summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--cmd/podman/cliconfig/config.go1
-rw-r--r--cmd/podman/main.go5
-rw-r--r--cmd/podman/main_local.go5
-rw-r--r--cmd/podman/main_remote.go10
-rw-r--r--cmd/podman/remoteclientconfig/config.go1
-rw-r--r--cmd/podman/remoteclientconfig/configfile_test.go14
-rw-r--r--docs/podman-remote.1.md4
-rw-r--r--docs/podman-remote.conf.5.md4
-rw-r--r--pkg/adapter/client.go2
-rw-r--r--pkg/adapter/client_unix.go8
-rw-r--r--rootless.md3
11 files changed, 51 insertions, 6 deletions
diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go
index e0ce202cc..b8796f9b3 100644
--- a/cmd/podman/cliconfig/config.go
+++ b/cmd/podman/cliconfig/config.go
@@ -41,6 +41,7 @@ type MainFlags struct {
VarlinkAddress string
ConnectionName string
RemoteConfigFilePath string
+ Port int
}
type AttachValues struct {
diff --git a/cmd/podman/main.go b/cmd/podman/main.go
index b83ccd9a5..992dbe1d5 100644
--- a/cmd/podman/main.go
+++ b/cmd/podman/main.go
@@ -111,6 +111,11 @@ func before(cmd *cobra.Command, args []string) error {
return err
}
+ // check that global opts input is valid
+ if err := checkInput(); err != nil {
+ return err
+ }
+
// Set log level; if not log-level is provided, default to error
logLevel := MainGlobalOpts.LogLevel
if logLevel == "" {
diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go
index 08d7ccaf4..917096e17 100644
--- a/cmd/podman/main_local.go
+++ b/cmd/podman/main_local.go
@@ -267,3 +267,8 @@ func setUMask() {
// Be sure we can create directories with 0755 mode.
syscall.Umask(0022)
}
+
+// checkInput can be used to verify any of the globalopt values
+func checkInput() error {
+ return nil
+}
diff --git a/cmd/podman/main_remote.go b/cmd/podman/main_remote.go
index a005e925c..f617422e6 100644
--- a/cmd/podman/main_remote.go
+++ b/cmd/podman/main_remote.go
@@ -3,6 +3,7 @@
package main
import (
+ "github.com/pkg/errors"
"os/user"
"github.com/spf13/cobra"
@@ -18,6 +19,7 @@ func init() {
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.ConnectionName, "connection", "", "remote connection name")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.RemoteConfigFilePath, "remote-config-path", "", "alternate path for configuration file")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.RemoteUserName, "username", username, "username on the remote host")
+ rootCmd.PersistentFlags().IntVar(&MainGlobalOpts.Port, "port", 22, "port on remote host")
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.RemoteHost, "remote-host", "", "remote host")
// TODO maybe we allow the altering of this for bridge connections?
// rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.VarlinkAddress, "varlink-address", adapter.DefaultAddress, "address of the varlink socket")
@@ -42,3 +44,11 @@ func setRLimits() error {
}
func setUMask() {}
+
+// checkInput can be used to verify any of the globalopt values
+func checkInput() error {
+ if MainGlobalOpts.Port < 0 || MainGlobalOpts.Port > 65536 {
+ return errors.Errorf("remote port must be between 0 and 65536")
+ }
+ return nil
+}
diff --git a/cmd/podman/remoteclientconfig/config.go b/cmd/podman/remoteclientconfig/config.go
index 01f293ec3..13880a868 100644
--- a/cmd/podman/remoteclientconfig/config.go
+++ b/cmd/podman/remoteclientconfig/config.go
@@ -12,6 +12,7 @@ type RemoteConnection struct {
Destination string `toml:"destination"`
Username string `toml:"username"`
IsDefault bool `toml:"default"`
+ Port int `toml:"port"`
}
// GetConfigFilePath is a simple helper to export the configuration file's
diff --git a/cmd/podman/remoteclientconfig/configfile_test.go b/cmd/podman/remoteclientconfig/configfile_test.go
index 66e0a4693..ea2224ea7 100644
--- a/cmd/podman/remoteclientconfig/configfile_test.go
+++ b/cmd/podman/remoteclientconfig/configfile_test.go
@@ -13,11 +13,13 @@ var goodConfig = `
[connections.homer]
destination = "192.168.1.1"
username = "myuser"
+port = 22
default = true
[connections.bart]
destination = "foobar.com"
username = "root"
+port = 22
`
var noDest = `
[connections]
@@ -26,9 +28,11 @@ var noDest = `
destination = "192.168.1.1"
username = "myuser"
default = true
+port = 22
[connections.bart]
username = "root"
+port = 22
`
var noUser = `
@@ -36,6 +40,7 @@ var noUser = `
[connections.homer]
destination = "192.168.1.1"
+port = 22
`
func makeGoodResult() *RemoteConfig {
@@ -44,10 +49,12 @@ func makeGoodResult() *RemoteConfig {
Destination: "192.168.1.1",
Username: "myuser",
IsDefault: true,
+ Port: 22,
}
goodConnections["bart"] = RemoteConnection{
Destination: "foobar.com",
Username: "root",
+ Port: 22,
}
var goodResult = RemoteConfig{
Connections: goodConnections,
@@ -59,6 +66,7 @@ func makeNoUserResult() *RemoteConfig {
var goodConnections = make(map[string]RemoteConnection)
goodConnections["homer"] = RemoteConnection{
Destination: "192.168.1.1",
+ Port: 22,
}
var goodResult = RemoteConfig{
Connections: goodConnections,
@@ -135,7 +143,7 @@ func TestRemoteConfig_GetDefault(t *testing.T) {
