diff options
Diffstat (limited to 'cmd/podman')
31 files changed, 484 insertions, 1595 deletions
diff --git a/cmd/podman/attach.go b/cmd/podman/attach.go index 7d32c57af..6f08cc396 100644 --- a/cmd/podman/attach.go +++ b/cmd/podman/attach.go @@ -2,7 +2,6 @@ package main import ( "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/adapter" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -32,10 +31,7 @@ func init() { attachCommand.SetHelpTemplate(HelpTemplate()) attachCommand.SetUsageTemplate(UsageTemplate()) flags := attachCommand.Flags() - flags.StringVar(&attachCommand.DetachKeys, "detach-keys", define.DefaultDetachKeys, "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`") - // Clear the default, the value specified in the config file should have the - // priority - attachCommand.DetachKeys = "" + flags.StringVar(&attachCommand.DetachKeys, "detach-keys", getDefaultDetachKeys(), "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`") flags.BoolVar(&attachCommand.NoStdin, "no-stdin", false, "Do not attach STDIN. The default is false") flags.BoolVar(&attachCommand.SigProxy, "sig-proxy", true, "Proxy received signals to the process") flags.BoolVarP(&attachCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of") diff --git a/cmd/podman/build.go b/cmd/podman/build.go index acd402fdd..04bc56ab0 100644 --- a/cmd/podman/build.go +++ b/cmd/podman/build.go @@ -9,9 +9,9 @@ import ( "github.com/containers/buildah" "github.com/containers/buildah/imagebuildah" buildahcli "github.com/containers/buildah/pkg/cli" - "github.com/containers/image/v5/types" + "github.com/containers/buildah/pkg/parse" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/adapter" "github.com/docker/go-units" "github.com/opencontainers/runtime-spec/specs-go" @@ -86,6 +86,7 @@ func initBuild() { fromAndBugFlags, err := buildahcli.GetFromAndBudFlags(&fromAndBudValues, &userNSValues, &namespaceValues) if err != nil { logrus.Errorf("failed to setup podman build flags: %v", err) + os.Exit(1) } flags.AddFlagSet(&budFlags) @@ -267,14 +268,15 @@ func buildCmd(c *cliconfig.BuildValues) error { if err != nil { return err } - if conf != nil && conf.CgroupManager == define.SystemdCgroupsManager { + if conf != nil && conf.Engine.CgroupManager == config.SystemdCgroupsManager { runtimeFlags = append(runtimeFlags, "--systemd-cgroup") } // end from buildah defer runtime.DeferredShutdown(false) - var stdout, stderr, reporter *os.File + var stdin, stdout, stderr, reporter *os.File + stdin = os.Stdin stdout = os.Stdout stderr = os.Stderr reporter = os.Stderr @@ -310,6 +312,17 @@ func buildCmd(c *cliconfig.BuildValues) error { return err } + networkPolicy := buildah.NetworkDefault + for _, ns := range nsValues { + if ns.Name == "none" { + networkPolicy = buildah.NetworkDisabled + break + } else if !filepath.IsAbs(ns.Path) { + networkPolicy = buildah.NetworkEnabled + break + } + } + buildOpts := buildah.CommonBuildOptions{ AddHost: c.AddHost, CgroupParent: c.CgroupParent, @@ -341,21 +354,49 @@ func buildCmd(c *cliconfig.BuildValues) error { layers = false } + compression := imagebuildah.Gzip + if c.DisableCompression { + compression = imagebuildah.Uncompressed + } + + isolation, err := parse.IsolationOption(c.Isolation) + if err != nil { + return errors.Wrapf(err, "error parsing ID mapping options") + } + + usernsOption, idmappingOptions, err := parse.IDMappingOptions(c.PodmanCommand.Command, isolation) + if err != nil { + return errors.Wrapf(err, "error parsing ID mapping options") + } + nsValues = append(nsValues, usernsOption...) + + systemContext, err := parse.SystemContextFromOptions(c.PodmanCommand.Command) + if err != nil { + return errors.Wrapf(err, "error building system context") + } + options := imagebuildah.BuildOptions{ - Architecture: c.Arch, - CommonBuildOpts: &buildOpts, + AddCapabilities: c.CapAdd, AdditionalTags: tags, Annotations: c.Annotation, + Architecture: c.Arch, Args: args, + BlobDirectory: c.BlobCache, CNIConfigDir: c.CNIConfigDir, CNIPluginPath: c.CNIPlugInPath, - Compression: imagebuildah.Gzip, + CommonBuildOpts: &buildOpts, + Compression: compression, + ConfigureNetwork: networkPolicy, ContextDirectory: contextDir, DefaultMountsFilePath: c.GlobalFlags.DefaultMountsFile, + Devices: c.Devices, + DropCapabilities: c.CapDrop, Err: stderr, - In: os.Stdin, ForceRmIntermediateCtrs: c.ForceRm, + IDMappingOptions: idmappingOptions, IIDFile: c.Iidfile, + In: stdin, + Isolation: isolation, Labels: c.Label, Layers: layers, NamespaceOptions: nsValues, @@ -369,13 +410,12 @@ func buildCmd(c *cliconfig.BuildValues) error { RemoveIntermediateCtrs: c.Rm, ReportWriter: reporter, RuntimeArgs: runtimeFlags, + SignBy: c.SignBy, SignaturePolicyPath: c.SignaturePolicy, Squash: c.Squash, - SystemContext: &types.SystemContext{ - OSChoice: c.OverrideOS, - ArchitectureChoice: c.OverrideArch, - }, - Target: c.Target, + SystemContext: systemContext, + Target: c.Target, + TransientMounts: c.Volumes, } _, _, err = runtime.Build(getContext(), c, options, containerfiles) return err diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go index f96140fd2..6d98aaf0e 100644 --- a/cmd/podman/cliconfig/config.go +++ b/cmd/podman/cliconfig/config.go @@ -2,7 +2,10 @@ package cliconfig import ( "net" + "os" + "github.com/containers/common/pkg/config" + "github.com/sirupsen/logrus" "github.com/spf13/cobra" ) @@ -171,7 +174,7 @@ type GenerateSystemdValues struct { New bool Files bool RestartPolicy string - StopTimeout int + StopTimeout uint } type HistoryValues struct { @@ -701,3 +704,14 @@ type SystemDfValues struct { type UntagValues struct { PodmanCommand } + +func GetDefaultConfig() *config.Config { + var err error + conf, err := config.NewConfig("") + conf.CheckCgroupsAndAdjustConfig() + if err != nil { + logrus.Errorf("Error loading container config %v\n", err) + os.Exit(1) + } + return conf +} diff --git a/cmd/podman/cliconfig/defaults.go b/cmd/podman/cliconfig/defaults.go index ce695d153..3082207e0 100644 --- a/cmd/podman/cliconfig/defaults.go +++ b/cmd/podman/cliconfig/defaults.go @@ -11,6 +11,4 @@ var ( DefaultHealthCheckTimeout = "30s" // DefaultImageVolume default value DefaultImageVolume = "bind" - // DefaultShmSize default value - DefaultShmSize = "65536k" ) diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go index dfa04315e..2ee31b643 100644 --- a/cmd/podman/commands.go +++ b/cmd/podman/commands.go @@ -3,6 +3,15 @@ package main import ( + "fmt" + "os" + + "github.com/containers/buildah/pkg/parse" + "github.com/containers/libpod/pkg/apparmor" + "github.com/containers/libpod/pkg/cgroups" + "github.com/containers/libpod/pkg/rootless" + "github.com/containers/libpod/pkg/sysinfo" + "github.com/opencontainers/selinux/go-selinux" "github.com/spf13/cobra" ) @@ -81,3 +90,107 @@ func getSystemSubCommands() []*cobra.Command { return systemCommands } + +func getDefaultSecurityOptions() []string { + securityOpts := []string{} + if defaultContainerConfig.Containers.SeccompProfile != "" && defaultContainerConfig.Containers.SeccompProfile != parse.SeccompDefaultPath { + securityOpts = append(securityOpts, fmt.Sprintf("seccomp=%s", defaultContainerConfig.Containers.SeccompProfile)) + } + if apparmor.IsEnabled() && defaultContainerConfig.Containers.ApparmorProfile != "" { + securityOpts = append(securityOpts, fmt.Sprintf("apparmor=%s", defaultContainerConfig.Containers.ApparmorProfile)) + } + if selinux.GetEnabled() && !defaultContainerConfig.Containers.EnableLabeling { + securityOpts = append(securityOpts, fmt.Sprintf("label=%s", selinux.DisableSecOpt()[0])) + } + return securityOpts +} + +// getDefaultSysctls +func getDefaultSysctls() []string { + return defaultContainerConfig.Containers.DefaultSysctls +} + +func getDefaultVolumes() []string { + return defaultContainerConfig.Containers.Volumes +} + +func getDefaultDevices() []string { + return defaultContainerConfig.Containers.Devices +} + +func getDefaultDNSServers() []string { + return defaultContainerConfig.Containers.DNSServers +} + +func getDefaultDNSSearches() []string { + return defaultContainerConfig.Containers.DNSSearches +} + +func getDefaultDNSOptions() []string { + return defaultContainerConfig.Containers.DNSOptions +} + +func getDefaultEnv() []string { + return defaultContainerConfig.Containers.Env +} + +func getDefaultInitPath() string { + return defaultContainerConfig.Containers.InitPath +} + +func getDefaultIPCNS() string { + return defaultContainerConfig.Containers.IPCNS +} + +func getDefaultPidNS() string { + return defaultContainerConfig.Containers.PidNS +} + +func getDefaultNetNS() string { + if defaultContainerConfig.Containers.NetNS == "private" && rootless.IsRootless() { + return "slirp4netns" + } + return defaultContainerConfig.Containers.NetNS +} + +func getDefaultCgroupNS() string { + return defaultContainerConfig.Containers.CgroupNS +} + +func getDefaultUTSNS() string { + return defaultContainerConfig.Containers.UTSNS +} + +func getDefaultShmSize() string { + return defaultContainerConfig.Containers.ShmSize +} + +func getDefaultUlimits() []string { + return defaultContainerConfig.Containers.DefaultUlimits +} + +func getDefaultUserNS() string { + userns := os.Getenv("PODMAN_USERNS") + if userns != "" { + return userns + } + return defaultContainerConfig.Containers.UserNS +} + +func getDefaultPidsLimit() int64 { + if rootless.IsRootless() { + cgroup2, _ := cgroups.IsCgroup2UnifiedMode() + if cgroup2 { + return defaultContainerConfig.Containers.PidsLimit + } + } + return sysinfo.GetDefaultPidsLimit() +} + +func getDefaultPidsDescription() string { + return "Tune container pids limit (set 0 for unlimited)" +} + +func getDefaultDetachKeys() string { + return defaultContainerConfig.Engine.DetachKeys +} diff --git a/cmd/podman/commands_remoteclient.go b/cmd/podman/commands_remoteclient.go index a278761c1..ef523ffb1 100644 --- a/cmd/podman/commands_remoteclient.go +++ b/cmd/podman/commands_remoteclient.go @@ -47,3 +47,89 @@ func getTrustSubCommands() []*cobra.Command { func getSystemSubCommands() []*cobra.Command { return []*cobra.Command{} } + +func getDefaultSecurityOptions() []string { + return []string{} +} + +// getDefaultSysctls +func getDefaultSysctls() []string { + return []string{} +} + +// getDefaultDevices +func getDefaultDevices() []string { + return []string{} +} + +func getDefaultVolumes() []string { + return []string{} +} + +func getDefaultDNSServers() []string { + return []string{} +} + +func getDefaultDNSSearches() []string { + return []string{} +} + +func getDefaultDNSOptions() []string { + return []string{} +} + +func getDefaultEnv() []string { + return []string{} +} + +func getDefaultInitPath() string { + return "" +} + +func getDefaultIPCNS() string { + return "" +} + +func getDefaultPidNS() string { + return "" +} + +func getDefaultNetNS() string { + return "" +} + +func getDefaultCgroupNS() string { + return "" +} + +func getDefaultUTSNS() string { + return "" +} + +func getDefaultShmSize() string { + return "" +} + +func getDefaultUlimits() []string { + return []string{} +} + +func getDefaultUserNS() string { + return "" +} + +func getDefaultPidsLimit() int64 { + return -1 +} + +func getDefaultPidsDescription() string { + return "Tune container pids limit (set 0 for unlimited, -1 for server defaults)" +} + +func getDefaultShareNetwork() string { + return "" +} + +func getDefaultDetachKeys() string { + return "" +} diff --git a/cmd/podman/common.go b/cmd/podman/common.go index 4eeb09d42..9aa9a63fe 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -3,15 +3,11 @@ package main import ( "context" "fmt" - "os" "strings" "github.com/containers/buildah" buildahcli "github.com/containers/buildah/pkg/cli" "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/libpod/define" - "github.com/containers/libpod/pkg/rootless" - "github.com/containers/libpod/pkg/sysinfo" "github.com/containers/libpod/pkg/util/camelcase" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" @@ -110,29 +106,22 @@ func getContext() context.Context { return context.TODO() } -func getDefaultNetwork() string { - if rootless.IsRootless() { - return "slirp4netns" - } - return "bridge" -} - func getNetFlags() *pflag.FlagSet { netFlags := pflag.FlagSet{} netFlags.StringSlice( "add-host", []string{}, - "Add a custom host-to-IP mapping (host:ip) (default [])", + "Add a custom host-to-IP mapping (host:ip)", ) netFlags.StringSlice( - "dns", []string{}, + "dns", getDefaultDNSServers(), "Set custom DNS servers", ) netFlags.StringSlice( - "dns-opt", []string{}, + "dns-opt", getDefaultDNSOptions(), "Set custom DNS options", ) netFlags.StringSlice( - "dns-search", []string{}, + "dns-search", getDefaultDNSSearches(), "Set custom DNS search domains", ) netFlags.String( @@ -144,7 +133,7 @@ func getNetFlags() *pflag.FlagSet { "Container MAC address (e.g. 92:d0:c6:0a:29:33)", ) netFlags.String( - "network", getDefaultNetwork(), + "network", getDefaultNetNS(), "Connect a container to a network", ) netFlags.StringSliceP( @@ -162,11 +151,11 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { createFlags := c.Flags() createFlags.StringSlice( "annotation", []string{}, - "Add annotations to container (key:value) (default [])", + "Add annotations to container (key:value)", ) createFlags.StringSliceP( "attach", "a", []string{}, - "Attach to STDIN, STDOUT or STDERR (default [])", + "Attach to STDIN, STDOUT or STDERR", ) createFlags.String( "authfile", buildahcli.GetDefaultAuthFile(), @@ -189,7 +178,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "Drop capabilities from the container", ) createFlags.String( - "cgroupns", "", + "cgroupns", getDefaultCgroupNS(), "cgroup namespace to use", ) createFlags.String( @@ -244,17 +233,13 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "detach", "d", false, "Run container in background and print container ID", ) - detachKeys := createFlags.String( - "detach-keys", define.DefaultDetachKeys, + createFlags.String( + "detach-keys", getDefaultDetachKeys(), "Override the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`", ) - // Clear the default, the value specified in the config file should have the - // priority - *detachKeys = "" - createFlags.StringSlice( - "device", []string{}, - "Add a host device to the container (default [])", + "device", getDefaultDevices(), + fmt.Sprintf("Add a host device to the container"), ) createFlags.StringSlice( "device-cgroup-rule", []string{}, @@ -281,7 +266,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "Overwrite the default ENTRYPOINT of the image", ) createFlags.StringArrayP( - "env", "e", []string{}, + "env", "e", getDefaultEnv(), "Set environment variables in container", ) createFlags.Bool( @@ -293,7 +278,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.StringSlice( "expose", []string{}, - "Expose a port or a range of ports (default [])", + "Expose a port or a range of ports", ) createFlags.StringSlice( "gidmap", []string{}, @@ -301,7 +286,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.StringSlice( "group-add", []string{}, - "Add additional groups to join (default [])", + "Add additional groups to join", ) createFlags.Bool( "help", false, "", @@ -343,16 +328,16 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "Run an init binary inside the container that forwards signals and reaps processes", ) createFlags.String( - "init-path", "", + "init-path", getDefaultInitPath(), // Do not use the Value field for setting the default value to determine user input (i.e., non-empty string) - fmt.Sprintf("Path to the container-init binary (default: %q)", define.DefaultInitPath), + fmt.Sprintf("Path to the container-init binary"), ) createFlags.BoolP( "interactive", "i", false, "Keep STDIN open even if not attached", ) createFlags.String( - "ipc", "", + "ipc", getDefaultIPCNS(), "IPC namespace to use", ) createFlags.String( @@ -361,11 +346,11 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.StringArrayP( "label", "l", []string{}, - "Set metadata on container (default [])", + "Set metadata on container", ) createFlags.StringSlice( "label-file", []string{}, - "Read in a line delimited file of labels (default [])", + "Read in a line delimited file of labels", ) createFlags.String( "log-driver", "", @@ -373,7 +358,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.StringSlice( "log-opt", []string{}, - "Logging driver options (default [])", + "Logging driver options", ) createFlags.StringP( "memory", "m", "", @@ -418,12 +403,12 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) markFlagHidden(createFlags, "override-os") createFlags.String( - "pid", "", + "pid", getDefaultPidNS(), "PID namespace to use", ) createFlags.Int64( - "pids-limit", sysinfo.GetDefaultPidsLimit(), - "Tune container pids limit (set 0 for unlimited)", + "pids-limit", getDefaultPidsLimit(), + getDefaultPidsDescription(), ) createFlags.String( "pod", "", @@ -466,11 +451,11 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "The first argument is not an image but the rootfs to the exploded container", ) createFlags.StringArray( - "security-opt", []string{}, - "Security Options (default [])", + "security-opt", getDefaultSecurityOptions(), + fmt.Sprintf("Security Options"), ) createFlags.String( - "shm-size", cliconfig.DefaultShmSize, + "shm-size", getDefaultShmSize(), "Size of /dev/shm "+sizeWithUnitFormat, ) createFlags.String( @@ -478,12 +463,12 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "Signal to stop a container. Default is SIGTERM", ) createFlags.Uint( - "stop-timeout", define.CtrRemoveTimeout, + "stop-timeout", defaultContainerConfig.Engine.StopTimeout, "Timeout (in seconds) to stop a container. Default is 10", ) createFlags.StringSlice( "storage-opt", []string{}, - "Storage driver options per container (default [])", + "Storage driver options per container", ) createFlags.String( "subgidname", "", @@ -495,8 +480,8 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.StringSlice( - "sysctl", []string{}, - "Sysctl options (default [])", + "sysctl", getDefaultSysctls(), + "Sysctl options", ) createFlags.String( "systemd", "true", @@ -504,7 +489,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.StringArray( "tmpfs", []string{}, - "Mount a temporary filesystem (`tmpfs`) into a container (default [])", + "Mount a temporary filesystem (`tmpfs`) into a container", ) createFlags.BoolP( "tty", "t", false, @@ -515,32 +500,32 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { "UID map to use for the user namespace", ) createFlags.StringSlice( - "ulimit", []string{}, - "Ulimit options (default [])", + "ulimit", getDefaultUlimits(), + "Ulimit options", ) createFlags.StringP( "user", "u", "", "Username or UID (format: <name|uid>[:<group|gid>])", ) createFlags.String( - "userns", os.Getenv("PODMAN_USERNS"), + "userns", getDefaultUserNS(), "User namespace to use", ) createFlags.String( - "uts", "", + "uts", getDefaultUTSNS(), "UTS namespace to use", ) createFlags.StringArray( "mount", []string{}, - "Attach a filesystem mount to the container (default [])", + "Attach a filesystem mount to the container", ) createFlags.StringArrayP( - "volume", "v", []string{}, - "Bind mount a volume into the container (default [])", + "volume", "v", getDefaultVolumes(), + "Bind mount a volume into the container", ) createFlags.StringSlice( "volumes-from", []string{}, - "Mount