diff options
Diffstat (limited to 'cmd/podman')
-rw-r--r-- | cmd/podman/common/create.go | 12 | ||||
-rw-r--r-- | cmd/podman/common/create_opts.go | 6 | ||||
-rw-r--r-- | cmd/podman/common/createparse.go | 4 | ||||
-rw-r--r-- | cmd/podman/common/specgen.go | 4 | ||||
-rw-r--r-- | cmd/podman/containers/create.go | 18 | ||||
-rw-r--r-- | cmd/podman/containers/start.go | 30 | ||||
-rw-r--r-- | cmd/podman/containers/stop.go | 3 | ||||
-rw-r--r-- | cmd/podman/generate/systemd.go | 2 | ||||
-rw-r--r-- | cmd/podman/images/trust_set.go | 26 | ||||
-rw-r--r-- | cmd/podman/machine/start.go | 13 | ||||
-rw-r--r-- | cmd/podman/manifest/add.go | 2 | ||||
-rw-r--r-- | cmd/podman/play/kube.go | 15 | ||||
-rw-r--r-- | cmd/podman/utils/alias.go | 11 |
13 files changed, 124 insertions, 22 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go index d496ae308..64d1956eb 100644 --- a/cmd/podman/common/create.go +++ b/cmd/podman/common/create.go @@ -277,7 +277,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) { createFlags.StringSliceVar( &cf.GroupAdd, groupAddFlagName, []string{}, - "Add additional groups to the primary container process. 'keep-groups' allows container processes to use suplementary groups.", + "Add additional groups to the primary container process. 'keep-groups' allows container processes to use supplementary groups.", ) _ = cmd.RegisterFlagCompletionFunc(groupAddFlagName, completion.AutocompleteNone) @@ -651,7 +651,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) { createFlags.UintVar( &cf.StopTimeout, stopTimeoutFlagName, containerConfig.Engine.StopTimeout, - "Timeout (in seconds) to stop a container. Default is 10", + "Timeout (in seconds) that containers stopped by user command have to exit. If exceeded, the container will be forcibly stopped via SIGKILL.", ) _ = cmd.RegisterFlagCompletionFunc(stopTimeoutFlagName, completion.AutocompleteNone) @@ -697,6 +697,14 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) { ) _ = cmd.RegisterFlagCompletionFunc(systemdFlagName, AutocompleteSystemdFlag) + timeoutFlagName := "timeout" + createFlags.UintVar( + &cf.Timeout, + timeoutFlagName, 0, + "Maximum length of time a container is allowed to run. The container will be killed automatically after the time expires.", + ) + _ = cmd.RegisterFlagCompletionFunc(timeoutFlagName, completion.AutocompleteNone) + tmpfsFlagName := "tmpfs" createFlags.StringArrayVar( &cf.TmpFS, diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go index 983b9e5ca..77ac781a5 100644 --- a/cmd/podman/common/create_opts.go +++ b/cmd/podman/common/create_opts.go @@ -108,6 +108,7 @@ type ContainerCLIOpts struct { SubGIDName string Sysctl []string Systemd string + Timeout uint TmpFS []string TTY bool Timezone string @@ -301,6 +302,11 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, cgroup staticIP := net.ParseIP(ep.IPAddress) netInfo.StaticIP = &staticIP } + // if IPAMConfig.IPv4Address is provided + if ep.IPAMConfig != nil && ep.IPAMConfig.IPv4Address != "" { + staticIP := net.ParseIP(ep.IPAMConfig.IPv4Address) + netInfo.StaticIP = &staticIP + } // If MAC address is provided if len(ep.MacAddress) > 0 { staticMac, err := net.ParseMAC(ep.MacAddress) diff --git a/cmd/podman/common/createparse.go b/cmd/podman/common/createparse.go index 818cd0bbd..dcef1a151 100644 --- a/cmd/podman/common/createparse.go +++ b/cmd/podman/common/createparse.go @@ -1,7 +1,7 @@ package common import ( - "github.com/containers/podman/v3/pkg/util" + "github.com/containers/common/pkg/config" "github.com/pkg/errors" ) @@ -13,7 +13,7 @@ func (c *ContainerCLIOpts) validate() error { return errors.Errorf(`the --rm option conflicts with --restart, when the restartPolicy is not "" and "no"`) } - if _, err := util.ValidatePullType(c.Pull); err != nil { + if _, err := config.ParsePullPolicy(c.Pull); err != nil { return err } diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index ce7ca2b4b..5dc2ec864 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -540,7 +540,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string return fmt.Errorf("invalid systempaths option %q, only `unconfined` is supported", con[1]) } case "unmask": - s.ContainerSecurityConfig.Unmask = append(s.ContainerSecurityConfig.Unmask, strings.Split(con[1], ":")...) + s.ContainerSecurityConfig.Unmask = append(s.ContainerSecurityConfig.Unmask, con[1:]...) default: return fmt.Errorf("invalid --security-opt 2: %q", opt) } @@ -646,9 +646,11 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string } s.Remove = c.Rm s.StopTimeout = &c.StopTimeout + s.Timeout = c.Timeout s.Timezone = c.Timezone s.Umask = c.Umask s.PidFile = c.PidFile + s.Volatile = c.Rm return nil } diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 3f495e19b..f06869c4e 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -8,15 +8,15 @@ import ( "strings" "github.com/containers/common/pkg/config" - "github.com/containers/image/v5/storage" + storageTransport "github.com/containers/image/v5/storage" "github.com/containers/image/v5/transports/alltransports" "github.com/containers/podman/v3/cmd/podman/common" "github.com/containers/podman/v3/cmd/podman/registry" "github.com/containers/podman/v3/cmd/podman/utils" - "github.com/containers/podman/v3/libpod/define" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/specgen" "github.com/containers/podman/v3/pkg/util" + "github.com/containers/storage" "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/spf13/cobra" @@ -238,6 +238,8 @@ func createInit(c *cobra.Command) error { return nil } +// TODO: we should let the backend take care of the pull policy (which it +// does!). The code below is at risk of causing regression and code divergence. func pullImage(imageName string) (string, error) { pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull) if err != nil { @@ -252,7 +254,7 @@ func pullImage(imageName string) (string, error) { // Assume we specified a local image without the explicit storage transport. fallthrough - case imageRef.Transport().Name() == storage.Transport.Name(): + case imageRef.Transport().Name() == storageTransport.Transport.Name(): br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName) if err != nil { return "", err @@ -272,15 +274,15 @@ func pullImage(imageName string) (string, error) { } } - if pullPolicy != config.PullImageAlways { + if pullPolicy != config.PullPolicyAlways { logrus.Info("--platform --arch and --os causes the pull policy to be \"always\"") - pullPolicy = config.PullImageAlways + pullPolicy = config.PullPolicyAlways } } - if imageMissing || pullPolicy == config.PullImageAlways { - if pullPolicy == config.PullImageNever { - return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName) + if imageMissing || pullPolicy == config.PullPolicyAlways { + if pullPolicy == config.PullPolicyNever { + return "", errors.Wrap(storage.ErrImageUnknown, imageName) } pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{ Authfile: cliVals.Authfile, diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go index 9b358db74..dcd1eca82 100644 --- a/cmd/podman/containers/start.go +++ b/cmd/podman/containers/start.go @@ -3,6 +3,7 @@ package containers import ( "fmt" "os" + "strings" "github.com/containers/podman/v3/cmd/podman/common" "github.com/containers/podman/v3/cmd/podman/registry" @@ -42,7 +43,9 @@ var ( ) var ( - startOptions entities.ContainerStartOptions + startOptions = entities.ContainerStartOptions{ + Filters: make(map[string][]string), + } ) func startFlags(cmd *cobra.Command) { @@ -56,6 +59,10 @@ func startFlags(cmd *cobra.Command) { flags.BoolVarP(&startOptions.