summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/common/create.go12
-rw-r--r--cmd/podman/common/create_opts.go6
-rw-r--r--cmd/podman/common/createparse.go4
-rw-r--r--cmd/podman/common/specgen.go4
-rw-r--r--cmd/podman/containers/create.go18
-rw-r--r--cmd/podman/containers/start.go30
-rw-r--r--cmd/podman/containers/stop.go3
-rw-r--r--cmd/podman/generate/systemd.go2
-rw-r--r--cmd/podman/images/trust_set.go26
-rw-r--r--cmd/podman/machine/start.go13
-rw-r--r--cmd/podman/manifest/add.go2
-rw-r--r--cmd/podman/play/kube.go15
-rw-r--r--cmd/podman/utils/alias.go11
13 files changed, 124 insertions, 22 deletions
diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index d496ae308..64d1956eb 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -277,7 +277,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
createFlags.StringSliceVar(
&cf.GroupAdd,
groupAddFlagName, []string{},
- "Add additional groups to the primary container process. 'keep-groups' allows container processes to use suplementary groups.",
+ "Add additional groups to the primary container process. 'keep-groups' allows container processes to use supplementary groups.",
)
_ = cmd.RegisterFlagCompletionFunc(groupAddFlagName, completion.AutocompleteNone)
@@ -651,7 +651,7 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
createFlags.UintVar(
&cf.StopTimeout,
stopTimeoutFlagName, containerConfig.Engine.StopTimeout,
- "Timeout (in seconds) to stop a container. Default is 10",
+ "Timeout (in seconds) that containers stopped by user command have to exit. If exceeded, the container will be forcibly stopped via SIGKILL.",
)
_ = cmd.RegisterFlagCompletionFunc(stopTimeoutFlagName, completion.AutocompleteNone)
@@ -697,6 +697,14 @@ func DefineCreateFlags(cmd *cobra.Command, cf *ContainerCLIOpts) {
)
_ = cmd.RegisterFlagCompletionFunc(systemdFlagName, AutocompleteSystemdFlag)
+ timeoutFlagName := "timeout"
+ createFlags.UintVar(
+ &cf.Timeout,
+ timeoutFlagName, 0,
+ "Maximum length of time a container is allowed to run. The container will be killed automatically after the time expires.",
+ )
+ _ = cmd.RegisterFlagCompletionFunc(timeoutFlagName, completion.AutocompleteNone)
+
tmpfsFlagName := "tmpfs"
createFlags.StringArrayVar(
&cf.TmpFS,
diff --git a/cmd/podman/common/create_opts.go b/cmd/podman/common/create_opts.go
index 983b9e5ca..77ac781a5 100644
--- a/cmd/podman/common/create_opts.go
+++ b/cmd/podman/common/create_opts.go
@@ -108,6 +108,7 @@ type ContainerCLIOpts struct {
SubGIDName string
Sysctl []string
Systemd string
+ Timeout uint
TmpFS []string
TTY bool
Timezone string
@@ -301,6 +302,11 @@ func ContainerCreateToContainerCLIOpts(cc handlers.CreateContainerConfig, cgroup
staticIP := net.ParseIP(ep.IPAddress)
netInfo.StaticIP = &staticIP
}
+ // if IPAMConfig.IPv4Address is provided
+ if ep.IPAMConfig != nil && ep.IPAMConfig.IPv4Address != "" {
+ staticIP := net.ParseIP(ep.IPAMConfig.IPv4Address)
+ netInfo.StaticIP = &staticIP
+ }
// If MAC address is provided
if len(ep.MacAddress) > 0 {
staticMac, err := net.ParseMAC(ep.MacAddress)
diff --git a/cmd/podman/common/createparse.go b/cmd/podman/common/createparse.go
index 818cd0bbd..dcef1a151 100644
--- a/cmd/podman/common/createparse.go
+++ b/cmd/podman/common/createparse.go
@@ -1,7 +1,7 @@
package common
import (
- "github.com/containers/podman/v3/pkg/util"
+ "github.com/containers/common/pkg/config"
"github.com/pkg/errors"
)
@@ -13,7 +13,7 @@ func (c *ContainerCLIOpts) validate() error {
return errors.Errorf(`the --rm option conflicts with --restart, when the restartPolicy is not "" and "no"`)
}
- if _, err := util.ValidatePullType(c.Pull); err != nil {
+ if _, err := config.ParsePullPolicy(c.Pull); err != nil {
return err
}
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index ce7ca2b4b..5dc2ec864 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -540,7 +540,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
return fmt.Errorf("invalid systempaths option %q, only `unconfined` is supported", con[1])
}
case "unmask":
- s.ContainerSecurityConfig.Unmask = append(s.ContainerSecurityConfig.Unmask, strings.Split(con[1], ":")...)