volumes from the specified container(s) (default [])", + "Mount volumes from the specified container(s)", ) createFlags.StringP( "workdir", "w", "", diff --git a/cmd/podman/create.go b/cmd/podman/create.go index 73d62bddb..03eb1b09f 100644 --- a/cmd/podman/create.go +++ b/cmd/podman/create.go @@ -38,7 +38,6 @@ func init() { createCommand.PodmanCommand.Command = _createCommand createCommand.SetHelpTemplate(HelpTemplate()) createCommand.SetUsageTemplate(UsageTemplate()) - getCreateFlags(&createCommand.PodmanCommand) flags := createCommand.Flags() flags.AddFlagSet(getNetFlags()) diff --git a/cmd/podman/errors_remote.go b/cmd/podman/errors_remote.go index 378f9398f..4b543ccd5 100644 --- a/cmd/podman/errors_remote.go +++ b/cmd/podman/errors_remote.go @@ -8,8 +8,8 @@ import ( "os/exec" "syscall" - "github.com/containers/libpod/cmd/podman/varlink" "github.com/containers/libpod/libpod/define" + iopodman "github.com/containers/libpod/pkg/varlink" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) diff --git a/cmd/podman/exec.go b/cmd/podman/exec.go index 6e5799396..b341ab496 100644 --- a/cmd/podman/exec.go +++ b/cmd/podman/exec.go @@ -2,7 +2,6 @@ package main import ( "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/adapter" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -35,10 +34,7 @@ func init() { execCommand.SetUsageTemplate(UsageTemplate()) flags := execCommand.Flags() flags.SetInterspersed(false) - flags.StringVar(&execCommand.DetachKeys, "detach-keys", define.DefaultDetachKeys, "Select the key sequence for detaching a container. Format is a single character [a-Z] or ctrl-<value> where <value> is one of: a-z, @, ^, [, , or _") - // Clear the default, the value specified in the config file should have the - // priority - execCommand.DetachKeys = "" + flags.StringVar(&execCommand.DetachKeys, "detach-keys", getDefaultDetachKeys(), "Select the key sequence for detaching a container. Format is a single character [a-Z] or ctrl-<value> where <value> is one of: a-z, @, ^, [, , or _") flags.StringArrayVarP(&execCommand.Env, "env", "e", []string{}, "Set environment variables") flags.StringSliceVar(&execCommand.EnvFile, "env-file", []string{}, "Read in a file of environment variables") flags.BoolVarP(&execCommand.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached") diff --git a/cmd/podman/generate_systemd.go b/cmd/podman/generate_systemd.go index a9775f9cb..fd0d13d78 100644 --- a/cmd/podman/generate_systemd.go +++ b/cmd/podman/generate_systemd.go @@ -43,9 +43,10 @@ func init() { if !remoteclient { flags.BoolVarP(&containerSystemdCommand.Files, "files", "f", false, "generate files instead of printing to stdout") } - flags.IntVarP(&containerSystemdCommand.StopTimeout, "timeout", "t", -1, "stop timeout override") + flags.UintVarP(&containerSystemdCommand.StopTimeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "stop timeout override") flags.StringVar(&containerSystemdCommand.RestartPolicy, "restart-policy", "on-failure", "applicable systemd restart-policy") flags.BoolVarP(&containerSystemdCommand.New, "new", "", false, "create a new container instead of starting an existing one") + flags.SetNormalizeFunc(aliasFlags) } func generateSystemdCmd(c *cliconfig.GenerateSystemdValues) error { @@ -55,11 +56,6 @@ func generateSystemdCmd(c *cliconfig.GenerateSystemdValues) error { } defer runtime.DeferredShutdown(false) - // User input stop timeout must be 0 or greater - if c.Flag("timeout").Changed && c.StopTimeout < 0 { - return errors.New("timeout value must be 0 or greater") - } - unit, err := runtime.GenerateSystemd(c) if err != nil { return err diff --git a/cmd/podman/libpodruntime/runtime.go b/cmd/podman/libpodruntime/runtime.go index e9dc87de1..8dbc4009b 100644 --- a/cmd/podman/libpodruntime/runtime.go +++ b/cmd/podman/libpodruntime/runtime.go @@ -211,8 +211,6 @@ func getRuntime(ctx context.Context, c *cliconfig.PodmanCommand, opts *runtimeOp if !opts.withFDS { options = append(options, libpod.WithEnableSDNotify()) } - if c.Flags().Changed("config") { - return libpod.NewRuntimeFromConfig(ctx, c.GlobalFlags.Config, options...) - } + return libpod.NewRuntime(ctx, options...) } diff --git a/cmd/podman/login.go b/cmd/podman/login.go index e09117833..1539e3a79 100644 --- a/cmd/podman/login.go +++ b/cmd/podman/login.go @@ -95,17 +95,19 @@ func loginCmd(c *cliconfig.LoginValues) error { } // username of user logged in to server (if one exists) - userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server) + authConfig, err := config.GetCredentials(sc, server) // Do not return error if no credentials found in credHelpers, new credentials will be stored by config.SetAuthentication if err != nil && err != credentials.NewErrCredentialsNotFound() { return errors.Wrapf(err, "error reading auth file") } - + if authConfig.IdentityToken != "" { + return errors.Errorf("currently logged in, auth file contains an Identity token") + } if c.Flag("get-login").Changed { - if userFromAuthFile == "" { + if authConfig.Username == "" { return errors.Errorf("not logged into %s", server) } - fmt.Printf("%s\n", userFromAuthFile) + fmt.Printf("%s\n", authConfig.Username) return nil } @@ -129,16 +131,16 @@ func loginCmd(c *cliconfig.LoginValues) error { } // If no username and no password is specified, try to use existing ones. - if c.Username == "" && password == "" && userFromAuthFile != "" && passFromAuthFile != "" { + if c.Username == "" && password == "" && authConfig.Username == "" && authConfig.Password != "" { fmt.Println("Authenticating with existing credentials...") - if err := docker.CheckAuth(ctx, sc, userFromAuthFile, passFromAuthFile, server); err == nil { + if err := docker.CheckAuth(ctx, sc, authConfig.Username, authConfig.Password, server); err == nil { fmt.Println("Existing credentials are valid. Already logged in to", server) return nil } fmt.Println("Existing credentials are invalid, please enter valid username and password") } - username, password, err := getUserAndPass(c.Username, password, userFromAuthFile) + username, password, err := getUserAndPass(c.Username, password, authConfig.Username) if err != nil { return errors.Wrapf(err, "error getting username and password") } diff --git a/cmd/podman/logout.go b/cmd/podman/logout.go index dec6822cf..a541438c3 100644 --- a/cmd/podman/logout.go +++ b/cmd/podman/logout.go @@ -87,12 +87,12 @@ func logoutCmd(c *cliconfig.LogoutValues) error { return nil case config.ErrNotLoggedIn: // username of user logged in to server (if one exists) - userFromAuthFile, passFromAuthFile, err := config.GetAuthentication(sc, server) + authConfig, err := config.GetCredentials(sc, server) if err != nil { return errors.Wrapf(err, "error reading auth file") } - islogin := docker.CheckAuth(getContext(), sc, userFromAuthFile, passFromAuthFile, server) - if userFromAuthFile != "" && passFromAuthFile != "" && islogin == nil { + islogin := docker.CheckAuth(getContext(), sc, authConfig.Username, authConfig.Password, server) + if authConfig.IdentityToken != "" && authConfig.Username != "" && authConfig.Password != "" && islogin == nil { fmt.Printf("Not logged into %s with podman. Existing credentials were established via docker login. Please use docker logout instead.\n", server) return nil } diff --git a/cmd/podman/main.go b/cmd/podman/main.go index a2acbbf53..5134448da 100644 --- a/cmd/podman/main.go +++ b/cmd/podman/main.go @@ -6,6 +6,7 @@ import ( "os" "path" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/libpod" "github.com/containers/libpod/libpod/define" @@ -81,7 +82,10 @@ var rootCmd = &cobra.Command{ SilenceErrors: true, } -var MainGlobalOpts cliconfig.MainFlags +var ( + MainGlobalOpts cliconfig.MainFlags + defaultContainerConfig = getDefaultContainerConfig() +) func initCobra() { cobra.OnInitialize(initConfig) @@ -175,3 +179,12 @@ func main() { CheckForRegistries() os.Exit(exitCode) } + +func getDefaultContainerConfig() *config.Config { + defaultContainerConfig, err := config.Default() + if err != nil { + logrus.Error(err) + os.Exit(1) + } + return defaultContainerConfig +} diff --git a/cmd/podman/main_local.go b/cmd/podman/main_local.go index 79b5e5af7..23b3f5ae7 100644 --- a/cmd/podman/main_local.go +++ b/cmd/podman/main_local.go @@ -14,9 +14,9 @@ import ( "strings" "syscall" + "github.com/containers/common/pkg/config" "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/libpodruntime" - "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/cgroups" "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/tracing" @@ -32,9 +32,11 @@ import ( const remote = false func init() { - cgroupManager := define.SystemdCgroupsManager + cgroupManager := defaultContainerConfig.Engine.CgroupManager cgroupHelp := `Cgroup manager to use ("cgroupfs"|"systemd")` cgroupv2, _ := cgroups.IsCgroup2UnifiedMode() + + defaultContainerConfig = cliconfig.GetDefaultConfig() if rootless.IsRootless() && !cgroupv2 { cgroupManager = "" cgroupHelp = "Cgroup manager is not supported in rootless mode" @@ -42,25 +44,27 @@ func init() { rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CGroupManager, "cgroup-manager", cgroupManager, cgroupHelp) // -c is deprecated due to conflict with -c on subcommands rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CpuProfile, "cpu-profile", "", "Path for the cpu profiling results") - rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Config, "config", "", "Path of a libpod config file detailing container server configuration options") rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.ConmonPath, "conmon", "", "Path of the conmon binary") - rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.NetworkCmdPath, "network-cmd-path", "", "Path