wantErr bool
}{
// A good toml should return the connection that is marked isDefault
- {"good", fields{Connections: makeGoodResult().Connections}, &RemoteConnection{"192.168.1.1", "myuser", true}, false},
+ {"good", fields{Connections: makeGoodResult().Connections}, &RemoteConnection{"192.168.1.1", "myuser", true, 22}, false},
// If nothing is marked as isDefault and there is more than one connection, error should occur
{"nodefault", fields{Connections: noDefault}, nil, true},
// if nothing is marked as isDefault but there is only one connection, the one connection is considered the default
@@ -175,9 +183,9 @@ func TestRemoteConfig_GetRemoteConnection(t *testing.T) {
wantErr bool
}{
// Good connection
- {"goodhomer", fields{Connections: makeGoodResult().Connections}, args{name: "homer"}, &RemoteConnection{"192.168.1.1", "myuser", true}, false},
+ {"goodhomer", fields{Connections: makeGoodResult().Connections}, args{name: "homer"}, &RemoteConnection{"192.168.1.1", "myuser", true, 22}, false},
// Good connection
- {"goodbart", fields{Connections: makeGoodResult().Connections}, args{name: "bart"}, &RemoteConnection{"foobar.com", "root", false}, false},
+ {"goodbart", fields{Connections: makeGoodResult().Connections}, args{name: "bart"}, &RemoteConnection{"foobar.com", "root", false, 22}, false},
// Getting an unknown connection should result in error
{"noexist", fields{Connections: makeGoodResult().Connections}, args{name: "foobar"}, nil, true},
// Getting a connection when there are none should result in an error
diff --git a/docs/podman-remote.1.md b/docs/podman-remote.1.md
index 84042a842..04010abaf 100644
--- a/docs/podman-remote.1.md
+++ b/docs/podman-remote.1.md
@@ -35,6 +35,10 @@ Print usage statement
Log messages above specified level: debug, info, warn, error (default), fatal or panic
+**--port**=*integer*
+
+Use an alternative port for the ssh connections. The default port is 22
+
**--remote-config-path**=*path*
Alternate path for configuration file
diff --git a/docs/podman-remote.conf.5.md b/docs/podman-remote.conf.5.md
index 3e1cffb02..3c8a1a801 100644
--- a/docs/podman-remote.conf.5.md
+++ b/docs/podman-remote.conf.5.md
@@ -22,6 +22,9 @@ of the user's remote connections.
Denotes whether the connection is the default connection for the user. The default connection
is used when the user does not specify a destination or connection name to `podman`.
+**port** = int
+ Use an alternative port for the ssh connections. The default port is 22.
+
## EXAMPLE
@@ -37,6 +40,7 @@ is designated as the default connection.
[connections.host2]
destination = "192.168.122.133"
username = "fedora"
+ port = 2222
```
## FILES
diff --git a/pkg/adapter/client.go b/pkg/adapter/client.go
index da6ff5fd0..1805c758d 100644
--- a/pkg/adapter/client.go
+++ b/pkg/adapter/client.go
@@ -35,7 +35,7 @@ func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) {
if len(r.cmd.RemoteUserName) < 1 {
return nil, errors.New("you must provide a username when providing a remote host name")
}
- rc := remoteclientconfig.RemoteConnection{r.cmd.RemoteHost, r.cmd.RemoteUserName, false}
+ rc := remoteclientconfig.RemoteConnection{r.cmd.RemoteHost, r.cmd.RemoteUserName, false, r.cmd.Port}
remoteEndpoint, err = newBridgeConnection("", &rc, r.cmd.LogLevel)
// if the user has a config file with connections in it
} else if len(remoteConfigConnections.Connections) > 0 {
diff --git a/pkg/adapter/client_unix.go b/pkg/adapter/client_unix.go
index 4781acd06..a7bc7c1c0 100644
--- a/pkg/adapter/client_unix.go
+++ b/pkg/adapter/client_unix.go
@@ -10,7 +10,11 @@ import (
)
func formatDefaultBridge(remoteConn *remoteclientconfig.RemoteConnection, logLevel string) string {
+ port := remoteConn.Port
+ if port == 0 {
+ port = 22
+ }
return fmt.Sprintf(
- `ssh -T %s@%s -- /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`,
- remoteConn.Username, remoteConn.Destination, logLevel)
+ `ssh -p %d -T %s@%s -- /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`,
+ port, remoteConn.Username, remoteConn.Destination, logLevel)
}
diff --git a/rootless.md b/rootless.md
index 960430d54..53463dccc 100644
--- a/rootless.md
+++ b/rootless.md
@@ -14,6 +14,9 @@ can easily fail
* No cgroup V1 Support
* cgroup V1 does not safely support cgroup delegation.
* However, cgroup V2 provides cgroup delegation and is available on Fedora starting with version 29 and other Linux distributions.
+* Some systemd's unit configuration options do not work in the rootless container
+ * systemd fails to apply several options and failures are silently ignored (e.g. CPUShares, MemoryLimit).
+ * Use of certain options will cause service startup failures (e.g. PrivateNetwork).
* Can not share container images with CRI-O or other users
* Difficult to use additional stores for sharing content
* Does not work on NFS or parallel filesystem homedirs (e.g. [GPFS](https://www.ibm.com/support/knowledgecenter/en/SSFKCN/gpfs_welcome.html))