+ s.ContainerSecurityConfig.Unmask = append(s.ContainerSecurityConfig.Unmask, con[1:]...)
default:
return fmt.Errorf("invalid --security-opt 2: %q", opt)
}
@@ -646,9 +646,11 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
s.Remove = c.Rm
s.StopTimeout = &c.StopTimeout
+ s.Timeout = c.Timeout
s.Timezone = c.Timezone
s.Umask = c.Umask
s.PidFile = c.PidFile
+ s.Volatile = c.Rm
return nil
}
diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go
index 3f495e19b..f06869c4e 100644
--- a/cmd/podman/containers/create.go
+++ b/cmd/podman/containers/create.go
@@ -8,15 +8,15 @@ import (
"strings"
"github.com/containers/common/pkg/config"
- "github.com/containers/image/v5/storage"
+ storageTransport "github.com/containers/image/v5/storage"
"github.com/containers/image/v5/transports/alltransports"
"github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
"github.com/containers/podman/v3/cmd/podman/utils"
- "github.com/containers/podman/v3/libpod/define"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/specgen"
"github.com/containers/podman/v3/pkg/util"
+ "github.com/containers/storage"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
@@ -238,6 +238,8 @@ func createInit(c *cobra.Command) error {
return nil
}
+// TODO: we should let the backend take care of the pull policy (which it
+// does!). The code below is at risk of causing regression and code divergence.
func pullImage(imageName string) (string, error) {
pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull)
if err != nil {
@@ -252,7 +254,7 @@ func pullImage(imageName string) (string, error) {
// Assume we specified a local image without the explicit storage transport.
fallthrough
- case imageRef.Transport().Name() == storage.Transport.Name():
+ case imageRef.Transport().Name() == storageTransport.Transport.Name():
br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName)
if err != nil {
return "", err
@@ -272,15 +274,15 @@ func pullImage(imageName string) (string, error) {
}
}
- if pullPolicy != config.PullImageAlways {
+ if pullPolicy != config.PullPolicyAlways {
logrus.Info("--platform --arch and --os causes the pull policy to be \"always\"")
- pullPolicy = config.PullImageAlways
+ pullPolicy = config.PullPolicyAlways
}
}
- if imageMissing || pullPolicy == config.PullImageAlways {
- if pullPolicy == config.PullImageNever {
- return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName)
+ if imageMissing || pullPolicy == config.PullPolicyAlways {
+ if pullPolicy == config.PullPolicyNever {
+ return "", errors.Wrap(storage.ErrImageUnknown, imageName)
}
pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{
Authfile: cliVals.Authfile,
diff --git a/cmd/podman/containers/start.go b/cmd/podman/containers/start.go
index 9b358db74..dcd1eca82 100644
--- a/cmd/podman/containers/start.go
+++ b/cmd/podman/containers/start.go
@@ -3,6 +3,7 @@ package containers
import (
"fmt"
"os"
+ "strings"
"github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
@@ -42,7 +43,9 @@ var (
)
var (
- startOptions entities.ContainerStartOptions
+ startOptions = entities.ContainerStartOptions{
+ Filters: make(map[string][]string),
+ }
)
func startFlags(cmd *cobra.Command) {
@@ -56,6 +59,10 @@ func startFlags(cmd *cobra.Command) {
flags.BoolVarP(&startOptions.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached")
flags.BoolVar(&startOptions.SigProxy, "sig-proxy", false, "Proxy received signals to the process (default true if attaching, false otherwise)")
+ flags.StringSliceVarP(&filters, "filter", "f", []string{}, "Filter output based on conditions given")
+ _ = cmd.RegisterFlagCompletionFunc("filter", common.AutocompletePsFilters)
+
+ flags.BoolVar(&startOptions.All, "all", false, "Start all containers regardless of their state or configuration")
if registry.IsRemote() {
_ = flags.MarkHidden("sig-proxy")
@@ -79,7 +86,7 @@ func init() {
}
func validateStart(cmd *cobra.Command, args []string) error {