to the command for configuring the network") - rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CniConfigDir, "cni-config-dir", "", "Path of the configuration directory for CNI networks") - rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.DefaultMountsFile, "default-mounts-file", "", "Path to default mounts file") + rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.NetworkCmdPath, "network-cmd-path", defaultContainerConfig.Engine.NetworkCmdPath, "Path to the command for configuring the network") + rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.CniConfigDir, "cni-config-dir", getCNIPluginsDir(), "Path of the configuration directory for CNI networks") + rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.DefaultMountsFile, "default-mounts-file", defaultContainerConfig.Containers.DefaultMountsFile, "Path to default mounts file") + if err := rootCmd.PersistentFlags().MarkHidden("cpu-profile"); err != nil { + logrus.Error("unable to mark default-mounts-file flag as hidden") + } if err := rootCmd.PersistentFlags().MarkHidden("default-mounts-file"); err != nil { logrus.Error("unable to mark default-mounts-file flag as hidden") } - rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.EventsBackend, "events-backend", "", `Events backend to use ("file"|"journald"|"none")`) + rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.EventsBackend, "events-backend", defaultContainerConfig.Engine.EventsLogger, `Events backend to use ("file"|"journald"|"none")`) // Override default --help information of `--help` global flag var dummyHelp bool rootCmd.PersistentFlags().BoolVar(&dummyHelp, "help", false, "Help for podman") - rootCmd.PersistentFlags().StringSliceVar(&MainGlobalOpts.HooksDir, "hooks-dir", []string{}, "Set the OCI hooks directory path (may be set multiple times)") + rootCmd.PersistentFlags().StringSliceVar(&MainGlobalOpts.HooksDir, "hooks-dir", defaultContainerConfig.Engine.HooksDir, "Set the OCI hooks directory path (may be set multiple times)") rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.LogLevel, "log-level", "error", `Log messages above specified level ("debug"|"info"|"warn"|"error"|"fatal"|"panic")`) rootCmd.PersistentFlags().IntVar(&MainGlobalOpts.MaxWorks, "max-workers", 0, "The maximum number of workers for parallel operations") if err := rootCmd.PersistentFlags().MarkHidden("max-workers"); err != nil { logrus.Error("unable to mark max-workers flag as hidden") } - rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Namespace, "namespace", "", "Set the libpod namespace, used to create separate views of the containers and pods on the system") + rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Namespace, "namespace", defaultContainerConfig.Engine.Namespace, "Set the libpod namespace, used to create separate views of the containers and pods on the system") rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Root, "root", "", "Path to the root directory in which data, including images, is stored") rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Runroot, "runroot", "", "Path to the 'run directory' where all state information is stored") rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.Runtime, "runtime", "", "Path to the OCI-compatible binary used to run containers, default is /usr/bin/runc") @@ -170,16 +174,16 @@ func setupRootless(cmd *cobra.Command, args []string) error { if os.Geteuid() == 0 { ownsCgroup, err := cgroups.UserOwnsCurrentSystemdCgroup() if err != nil { - return err - } - conf, err := runtime.GetConfig() - if err != nil { - return err + logrus.Warnf("Failed to detect the owner for the current cgroup: %v", err) } if !ownsCgroup { + conf, err := runtime.GetConfig() + if err != nil { + return err + } unitName := fmt.Sprintf("podman-%d.scope", os.Getpid()) if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil { - if conf.CgroupManager == define.SystemdCgroupsManager { + if conf.Engine.CgroupManager == config.SystemdCgroupsManager { logrus.Warnf("Failed to add podman to systemd sandbox cgroup: %v", err) } else { logrus.Debugf("Failed to add podman to systemd sandbox cgroup: %v", err) @@ -223,7 +227,7 @@ func setupRootless(cmd *cobra.Command, args []string) error { if err != nil { return err } - if conf.CgroupManager == define.SystemdCgroupsManager { + if conf.Engine.CgroupManager == config.SystemdCgroupsManager { logrus.Warnf("Failed to add pause process to systemd sandbox cgroup: %v", err) } else { logrus.Debugf("Failed to add pause process to systemd sandbox cgroup: %v", err) @@ -264,3 +268,10 @@ func setUMask() { func checkInput() error { return nil } +func getCNIPluginsDir() string { + if rootless.IsRootless() { + return "" + } + + return defaultContainerConfig.Network.CNIPluginDirs[0] +} diff --git a/cmd/podman/mount.go b/cmd/podman/mount.go index 526a236fd..99e185589 100644 --- a/cmd/podman/mount.go +++ b/cmd/podman/mount.go @@ -68,11 +68,7 @@ func mountCmd(c *cliconfig.MountValues) error { defer runtime.DeferredShutdown(false) if os.Geteuid() != 0 { - rtc, err := runtime.GetConfig() - if err != nil { - return err - } - if driver := rtc.StorageConfig.GraphDriverName; driver != "vfs" { + if driver := runtime.StorageConfig().GraphDriverName; driver != "vfs" { // Do not allow to mount a graphdriver that is not vfs if we are creating the userns as part // of the mount command. return fmt.Errorf("cannot mount using driver %s in rootless mode", driver) diff --git a/cmd/podman/pod_stop.go b/cmd/podman/pod_stop.go index 7d3951ec4..395731551 100644 --- a/cmd/podman/pod_stop.go +++ b/cmd/podman/pod_stop.go @@ -31,7 +31,7 @@ var ( }, Example: `podman pod stop mywebserverpod podman pod stop --latest - podman pod stop --timeout 0 490eb 3557fb`, + podman pod stop --time 0 490eb 3557fb`, } ) @@ -43,7 +43,8 @@ func init() { flags.BoolVarP(&podStopCommand.All, "all", "a", false, "Stop all running pods") flags.BoolVarP(&podStopCommand.Ignore, "ignore", "i", false, "Ignore errors when a specified pod is missing") flags.BoolVarP(&podStopCommand.Latest, "latest", "l", false, "Stop the latest pod podman is aware of") - flags.UintVarP(&podStopCommand.Timeout, "timeout", "t", 0, "Seconds to wait for pod stop before killing the container") + flags.UintVarP(&podStopCommand.Timeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "Seconds to wait for pod stop before killing the container") + flags.SetNormalizeFunc(aliasFlags) markFlagHiddenForRemoteClient("ignore", flags) markFlagHiddenForRemoteClient("latest", flags) } diff --git a/cmd/podman/restart.go b/cmd/podman/restart.go index 996a9f7ce..4ee043442 100644 --- a/cmd/podman/restart.go +++ b/cmd/podman/restart.go @@ -1,6 +1,8 @@ package main import ( + "fmt" + "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/adapter" @@ -10,9 +12,9 @@ import ( var ( restartCommand cliconfig.RestartValues - restartDescription = `Restarts one or more running containers. The container ID or name can be used. + restartDescription = fmt.Sprintf(`Restarts one or more running containers. The container ID or name can be used. - A timeout before forcibly stopping can be set, but defaults to 10 seconds.` + A timeout before forcibly stopping can be set, but defaults to %d seconds.`, defaultContainerConfig.Engine.StopTimeout) _restartCommand = &cobra.Command{ Use: "restart [flags] CONTAINER [CONTAINER...]", Short: "Restart one or more containers", @@ -39,10 +41,10 @@ func init() { flags.BoolVarP(&restartCommand.All, "all", "a", false, "Restart all non-running containers") flags.BoolVarP(&restartCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of") flags.BoolVar(&restartCommand.Running, "running", false, "Restart only running containers when --all is used") - flags.UintVarP(&restartCommand.Timeout, "timeout", "t", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container") - flags.UintVar(&restartCommand.Timeout, "time", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container") + flags.UintVarP(&restartCommand.Timeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "Seconds to wait for stop before killing the container") markFlagHiddenForRemoteClient("latest", flags) + flags.SetNormalizeFunc(aliasFlags) } func restartCmd(c *cliconfig.RestartValues) error { diff --git a/cmd/podman/service.go b/cmd/podman/service.go index 7606e3009..bcb37eac5 100644 --- a/cmd/podman/service.go +++ b/cmd/podman/service.go @@ -12,13 +12,13 @@ import ( "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/libpodruntime" - iopodman "github.com/containers/libpod/cmd/podman/varlink" "github.com/containers/libpod/libpod" "github.com/containers/libpod/pkg/adapter" api "github.com/containers/libpod/pkg/api/server" "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/systemd" "github.com/containers/libpod/pkg/util" + iopodman "github.com/containers/libpod/pkg/varlink" "github.com/containers/libpod/pkg/varlinkapi" "github.com/containers/libpod/version" "github.com/pkg/errors" diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index cec837af6..68a36d967 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -99,7 +99,7 @@ func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod. ArchitectureChoice: overrideArch, } - newImage, err := runtime.ImageRuntime().New(ctx, rawImageName, rtc.SignaturePolicyPath, c.String("authfile"), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType) + newImage, err := runtime.ImageRuntime().New(ctx, rawImageName, rtc.Engine.SignaturePolicyPath, c.String("authfile"), writer, &dockerRegistryOptions, image.SigningOptions{}, nil, pullType) if err != nil { return nil, nil, err } @@ -512,6 +512,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. } // Start with env-host + if c.Bool("env-host") { env = envLib.Join(env, osEnv) } @@ -537,14 +538,16 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. } } - // env overrides any previous variables - cmdlineEnv := c.StringSlice("env") - if len(cmdlineEnv) > 0 { - parsedEnv, err := envLib.ParseSlice(cmdlineEnv) - if err != nil { - return nil, err + if c.IsSet("env") { + // env overrides any previous variables + cmdlineEnv := c.StringSlice("env") + if len(cmdlineEnv) > 0 { + parsedEnv, err := envLib.ParseSlice(cmdlineEnv) + if err != nil { + return nil, err + } + env = envLib.Join(env, parsedEnv) } - env = envLib.Join(env, parsedEnv) } // LABEL VARIABLES @@ -636,31 +639,44 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. return nil, errors.Wrapf(err, "unable to translate --shm-size") } - // Verify the additional hosts are in correct format - for _, host := range c.StringSlice("add-host") { - if _, err := parse.ValidateExtraHost(host); err != nil { - return nil, err + if c.IsSet("add-host") { + // Verify the additional hosts are in correct format + for _, host := range c.StringSlice("add-host") { + if _, err := parse.ValidateExtraHost(host); err != nil { + return nil, err + } } } - // Check for . and dns-search domains - if util.StringInSlice(".", c.StringSlice("dns-search")) && len(c.StringSlice("dns-search")) > 1 { - return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'") + var ( + dnsSearches []string + dnsServers []string + dnsOptions []string + ) + if c.Changed("dns-search") { + dnsSearches = c.StringSlice("dns-search") + // Check for explicit dns-search domain of '' + if len(dnsSearches) == 0 { + return nil, errors.Errorf("'' is not a valid domain") + } + // Validate domains are good + for _, dom := range dnsSearches { + if dom == "." { + if len(dnsSearches) > 1 { + return nil, errors.Errorf("cannot pass additional search domains when also specifying '.'") + } + continue + } + if _, err := parse.ValidateDomain(dom); err != nil { + return nil, err + } + } } - - // Check for explicit dns-search domain of '' - if c.Changed("dns-search") && len(c.StringSlice("dns-search")) == 0 { - return nil, errors.Errorf("'' is not a valid domain") + if c.IsSet("dns") { + dnsServers = append(dnsServers, c.StringSlice("dns")...) } - - // Validate domains are good - for _, dom := range c.StringSlice("dns-search") { - if dom == "." { - continue - } - if _, err := parse.ValidateDomain(dom); err != nil { - return nil, err - } + if c.IsSet("dns-opt") { + dnsOptions = c.StringSlice("dns-opt") } var ImageVolumes map[string]struct{} @@ -706,7 +722,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. pidsLimit := c.Int64("pids-limit") if c.String("cgroups") == "disabled" && !c.Changed("pids-limit") { - pidsLimit = 0 + pidsLimit = -1 } pid := &cc.PidConfig{ @@ -736,11 +752,10 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. HostAdd: c.StringSlice("add-host"), Hostname: c.String("hostname"), } - net := &cc.NetworkConfig{ - DNSOpt: c.StringSlice("dns-opt"), - DNSSearch: c.StringSlice("dns-search"), - DNSServers: c.StringSlice("dns"), + DNSOpt: dnsOptions, + DNSSearch: dnsSearches, + DNSServers: dnsServers, HTTPProxy: c.Bool("http-proxy"), MacAddress: c.String("mac-address"), Network: c.String("network"), @@ -751,9 +766,12 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. PortBindings: portBindings, } - sysctl, err := validateSysctl(c.StringSlice("sysctl")) - if err != nil { - return nil, errors.Wrapf(err, "invalid value for sysctl") + sysctl := map[string]string{} + if c.Changed("sysctl") { + sysctl, err = util.ValidateSysctls(c.StringSlice("sysctl")) + if err != nil { + return nil, errors.Wrapf(err, "invalid value for sysctl") + } } secConfig := &cc.SecurityConfig{ @@ -765,8 +783,10 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. Sysctl: sysctl, } - if err := secConfig.SetSecurityOpts(runtime, c.StringArray("security-opt")); err != nil { - return nil, err + if c.Changed("security-opt") { + if err := secConfig.SetSecurityOpts(runtime, c.StringArray("security-opt")); err != nil { + return nil, err + } } // SECCOMP @@ -780,6 +800,19 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. } else { secConfig.SeccompPolicy = policy } + rtc, err := runtime.GetConfig() + if err != nil { + return nil, err + } + volumes := rtc.Containers.Volumes + if c.Changed("volume") { + volumes = append(volumes, c.StringSlice("volume")...) + } + + devices := rtc.Containers.Devices + if c.Changed("device") { + devices = append(devices, c.StringSlice("device")...) + } config := &cc.CreateConfig{ Annotations: annotations, @@ -790,7 +823,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. Command: command, UserCommand: userCommand, Detach: c.Bool("detach"), - Devices: c.StringSlice("device"), + Devices: devices, Entrypoint: entrypoint, Env: env, // ExposedPorts: ports, @@ -845,7 +878,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. Tmpfs: c.StringArray("tmpfs"), Tty: tty, MountsFlag: c.StringArray("mount"), - Volumes: c.StringArray("volume"), + Volumes: volumes, WorkDir: workDir, Rootfs: rootfs, VolumesFrom: c.StringSlice("volumes-from"), diff --git a/cmd/podman/shared/intermediate_varlink.go b/cmd/podman/shared/intermediate_varlink.go index 691c4f92d..82594fb40 100644 --- a/cmd/podman/shared/intermediate_varlink.go +++ b/cmd/podman/shared/intermediate_varlink.go @@ -4,8 +4,8 @@ package shared import ( "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/cmd/podman/varlink" "github.com/containers/libpod/pkg/rootless" + iopodman "github.com/containers/libpod/pkg/varlink" "github.com/pkg/errors" ) @@ -316,6 +316,7 @@ func intFromVarlink(v *int64, flagName string, defaultValue *int) CRInt { // structure. func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults { + defaultContainerConfig := cliconfig.GetDefaultConfig() // TODO | WARN // We do not get a default network over varlink. Unlike the other default values for some cli // elements, it seems it gets set to the default anyway. @@ -405,7 +406,7 @@ func VarlinkCreateToGeneric(opts iopodman.Create) GenericCLIResults { m["rm"] = boolFromVarlink(opts.Rm, "rm", false) m["rootfs"] = boolFromVarlink(opts.Rootfs, "rootfs", false) m["security-opt"] = stringArrayFromVarlink(opts.SecurityOpt, "security-opt", nil) - m["shm-size"] = stringFromVarlink(opts.ShmSize, "shm-size", &cliconfig.DefaultShmSize) + m["shm-size"] = stringFromVarlink(opts.ShmSize, "shm-size", &defaultContainerConfig.Containers.ShmSize) m["stop-signal"] = stringFromVarlink(opts.StopSignal, "stop-signal", nil) m["stop-timeout"] = uintFromVarlink(opts.StopTimeout, "stop-timeout", nil) m["storage-opt"] = stringSliceFromVarlink(opts.StorageOpt, "storage-opt", nil) diff --git a/cmd/podman/shared/pod.go b/cmd/podman/shared/pod.go index 3046953b5..50bd88e08 100644 --- a/cmd/podman/shared/pod.go +++ b/cmd/podman/shared/pod.go @@ -162,7 +162,7 @@ func FilterAllPodsWithFilterFunc(r *libpod.Runtime, filters ...libpod.PodFilter) func GenerateFilterFunction(r *libpod.Runtime, filters []string) ([]libpod.PodFilter, error) { var filterFuncs []libpod.PodFilter for _, f := range filters { - filterSplit := strings.Split(f, "=") + filterSplit := strings.SplitN(f, "=", 2) if len(filterSplit) < 2 { return nil, errors.Errorf("filter input must be in the form of filter=value: %s is invalid", f) } @@ -256,6 +256,22 @@ func generatePodFilterFuncs(filter, filterValue string) ( } return false }, nil + case "label": + var filterArray = strings.SplitN(filterValue, "=", 2) + var filterKey = filterArray[0] + if len(filterArray) > 1 { + filterValue = filterArray[1] + } else { + filterValue = "" + } + return func(p *libpod.Pod) bool { + for labelKey, labelValue := range p.Labels() { + if labelKey == filterKey && ("" == filterValue || labelValue == filterValue) { + return true + } + } + return false + }, nil } return nil, errors.Errorf("%s is an invalid filter", filter) } diff --git a/cmd/podman/sign.go b/cmd/podman/sign.go index 8ac59b33b..7da3459cf 100644 --- a/cmd/podman/sign.go +++ b/cmd/podman/sign.go @@ -126,19 +126,14 @@ func signCmd(c *cliconfig.SignValues) error { if err != nil { return err } - newImage, err := runtime.ImageRuntime().New(getContext(), signimage, rtc.SignaturePolicyPath, "", os.Stderr, &dockerRegistryOptions, image.SigningOptions{SignBy: signby}, nil, util.PullImageMissing) + newImage, err := runtime.ImageRuntime().New(getContext(), signimage, rtc.Engine.SignaturePolicyPath, "", os.Stderr, &dockerRegistryOptions, image.SigningOptions{SignBy: signby}, nil, util.PullImageMissing) if err != nil { return errors.Wrapf(err, "error pulling image %s", signimage) } if rootless.IsRootless() { if sigStoreDir == "" { - runtimeConfig, err := runtime.GetConfig() - if err != nil { - return err - } - - sigStoreDir = filepath.Join(filepath.Dir(runtimeConfig.StorageConfig.GraphRoot), "sigstore") + sigStoreDir = filepath.Join(filepath.Dir(runtime.StorageConfig().GraphRoot), "sigstore") } } else { registryInfo := trust.HaveMatchRegistry(rawSource.Reference().DockerReference().String(), registryConfigs) diff --git a/cmd/podman/start.go b/cmd/podman/start.go index a070cd18d..ee700032f 100644 --- a/cmd/podman/start.go +++ b/cmd/podman/start.go @@ -35,10 +35,7 @@ func init() { startCommand.SetUsageTemplate(UsageTemplate()) flags := startCommand.Flags() flags.BoolVarP(&startCommand.Attach, "attach", "a", false, "Attach container's STDOUT and STDERR") - // Clear the default, the value specified in the config file should have the - // priority - startCommand.DetachKeys = "" - flags.StringVar(&startCommand.DetachKeys, "detach-keys", define.DefaultDetachKeys, "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`") + flags.StringVar(&startCommand.DetachKeys, "detach-keys", getDefaultDetachKeys(), "Select the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`") flags.BoolVarP(&startCommand.Interactive, "interactive", "i", false, "Keep STDIN open even if not attached") flags.BoolVarP(&startCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of") flags.BoolVar(&startCommand.SigProxy, "sig-proxy", false, "Proxy received signals to the process (default true if attaching, false otherwise)") diff --git a/cmd/podman/stop.go b/cmd/podman/stop.go index c62da80df..5033218e4 100644 --- a/cmd/podman/stop.go +++ b/cmd/podman/stop.go @@ -1,8 +1,9 @@ package main import ( + "fmt" + "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/adapter" "github.com/opentracing/opentracing-go" "github.com/pkg/errors" @@ -11,9 +12,9 @@ import ( var ( stopCommand cliconfig.StopValues - stopDescription = `Stops one or more running containers. The container name or ID can be used. + stopDescription = fmt.Sprintf(`Stops one or more running containers. The container name or ID can be used. - A timeout to forcibly stop the container can also be set but defaults to 10 seconds otherwise.