/domain/entities/pods.go @@ -118,6 +118,7 @@ type PodCreateOptions struct { Name string Net *NetOptions Share []string + Pid string Cpus float64 CpusetCpus string } @@ -146,6 +147,18 @@ func (p *PodCreateOptions) CPULimits() *specs.LinuxCPU { return cpu } +func setNamespaces(p *PodCreateOptions) ([4]specgen.Namespace, error) { + allNS := [4]specgen.Namespace{} + if p.Pid != "" { + pid, err := specgen.ParseNamespace(p.Pid) + if err != nil { + return [4]specgen.Namespace{}, err + } + allNS[0] = pid + } + return allNS, nil +} + func (p *PodCreateOptions) ToPodSpecGen(s *specgen.PodSpecGenerator) error { // Basic Config s.Name = p.Name @@ -178,6 +191,14 @@ func (p *PodCreateOptions) ToPodSpecGen(s *specgen.PodSpecGenerator) error { s.NoManageHosts = p.Net.NoHosts s.HostAdd = p.Net.AddHosts + namespaces, err := setNamespaces(p) + if err != nil { + return err + } + if !namespaces[0].IsDefault() { + s.Pid = namespaces[0] + } + // Cgroup s.CgroupParent = p.CGroupParent diff --git a/pkg/specgen/generate/pod_create.go b/pkg/specgen/generate/pod_create.go index 023ebb41e..4ffd8a37f 100644 --- a/pkg/specgen/generate/pod_create.go +++ b/pkg/specgen/generate/pod_create.go @@ -102,6 +102,10 @@ func createPodOptions(p *specgen.PodSpecGenerator, rt *libpod.Runtime) ([]libpod options = append(options, libpod.WithInfraCommand(p.InfraCommand)) } + if !p.Pid.IsDefault() { + options = append(options, libpod.WithPodPidNS(p.Pid)) + } + switch p.NetNS.NSMode { case specgen.Default, "": if p.NoInfra { diff --git a/pkg/specgen/podspecgen.go b/pkg/specgen/podspecgen.go index 000a787ea..319345c71 100644 --- a/pkg/specgen/podspecgen.go +++ b/pkg/specgen/podspecgen.go @@ -57,6 +57,10 @@ type PodBasicConfig struct { // (e.g. `podman generate systemd --new`). // Optional. PodCreateCommand []string `json:"pod_create_command,omitempty"` + // Pid sets the process id namespace of the pod + // Optional (defaults to private if unset). This sets the PID namespace of the infra container + // This configuration will then be shared with the entire pod if PID namespace sharing is enabled via --share + Pid Namespace `json:"pid,omitempty:"` } // PodNetworkConfig contains networking configuration for a pod. |