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached") flags.BoolVar(&startOptions.SigProxy, "sig-proxy", false, "Proxy received signals to the process (default true if attaching, false otherwise)") + flags.StringSliceVarP(&filters, "filter", "f", []string{}, "Filter output based on conditions given") + _ = cmd.RegisterFlagCompletionFunc("filter", common.AutocompletePsFilters) + + flags.BoolVar(&startOptions.All, "all", false, "Start all containers regardless of their state or configuration") if registry.IsRemote() { _ = flags.MarkHidden("sig-proxy") @@ -79,7 +86,7 @@ func init() { } func validateStart(cmd *cobra.Command, args []string) error { - if len(args) == 0 && !startOptions.Latest { + if len(args) == 0 && !startOptions.Latest && !startOptions.All { return errors.New("start requires at least one argument") } if len(args) > 0 && startOptions.Latest { @@ -88,6 +95,12 @@ func validateStart(cmd *cobra.Command, args []string) error { if len(args) > 1 && startOptions.Attach { return errors.Errorf("you cannot start and attach multiple containers at once") } + if (len(args) > 0 || startOptions.Latest) && startOptions.All { + return errors.Errorf("either start all containers or the container(s) provided in the arguments") + } + if startOptions.Attach && startOptions.All { + return errors.Errorf("you cannot start and attach all containers at once") + } return nil } @@ -108,7 +121,18 @@ func start(cmd *cobra.Command, args []string) error { startOptions.Stdout = os.Stdout } - responses, err := registry.ContainerEngine().ContainerStart(registry.GetContext(), args, startOptions) + var containers []string = args + if len(filters) > 0 { + for _, f := range filters { + split := strings.SplitN(f, "=", 2) + if len(split) == 1 { + return errors.Errorf("invalid filter %q", f) + } + startOptions.Filters[split[0]] = append(startOptions.Filters[split[0]], split[1]) + } + } + + responses, err := registry.ContainerEngine().ContainerStart(registry.GetContext(), containers, startOptions) if err != nil { return err } diff --git a/cmd/podman/containers/stop.go b/cmd/podman/containers/stop.go index bed45f374..62ce9b036 100644 --- a/cmd/podman/containers/stop.go +++ b/cmd/podman/containers/stop.go @@ -72,7 +72,8 @@ func stopFlags(cmd *cobra.Command) { _ = flags.MarkHidden("cidfile") _ = flags.MarkHidden("ignore") } - flags.SetNormalizeFunc(utils.AliasFlags) + + flags.SetNormalizeFunc(utils.TimeoutAliasFlags) } func init() { diff --git a/cmd/podman/generate/systemd.go b/cmd/podman/generate/systemd.go index 72b2e6335..8a8f5016a 100644 --- a/cmd/podman/generate/systemd.go +++ b/cmd/podman/generate/systemd.go @@ -74,7 +74,7 @@ func init() { flags.StringVar(&format, formatFlagName, "", "Print the created units in specified format (json)") _ = systemdCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteFormat(nil)) - flags.SetNormalizeFunc(utils.AliasFlags) + flags.SetNormalizeFunc(utils.TimeoutAliasFlags) } func systemd(cmd *cobra.Command, args []string) error { diff --git a/cmd/podman/images/trust_set.go b/cmd/podman/images/trust_set.go index 6333512d9..c192669a9 100644 --- a/cmd/podman/images/trust_set.go +++ b/cmd/podman/images/trust_set.go @@ -1,10 +1,12 @@ package images import ( + "net/url" + "regexp" + "github.com/containers/common/pkg/completion" "github.com/containers/podman/v3/cmd/podman/common" "github.com/containers/podman/v3/cmd/podman/registry" - "github.com/containers/podman/v3/libpod/image" "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" @@ -53,7 +55,7 @@ File(s) must exist before using this command`) func setTrust(cmd *cobra.Command, args []string) error { validTrustTypes := []string{"accept", "insecureAcceptAnything", "reject", "signedBy"} - valid, err := image.IsValidImageURI(args[0]) + valid, err := isValidImageURI(args[0]) if err != nil || !valid { return err } @@ -63,3 +65,23 @@ func setTrust(cmd *cobra.Command, args []string) error { } return registry.ImageEngine().SetTrust(registry.Context(), args, setOptions) } + +// isValidImageURI checks if image name has valid format +func isValidImageURI(imguri string) (bool, error) { + uri := "http://" + imguri + u, err := url.Parse(uri) + if err != nil { + return false, errors.Wrapf(err, "invalid image uri: %s", imguri) + } + reg := regexp.MustCompile(`^[a-zA-Z0-9-_\.]+\/?:?