` + A timeout to forcibly stop the container can also be set but defaults to %d seconds otherwise.`, defaultContainerConfig.Engine.StopTimeout) _stopCommand = &cobra.Command{ Use: "stop [flags] CONTAINER [CONTAINER...]", Short: "Stop one or more containers", @@ -29,7 +30,7 @@ var ( }, Example: `podman stop ctrID podman stop --latest - podman stop --timeout 2 mywebserver 6e534f14da9d`, + podman stop --time 2 mywebserver 6e534f14da9d`, } ) @@ -42,19 +43,15 @@ func init() { flags.BoolVarP(&stopCommand.Ignore, "ignore", "i", false, "Ignore errors when a specified container is missing") flags.StringArrayVarP(&stopCommand.CIDFiles, "cidfile", "", nil, "Read the container ID from the file") flags.BoolVarP(&stopCommand.Latest, "latest", "l", false, "Act on the latest container podman is aware of") - flags.UintVar(&stopCommand.Timeout, "time", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container") - flags.UintVarP(&stopCommand.Timeout, "timeout", "t", define.CtrRemoveTimeout, "Seconds to wait for stop before killing the container") + flags.UintVarP(&stopCommand.Timeout, "time", "t", defaultContainerConfig.Engine.StopTimeout, "Seconds to wait for stop before killing the container") markFlagHiddenForRemoteClient("latest", flags) markFlagHiddenForRemoteClient("cidfile", flags) markFlagHiddenForRemoteClient("ignore", flags) + flags.SetNormalizeFunc(aliasFlags) } // stopCmd stops a container or containers func stopCmd(c *cliconfig.StopValues) error { - if c.Flag("timeout").Changed && c.Flag("time").Changed { - return errors.New("the --timeout and --time flags are mutually exclusive") - } - if c.Bool("trace") { span, _ := opentracing.StartSpanFromContext(Ctx, "stopCmd") defer span.Finish() diff --git a/cmd/podman/unshare.go b/cmd/podman/unshare.go index 31ce441f4..28d17a319 100644 --- a/cmd/podman/unshare.go +++ b/cmd/podman/unshare.go @@ -66,13 +66,8 @@ func unshareCmd(c *cliconfig.PodmanCommand) error { if err != nil { return err } - runtimeConfig, err := runtime.GetConfig() - if err != nil { - return err - } - cmd := exec.Command(c.InputArgs[0], c.InputArgs[1:]...) - cmd.Env = unshareEnv(runtimeConfig.StorageConfig.GraphRoot, runtimeConfig.StorageConfig.RunRoot) + cmd.Env = unshareEnv(runtime.StorageConfig().GraphRoot, runtime.StorageConfig().RunRoot) cmd.Stdin = os.Stdin cmd.Stdout = os.Stdout cmd.Stderr = os.Stderr diff --git a/cmd/podman/utils.go b/cmd/podman/utils.go index 44e65b223..938a3f41e 100644 --- a/cmd/podman/utils.go +++ b/cmd/podman/utils.go @@ -63,6 +63,8 @@ func aliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName { name = "health-timeout" case "net": name = "network" + case "timeout": + name = "time" } return pflag.NormalizedName(name) } diff --git a/cmd/podman/varlink.go b/cmd/podman/varlink.go index 047d94fc2..20334ec96 100644 --- a/cmd/podman/varlink.go +++ b/cmd/podman/varlink.go @@ -10,10 +10,10 @@ import ( "github.com/containers/libpod/cmd/podman/cliconfig" "github.com/containers/libpod/cmd/podman/libpodruntime" - iopodman "github.com/containers/libpod/cmd/podman/varlink" "github.com/containers/libpod/pkg/adapter" "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/util" + iopodman "github.com/containers/libpod/pkg/varlink" "github.com/containers/libpod/pkg/varlinkapi" "github.com/containers/libpod/version" "github.com/pkg/errors" diff --git a/cmd/podman/varlink/generate.go b/cmd/podman/varlink/generate.go deleted file mode 100644 index 2fa2d8e23..000000000 --- a/cmd/podman/varlink/generate.go +++ /dev/null @@ -1,3 +0,0 @@ -package iopodman - -//go:generate go run ../../../vendor/github.com/varlink/go/cmd/varlink-go-interface-generator/main.go io.podman.varlink diff --git a/cmd/podman/varlink/io.podman.varlink b/cmd/podman/varlink/io.podman.varlink deleted file mode 100644 index 0ef350fc2..000000000 --- a/cmd/podman/varlink/io.podman.varlink +++ /dev/null @@ -1,1390 +0,0 @@ -# Podman Service Interface and API description. The master version of this document can be found -# in the [API.md](https://github.com/containers/libpod/blob/master/API.md) file in the upstream libpod repository. -interface io.podman - -type Volume ( - name: string, - labels: [string]string, - mountPoint: string, - driver: string, - options: [string]string -) - -type NotImplemented ( - comment: string -) - -type StringResponse ( - message: string -) - -type RemoveImageResponse ( - untagged: []string, - deleted: string -) - -type LogLine ( - device: string, - parseLogType : string, - time: string, - msg: string, - cid: string -) - -# ContainerChanges describes the return struct for ListContainerChanges -type ContainerChanges ( - changed: []string, - added: []string, - deleted: []string -) - -type ImageSaveOptions ( - name: string, - format: string, - output: string, - outputType: string, - moreTags: []string, - quiet: bool, - compress: bool -) - -type VolumeCreateOpts ( - volumeName: string, - driver: string, - labels: [string]string, - options: [string]string -) - -type VolumeRemoveOpts ( - volumes: []string, - all: bool, - force: bool -) - -type Image ( - id: string, - digest: string, - digests: []string, - parentId: string, - repoTags: []string, - repoDigests: []string, - created: string, # as RFC3339 - size: int, - virtualSize: int, - containers: int, - labels: [string]string, - isParent: bool, - topLayer: string, - readOnly: bool, - history: []string -) - -# ImageHistory describes the returned structure from ImageHistory. -type ImageHistory ( - id: string, - created: string, # as RFC3339 - createdBy: string, - tags: []string, - size: int, - comment: string -) - -# Represents a single search result from SearchImages -type ImageSearchResult ( - description: string, - is_official: bool, - is_automated: bool, - registry: string, - name: string, - star_count: int -) - -type ImageSearchFilter ( - is_official: ?bool, - is_automated: ?bool, - star_count: int -) - -type AuthConfig ( - username: string, - password: string -) - -type KubePodService ( - pod: string, - service: string -) - -type Container ( - id: string, - image: string, - imageid: string, - command: []string, - createdat: string, # as RFC3339 - runningfor: string, - status: string, - ports: []ContainerPortMappings, - rootfssize: int, - rwsize: int, - names: string, - labels: [string]string, - mounts: []ContainerMount, - containerrunning: bool, - namespaces: ContainerNameSpace -) - -# ContainerStats is the return struct for the stats of a container -type ContainerStats ( - id: string, - name: string, - cpu: float, - cpu_nano: int, - system_nano: int, - mem_usage: int, - mem_limit: int, - mem_perc: float, - net_input: int, - net_output: int, - block_output: int, - block_input: int, - pids: int -) - -type PsOpts ( - all: bool, - filters: ?[]string, - last: ?int, - latest: ?bool, - noTrunc: ?bool, - pod: ?bool, - quiet: ?bool, - size: ?bool, - sort: ?string, - sync: ?bool -) - -type PsContainer ( - id: string, - image: string, - command: string, - created: string, - ports: string, - names: string, - isInfra: bool, - status: string, - state: string, - pidNum: int, - rootFsSize: int, - rwSize: int, - pod: string, - createdAt: string, - exitedAt: string, - startedAt: string, - labels: [string]string, - nsPid: string, - cgroup: string, - ipc: string, - mnt: string, - net: string, - pidNs: string, - user: string, - uts: string, - mounts: string -) - -# ContainerMount describes the struct for mounts in a container -type ContainerMount ( - destination: string, - type: string, - source: string, - options: []string -) - -# ContainerPortMappings describes the struct for portmappings in an existing container -type ContainerPortMappings ( - host_port: string, - host_ip: string, - protocol: string, - container_port: string -) - -# ContainerNamespace describes the namespace structure for an existing container -type ContainerNameSpace ( - user: string, - uts: string, - pidns: string, - pid: string, - cgroup: string, - net: string, - mnt: string, - ipc: string -) - -# InfoDistribution describes the host's distribution -type InfoDistribution ( - distribution: string, - version: string -) - -# InfoHost describes the host stats portion of PodmanInfo -type InfoHost ( - buildah_version: string, - distribution: InfoDistribution, - mem_free: int, - mem_total: int, - swap_free: int, - swap_total: int, - arch: string, - cpus: int, - hostname: string, - kernel: string, - os: string, - uptime: string, - eventlogger: string -) - -# InfoGraphStatus describes the detailed status of the storage driver -type InfoGraphStatus ( - backing_filesystem: string, - native_overlay_diff: string, - supports_d_type: string -) - -# InfoRegistry describes the host's registry information -type InfoRegistry ( - search: []string, - insecure: []string, - blocked: []string -) - -# InfoStore describes the host's storage informatoin -type InfoStore ( - containers: int, - images: int, - graph_driver_name: string, - graph_driver_options: string, - graph_root: string, - graph_status: InfoGraphStatus, - run_root: string -) - -# InfoPodman provides details on the Podman binary -type InfoPodmanBinary ( - compiler: string, - go_version: string, - podman_version: string, - git_commit: string -) - -# PodmanInfo describes the Podman host and build -type PodmanInfo ( - host: InfoHost, - registries: InfoRegistry, - store: InfoStore, - podman: InfoPodmanBinary -) - -# Sockets describes sockets location for a container -type Sockets( - container_id: string, - io_socket: string, - control_socket: string -) - -# Create is an input structure for creating containers. -# args[0] is the image name or id -# args[1-] are the new commands if changed -type Create ( - args: []string, - addHost: ?