- if len(args) == 0 && !startOptions.Latest {
+ if len(args) == 0 && !startOptions.Latest && !startOptions.All {
return errors.New("start requires at least one argument")
}
if len(args) > 0 && startOptions.Latest {
@@ -88,6 +95,12 @@ func validateStart(cmd *cobra.Command, args []string) error {
if len(args) > 1 && startOptions.Attach {
return errors.Errorf("you cannot start and attach multiple containers at once")
}
+ if (len(args) > 0 || startOptions.Latest) && startOptions.All {
+ return errors.Errorf("either start all containers or the container(s) provided in the arguments")
+ }
+ if startOptions.Attach && startOptions.All {
+ return errors.Errorf("you cannot start and attach all containers at once")
+ }
return nil
}
@@ -108,7 +121,18 @@ func start(cmd *cobra.Command, args []string) error {
startOptions.Stdout = os.Stdout
}
- responses, err := registry.ContainerEngine().ContainerStart(registry.GetContext(), args, startOptions)
+ var containers []string = args
+ if len(filters) > 0 {
+ for _, f := range filters {
+ split := strings.SplitN(f, "=", 2)
+ if len(split) == 1 {
+ return errors.Errorf("invalid filter %q", f)
+ }
+ startOptions.Filters[split[0]] = append(startOptions.Filters[split[0]], split[1])
+ }
+ }
+
+ responses, err := registry.ContainerEngine().ContainerStart(registry.GetContext(), containers, startOptions)
if err != nil {
return err
}
diff --git a/cmd/podman/containers/stop.go b/cmd/podman/containers/stop.go
index bed45f374..62ce9b036 100644
--- a/cmd/podman/containers/stop.go
+++ b/cmd/podman/containers/stop.go
@@ -72,7 +72,8 @@ func stopFlags(cmd *cobra.Command) {
_ = flags.MarkHidden("cidfile")
_ = flags.MarkHidden("ignore")
}
- flags.SetNormalizeFunc(utils.AliasFlags)
+
+ flags.SetNormalizeFunc(utils.TimeoutAliasFlags)
}
func init() {
diff --git a/cmd/podman/generate/systemd.go b/cmd/podman/generate/systemd.go
index 72b2e6335..8a8f5016a 100644
--- a/cmd/podman/generate/systemd.go
+++ b/cmd/podman/generate/systemd.go
@@ -74,7 +74,7 @@ func init() {
flags.StringVar(&format, formatFlagName, "", "Print the created units in specified format (json)")
_ = systemdCmd.RegisterFlagCompletionFunc(formatFlagName, common.AutocompleteFormat(nil))
- flags.SetNormalizeFunc(utils.AliasFlags)
+ flags.SetNormalizeFunc(utils.TimeoutAliasFlags)
}
func systemd(cmd *cobra.Command, args []string) error {
diff --git a/cmd/podman/images/trust_set.go b/cmd/podman/images/trust_set.go
index 6333512d9..c192669a9 100644
--- a/cmd/podman/images/trust_set.go
+++ b/cmd/podman/images/trust_set.go
@@ -1,10 +1,12 @@
package images
import (
+ "net/url"
+ "regexp"
+
"github.com/containers/common/pkg/completion"
"github.com/containers/podman/v3/cmd/podman/common"
"github.com/containers/podman/v3/cmd/podman/registry"
- "github.com/containers/podman/v3/libpod/image"
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
@@ -53,7 +55,7 @@ File(s) must exist before using this command`)
func setTrust(cmd *cobra.Command, args []string) error {
validTrustTypes := []string{"accept", "insecureAcceptAnything", "reject", "signedBy"}
- valid, err := image.IsValidImageURI(args[0])
+ valid, err := isValidImageURI(args[0])
if err != nil || !valid {
return err
}
@@ -63,3 +65,23 @@ func setTrust(cmd *cobra.Command, args []string) error {
}
return registry.ImageEngine().SetTrust(registry.Context(), args, setOptions)
}
+
+// isValidImageURI checks if image name has valid format
+func isValidImageURI(imguri string) (bool, error) {
+ uri := "http://" + imguri
+ u, err := url.Parse(uri)
+ if err != nil {
+ return false, errors.Wrapf(err, "invalid image uri: %s", imguri)
+ }
+ reg := regexp.MustCompile(`^[a-zA-Z0-9-_\.]+\/?:?[0-9]*[a-z0-9-\/:]*$`)
+ ret := reg.FindAllString(u.Host, -1)
+ if len(ret) == 0 {
+ return false, errors.Wrapf(err, "invalid image uri: %s", imguri)
+ }
+ reg = regexp.MustCompile(`^[a-z0-9-:\./]*$`)