[0-9]*[a-z0-9-\/:]*$`) + ret := reg.FindAllString(u.Host, -1) + if len(ret) == 0 { + return false, errors.Wrapf(err, "invalid image uri: %s", imguri) + } + reg = regexp.MustCompile(`^[a-z0-9-:\./]*$`) + ret = reg.FindAllString(u.Fragment, -1) + if len(ret) == 0 { + return false, errors.Wrapf(err, "invalid image uri: %s", imguri) + } + return true, nil +} diff --git a/cmd/podman/machine/start.go b/cmd/podman/machine/start.go index d06e04f41..4334cfc0f 100644 --- a/cmd/podman/machine/start.go +++ b/cmd/podman/machine/start.go @@ -7,6 +7,7 @@ import ( "github.com/containers/podman/v3/pkg/domain/entities" "github.com/containers/podman/v3/pkg/machine" "github.com/containers/podman/v3/pkg/machine/qemu" + "github.com/pkg/errors" "github.com/spf13/cobra" ) @@ -40,6 +41,18 @@ func start(cmd *cobra.Command, args []string) error { if len(args) > 0 && len(args[0]) > 0 { vmName = args[0] } + + // We only have qemu VM's for now + active, activeName, err := qemu.CheckActiveVM() + if err != nil { + return err + } + if active { + if vmName == activeName { + return errors.Wrapf(machine.ErrVMAlreadyRunning, "cannot start VM %s", vmName) + } + return errors.Wrapf(machine.ErrMultipleActiveVM, "cannot start VM %s. VM %s is currently running", vmName, activeName) + } switch vmType { default: vm, err = qemu.LoadVMByName(vmName) diff --git a/cmd/podman/manifest/add.go b/cmd/podman/manifest/add.go index 82e155909..2499dc2e8 100644 --- a/cmd/podman/manifest/add.go +++ b/cmd/podman/manifest/add.go @@ -94,6 +94,8 @@ func add(cmd *cobra.Command, args []string) error { return err } + // FIXME: (@vrothberg) this interface confuses me a lot. Why are they + // not two arguments? manifestAddOpts.Images = []string{args[1], args[0]} if manifestAddOpts.CredentialsCLI != "" { diff --git a/cmd/podman/play/kube.go b/cmd/podman/play/kube.go index 30d6d86f0..fe382bdfb 100644 --- a/cmd/podman/play/kube.go +++ b/cmd/podman/play/kube.go @@ -2,6 +2,7 @@ package pods import ( "fmt" + "net" "os" "github.com/containers/common/pkg/auth" @@ -27,6 +28,7 @@ type playKubeOptionsWrapper struct { } var ( + macs []string // https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/ defaultSeccompRoot = "/var/lib/kubelet/seccomp" kubeOptions = playKubeOptionsWrapper{} @@ -61,6 +63,10 @@ func init() { flags.StringVar(&kubeOptions.CredentialsCLI, credsFlagName, "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry") _ = kubeCmd.RegisterFlagCompletionFunc(credsFlagName, completion.AutocompleteNone) + staticMACFlagName := "mac-address" + flags.StringSliceVar(&macs, staticMACFlagName, nil, "Static MAC addresses to assign to the pods") + _ = kubeCmd.RegisterFlagCompletionFunc(staticMACFlagName, completion.AutocompleteNone) + networkFlagName := "network" flags.StringVar(&kubeOptions.Network, networkFlagName, "", "Connect pod to CNI network(s)") _ = kubeCmd.RegisterFlagCompletionFunc(networkFlagName, common.AutocompleteNetworkFlag) @@ -128,6 +134,15 @@ func kube(cmd *cobra.Command, args []string) error { if yamlfile == "-" { yamlfile = "/dev/stdin" } + + for _, mac := range macs { + m, err := net.ParseMAC(mac) + if err != nil { + return err + } + kubeOptions.StaticMACs = append(kubeOptions.StaticMACs, m) + } + report, err := registry.ContainerEngine().PlayKube(registry.GetContext(), yamlfile, kubeOptions.PlayKubeOptions) if err != nil { return err diff --git a/cmd/podman/utils/alias.go b/cmd/podman/utils/alias.go index 8d089920b..306e610d9 100644 --- a/cmd/podman/utils/alias.go +++ b/cmd/podman/utils/alias.go @@ -17,8 +17,6 @@ func AliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName { name = "health-timeout" case "net": name = "network" - case "timeout": - name = "time" case "namespace": name = "ns" case "storage": @@ -34,3 +32,12 @@ func AliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName { } return pflag.NormalizedName(name) } + +// TimeoutAliasFlags is a function to handle backwards compatibility with old timeout flags +func TimeoutAliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName { + switch name { + case "timeout": + name = "time" + } + return pflag.NormalizedName(name) +} |