+ ret = reg.FindAllString(u.Fragment, -1)
+ if len(ret) == 0 {
+ return false, errors.Wrapf(err, "invalid image uri: %s", imguri)
+ }
+ return true, nil
+}
diff --git a/cmd/podman/machine/start.go b/cmd/podman/machine/start.go
index d06e04f41..4334cfc0f 100644
--- a/cmd/podman/machine/start.go
+++ b/cmd/podman/machine/start.go
@@ -7,6 +7,7 @@ import (
"github.com/containers/podman/v3/pkg/domain/entities"
"github.com/containers/podman/v3/pkg/machine"
"github.com/containers/podman/v3/pkg/machine/qemu"
+ "github.com/pkg/errors"
"github.com/spf13/cobra"
)
@@ -40,6 +41,18 @@ func start(cmd *cobra.Command, args []string) error {
if len(args) > 0 && len(args[0]) > 0 {
vmName = args[0]
}
+
+ // We only have qemu VM's for now
+ active, activeName, err := qemu.CheckActiveVM()
+ if err != nil {
+ return err
+ }
+ if active {
+ if vmName == activeName {
+ return errors.Wrapf(machine.ErrVMAlreadyRunning, "cannot start VM %s", vmName)
+ }
+ return errors.Wrapf(machine.ErrMultipleActiveVM, "cannot start VM %s. VM %s is currently running", vmName, activeName)
+ }
switch vmType {
default:
vm, err = qemu.LoadVMByName(vmName)
diff --git a/cmd/podman/manifest/add.go b/cmd/podman/manifest/add.go
index 82e155909..2499dc2e8 100644
--- a/cmd/podman/manifest/add.go
+++ b/cmd/podman/manifest/add.go
@@ -94,6 +94,8 @@ func add(cmd *cobra.Command, args []string) error {
return err
}
+ // FIXME: (@vrothberg) this interface confuses me a lot. Why are they
+ // not two arguments?
manifestAddOpts.Images = []string{args[1], args[0]}
if manifestAddOpts.CredentialsCLI != "" {
diff --git a/cmd/podman/play/kube.go b/cmd/podman/play/kube.go
index 30d6d86f0..fe382bdfb 100644
--- a/cmd/podman/play/kube.go
+++ b/cmd/podman/play/kube.go
@@ -2,6 +2,7 @@ package pods
import (
"fmt"
+ "net"
"os"
"github.com/containers/common/pkg/auth"
@@ -27,6 +28,7 @@ type playKubeOptionsWrapper struct {
}
var (
+ macs []string
// https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
defaultSeccompRoot = "/var/lib/kubelet/seccomp"
kubeOptions = playKubeOptionsWrapper{}
@@ -61,6 +63,10 @@ func init() {
flags.StringVar(&kubeOptions.CredentialsCLI, credsFlagName, "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
_ = kubeCmd.RegisterFlagCompletionFunc(credsFlagName, completion.AutocompleteNone)
+ staticMACFlagName := "mac-address"
+ flags.StringSliceVar(&macs, staticMACFlagName, nil, "Static MAC addresses to assign to the pods")
+ _ = kubeCmd.RegisterFlagCompletionFunc(staticMACFlagName, completion.AutocompleteNone)
+
networkFlagName := "network"
flags.StringVar(&kubeOptions.Network, networkFlagName, "", "Connect pod to CNI network(s)")
_ = kubeCmd.RegisterFlagCompletionFunc(networkFlagName, common.AutocompleteNetworkFlag)
@@ -128,6 +134,15 @@ func kube(cmd *cobra.Command, args []string) error {
if yamlfile == "-" {
yamlfile = "/dev/stdin"
}
+
+ for _, mac := range macs {
+ m, err := net.ParseMAC(mac)
+ if err != nil {
+ return err
+ }
+ kubeOptions.StaticMACs = append(kubeOptions.StaticMACs, m)
+ }
+
report, err := registry.ContainerEngine().PlayKube(registry.GetContext(), yamlfile, kubeOptions.PlayKubeOptions)
if err != nil {
return err
diff --git a/cmd/podman/utils/alias.go b/cmd/podman/utils/alias.go
index 8d089920b..306e610d9 100644
--- a/cmd/podman/utils/alias.go
+++ b/cmd/podman/utils/alias.go
@@ -17,8 +17,6 @@ func AliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName {
name = "health-timeout"
case "net":
name = "network"
- case "timeout":
- name = "time"
case "namespace":
name = "ns"
case "storage":
@@ -34,3 +32,12 @@ func AliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName {
}
return pflag.NormalizedName(name)
}
+
+// TimeoutAliasFlags is a function to handle backwards compatibility with old timeout flags
+func TimeoutAliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName {
+ switch name {
+ case "timeout":
+ name = "time"
+ }
+ return pflag.NormalizedName(name)
+}