[]string, - annotation: ?[]string, - attach: ?[]string, - blkioWeight: ?string, - blkioWeightDevice: ?[]string, - capAdd: ?[]string, - capDrop: ?[]string, - cgroupParent: ?string, - cidFile: ?string, - conmonPidfile: ?string, - command: ?[]string, - cpuPeriod: ?int, - cpuQuota: ?int, - cpuRtPeriod: ?int, - cpuRtRuntime: ?int, - cpuShares: ?int, - cpus: ?float, - cpuSetCpus: ?string, - cpuSetMems: ?string, - detach: ?bool, - detachKeys: ?string, - device: ?[]string, - deviceReadBps: ?[]string, - deviceReadIops: ?[]string, - deviceWriteBps: ?[]string, - deviceWriteIops: ?[]string, - dns: ?[]string, - dnsOpt: ?[]string, - dnsSearch: ?[]string, - dnsServers: ?[]string, - entrypoint: ?string, - env: ?[]string, - envFile: ?[]string, - expose: ?[]string, - gidmap: ?[]string, - groupadd: ?[]string, - healthcheckCommand: ?string, - healthcheckInterval: ?string, - healthcheckRetries: ?int, - healthcheckStartPeriod: ?string, - healthcheckTimeout:?string, - hostname: ?string, - imageVolume: ?string, - init: ?bool, - initPath: ?string, - interactive: ?bool, - ip: ?string, - ipc: ?string, - kernelMemory: ?string, - label: ?[]string, - labelFile: ?[]string, - logDriver: ?string, - logOpt: ?[]string, - macAddress: ?string, - memory: ?string, - memoryReservation: ?string, - memorySwap: ?string, - memorySwappiness: ?int, - name: ?string, - network: ?string, - noHosts: ?bool, - oomKillDisable: ?bool, - oomScoreAdj: ?int, - overrideArch: ?string, - overrideOS: ?string, - pid: ?string, - pidsLimit: ?int, - pod: ?string, - privileged: ?bool, - publish: ?[]string, - publishAll: ?bool, - pull: ?string, - quiet: ?bool, - readonly: ?bool, - readonlytmpfs: ?bool, - restart: ?string, - rm: ?bool, - rootfs: ?bool, - securityOpt: ?[]string, - shmSize: ?string, - stopSignal: ?string, - stopTimeout: ?int, - storageOpt: ?[]string, - subuidname: ?string, - subgidname: ?string, - sysctl: ?[]string, - systemd: ?string, - tmpfs: ?[]string, - tty: ?bool, - uidmap: ?[]string, - ulimit: ?[]string, - user: ?string, - userns: ?string, - uts: ?string, - mount: ?[]string, - volume: ?[]string, - volumesFrom: ?[]string, - workDir: ?string -) - -# BuildOptions are are used to describe describe physical attributes of the build -type BuildOptions ( - addHosts: []string, - cgroupParent: string, - cpuPeriod: int, - cpuQuota: int, - cpuShares: int, - cpusetCpus: string, - cpusetMems: string, - memory: int, - memorySwap: int, - shmSize: string, - ulimit: []string, - volume: []string -) - -# BuildInfo is used to describe user input for building images -type BuildInfo ( - additionalTags: []string, - annotations: []string, - buildArgs: [string]string, - buildOptions: BuildOptions, - cniConfigDir: string, - cniPluginDir: string, - compression: string, - contextDir: string, - defaultsMountFilePath: string, - dockerfiles: []string, - err: string, - forceRmIntermediateCtrs: bool, - iidfile: string, - label: []string, - layers: bool, - nocache: bool, - out: string, - output: string, - outputFormat: string, - pullPolicy: string, - quiet: bool, - remoteIntermediateCtrs: bool, - reportWriter: string, - runtimeArgs: []string, - squash: bool -) - -# MoreResponse is a struct for when responses from varlink requires longer output -type MoreResponse ( - logs: []string, - id: string -) - -# ListPodContainerInfo is a returned struct for describing containers -# in a pod. -type ListPodContainerInfo ( - name: string, - id: string, - status: string -) - -# PodCreate is an input structure for creating pods. -# It emulates options to podman pod create. The infraCommand and -# infraImage options are currently NotSupported. -type PodCreate ( - name: string, - cgroupParent: string, - labels: [string]string, - share: []string, - infra: bool, - infraCommand: string, - infraImage: string, - publish: []string -) - -# ListPodData is the returned struct for an individual pod -type ListPodData ( - id: string, - name: string, - createdat: string, - cgroup: string, - status: string, - labels: [string]string, - numberofcontainers: string, - containersinfo: []ListPodContainerInfo -) - -type PodContainerErrorData ( - containerid: string, - reason: string -) - -# Runlabel describes the required input for container runlabel -type Runlabel( - image: string, - authfile: string, - display: bool, - name: string, - pull: bool, - label: string, - extraArgs: []string, - opts: [string]string -) - -# Event describes a libpod struct -type Event( - # TODO: make status and type a enum at some point? - # id is the container, volume, pod, image ID - id: string, - # image is the image name where applicable - image: string, - # name is the name of the pod, container, image - name: string, - # status describes the event that happened (i.e. create, remove, ...) - status: string, - # time the event happened - time: string, - # type describes object the event happened with (image, container...) - type: string -) - -type DiffInfo( - # path that is different - path: string, - # Add, Delete, Modify - changeType: string -) - -type ExecOpts( - # container name or id - name: string, - # Create pseudo tty - tty: bool, - # privileged access in container - privileged: bool, - # command to execute in container - cmd: []string, - # user to use in container - user: ?string, - # workdir to run command in container - workdir: ?string, - # slice of keyword=value environment variables - env: ?[]string, - # string of detach keys - detachKeys: ?string -) - -# GetVersion returns version and build information of the podman service -method GetVersion() -> ( - version: string, - go_version: string, - git_commit: string, - built: string, # as RFC3339 - os_arch: string, - remote_api_version: int -) - -# Reset resets Podman back to its initial state. -# Removes all Pods, Containers, Images and Volumes -method Reset() -> () - -# GetInfo returns a [PodmanInfo](#PodmanInfo) struct that describes podman and its host such as storage stats, -# build information of Podman, and system-wide registries. -method GetInfo() -> (info: PodmanInfo) - -# ListContainers returns information about all containers. -# See also [GetContainer](#GetContainer). -method ListContainers() -> (containers: []Container) - -method Ps(opts: PsOpts) -> (containers: []PsContainer) - -method GetContainersByStatus(status: []string) -> (containerS: []Container) - -method Top (nameOrID: string, descriptors: []string) -> (top: []string) - -# HealthCheckRun executes defined container's healthcheck command -# and returns the container's health status. -method HealthCheckRun (nameOrID: string) -> (healthCheckStatus: string) - -# GetContainer returns information about a single container. If a container -# with the given id doesn't exist, a [ContainerNotFound](#ContainerNotFound) -# error will be returned. See also [ListContainers](ListContainers) and -# [InspectContainer](#InspectContainer). -method GetContainer(id: string) -> (container: Container) - -# GetContainersByContext allows you to get a list of container ids depending on all, latest, or a list of -# container names. The definition of latest container means the latest by creation date. In a multi- -# user environment, results might differ from what you expect. -method GetContainersByContext(all: bool, latest: bool, args: []string) -> (containers: []string) - -# CreateContainer creates a new container from an image. It uses a [Create](#Create) type for input. -method CreateContainer(create: Create) -> (container: string) - -# InspectContainer data takes a name or ID of a container returns the inspection -# data in string format. You can then serialize the string into JSON. A [ContainerNotFound](#ContainerNotFound) -# error will be returned if the container cannot be found. See also [InspectImage](#InspectImage). -method InspectContainer(name: string) -> (container: string) - -# ListContainerProcesses takes a name or ID of a container and returns the processes -# running inside the container as array of strings. It will accept an array of string -# arguments that represent ps options. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound) -# error will be returned. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.ListContainerProcesses '{"name": "135d71b9495f", "opts": []}' -# { -# "container": [ -# " UID PID PPID C STIME TTY TIME CMD", -# " 0 21220 21210 0 09:05 pts/0 00:00:00 /bin/sh", -# " 0 21232 21220 0 09:05 pts/0 00:00:00 top", -# " 0 21284 21220 0 09:05 pts/0 00:00:00 vi /etc/hosts" -# ] -# } -# ~~~ -method ListContainerProcesses(name: string, opts: []string) -> (container: []string) - -# GetContainerLogs takes a name or ID of a container and returns the logs of that container. -# If the container cannot be found, a [ContainerNotFound](#ContainerNotFound) error will be returned. -# The container logs are returned as an array of strings. GetContainerLogs will honor the streaming -# capability of varlink if the client invokes it. -method GetContainerLogs(name: string) -> (container: []string) - -method GetContainersLogs(names: []string, follow: bool, latest: bool, since: string, tail: int, timestamps: bool) -> (log: LogLine) - -# ListContainerChanges takes a name or ID of a container and returns changes between the container and -# its base image. It returns a struct of changed, deleted, and added path names. -method ListContainerChanges(name: string) -> (container: ContainerChanges) - -# ExportContainer creates an image from a container. It takes the name or ID of a container and a -# path representing the target tarfile. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound) -# error will be returned. -# The return value is the written tarfile. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.ExportContainer '{"name": "flamboyant_payne", "path": "/tmp/payne.tar" }' -# { -# "tarfile": "/tmp/payne.tar" -# } -# ~~~ -method ExportContainer(name: string, path: string) -> (tarfile: string) - -# GetContainerStats takes the name or ID of a container and returns a single ContainerStats structure which -# contains attributes like memory and cpu usage. If the container cannot be found, a -# [ContainerNotFound](#ContainerNotFound) error will be returned. If the container is not running, a [NoContainerRunning](#NoContainerRunning) -# error will be returned -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.GetContainerStats '{"name": "c33e4164f384"}' -# { -# "container": { -# "block_input": 0, -# "block_output": 0, -# "cpu": 2.571123918839990154678e-08, -# "cpu_nano": 49037378, -# "id": "c33e4164f384aa9d979072a63319d66b74fd7a128be71fa68ede24f33ec6cfee", -# "mem_limit": 33080606720, -# "mem_perc": 2.166828456524753747370e-03, -# "mem_usage": 716800, -# "name": "competent_wozniak", -# "net_input": 768, -# "net_output": 5910, -# "pids": 1, -# "system_nano": 10000000 -# } -# } -# ~~~ -method GetContainerStats(name: string) -> (container: ContainerStats) - -# GetContainerStatsWithHistory takes a previous set of container statistics and uses libpod functions -# to calculate the containers statistics based on current and previous measurements. -method GetContainerStatsWithHistory(previousStats: ContainerStats) -> (container: ContainerStats) - -# This method has not be implemented yet. -# method ResizeContainerTty() -> (notimplemented: NotImplemented) - -# StartContainer starts a created or stopped container. It takes the name or ID of container. It returns -# the container ID once started. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound) -# error will be returned. See also [CreateContainer](#CreateContainer). -method StartContainer(name: string) -> (container: string) - -# StopContainer stops a container given a timeout. It takes the name or ID of a container as well as a -# timeout value. The timeout value the time before a forcible stop to the container is applied. It -# returns the container ID once stopped. If the container cannot be found, a [ContainerNotFound](#ContainerNotFound) -# error will be returned instead. See also [KillContainer](KillContainer). -# #### Error -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.StopContainer '{"name": "135d71b9495f", "timeout": 5}' -# { -# "container": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6" -# } -# ~~~ -method StopContainer(name: string, timeout: int) -> (container: string) - -# InitContainer initializes the given container. It accepts a container name or -# ID, and will initialize the container matching that ID if possible, and error -# if not. Containers can only be initialized when they are in the Created or -# Exited states. Initialization prepares a container to be started, but does not -# start the container. It is intended to be used to debug a container's state -# prior to starting it. -method InitContainer(name: string) -> (container: string) - -# RestartContainer will restart a running container given a container name or ID and timeout value. The timeout -# value is the time before a forcible stop is used to stop the container. If the container cannot be found by -# name or ID, a [ContainerNotFound](#ContainerNotFound) error will be returned; otherwise, the ID of the -# container will be returned. -method RestartContainer(name: string, timeout: int) -> (container: string) - -# KillContainer takes the name or ID of a container as well as a signal to be applied to the container. Once the -# container has been killed, the container's ID is returned. If the container cannot be found, a -# [ContainerNotFound](#ContainerNotFound) error is returned. See also [StopContainer](StopContainer). -method KillContainer(name: string, signal: int) -> (container: string) - -# This method has not be implemented yet. -# method UpdateContainer() -> (notimplemented: NotImplemented) - -# This method has not be implemented yet. -# method RenameContainer() -> (notimplemented: NotImplemented) - -# PauseContainer takes the name or ID of container and pauses it. If the container cannot be found, -# a [ContainerNotFound](#ContainerNotFound) error will be returned; otherwise the ID of the container is returned. -# See also [UnpauseContainer](#UnpauseContainer). -method PauseContainer(name: string) -> (container: string) - -# UnpauseContainer takes the name or ID of container and unpauses a paused container. If the container cannot be -# found, a [ContainerNotFound](#ContainerNotFound) error will be returned; otherwise the ID of the container is returned. -# See also [PauseContainer](#PauseContainer). -method UnpauseContainer(name: string) -> (container: string) - -# Attach takes the name or ID of a container and sets up the ability to remotely attach to its console. The start -# bool is whether you wish to start the container in question first. -method Attach(name: string, detachKeys: string, start: bool) -> () - -method AttachControl(name: string) -> () - -# GetAttachSockets takes the name or ID of an existing container. It returns file paths for two sockets needed -# to properly communicate with a container. The first is the actual I/O socket that the container uses. The -# second is a "control" socket where things like resizing the TTY events are sent. If the container cannot be -# found, a [ContainerNotFound](#ContainerNotFound) error will be returned. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/io.podman/io.podman.GetAttachSockets '{"name": "b7624e775431219161"}' -# { -# "sockets": { -# "container_id": "b7624e7754312191613245ce1a46844abee60025818fe3c3f3203435623a1eca", -# "control_socket": "/var/lib/containers/storage/overlay-containers/b7624e7754312191613245ce1a46844abee60025818fe3c3f3203435623a1eca/userdata/ctl", -# "io_socket": "/var/run/libpod/socket/b7624e7754312191613245ce1a46844abee60025818fe3c3f3203435623a1eca/attach" -# } -# } -# ~~~ -method GetAttachSockets(name: string) -> (sockets: Sockets) - -# WaitContainer takes the name or ID of a container and waits the given interval in milliseconds until the container -# stops. Upon stopping, the return code of the container is returned. If the container container cannot be found by ID -# or name, a [ContainerNotFound](#ContainerNotFound) error is returned. -method WaitContainer(name: string, interval: int) -> (exitcode: int) - -# RemoveContainer requires the name or ID of a container as well as a boolean that -# indicates whether a container should be forcefully removed (e.g., by stopping it), and a boolean -# indicating whether to remove builtin volumes. Upon successful removal of the -# container, its ID is returned. If the -# container cannot be found by name or ID, a [ContainerNotFound](#ContainerNotFound) error will be returned. -# See also [EvictContainer](EvictContainer). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.RemoveContainer '{"name": "62f4fd98cb57"}' -# { -# "container": "62f4fd98cb57f529831e8f90610e54bba74bd6f02920ffb485e15376ed365c20" -# } -# ~~~ -method RemoveContainer(name: string, force: bool, removeVolumes: bool) -> (container: string) - -# EvictContainer requires the name or ID of a container as well as a boolean that -# indicates to remove builtin volumes. Upon successful eviction of the container, -# its ID is returned. If the container cannot be found by name or ID, -# a [ContainerNotFound](#ContainerNotFound) error will be returned. -# See also [RemoveContainer](RemoveContainer). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.EvictContainer '{"name": "62f4fd98cb57"}' -# { -# "container": "62f4fd98cb57f529831e8f90610e54bba74bd6f02920ffb485e15376ed365c20" -# } -# ~~~ -method EvictContainer(name: string, removeVolumes: bool) -> (container: string) - -# DeleteStoppedContainers will delete all containers that are not running. It will return a list the deleted -# container IDs. See also [RemoveContainer](RemoveContainer). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.DeleteStoppedContainers -# { -# "containers": [ -# "451410b931d00def8aa9b4f8084e4d4a39e5e04ea61f358cf53a5cf95afcdcee", -# "8b60f754a3e01389494a9581ade97d35c2765b6e2f19acd2d3040c82a32d1bc0", -# "cf2e99d4d3cad6073df199ed32bbe64b124f3e1aba6d78821aa8460e70d30084", -# "db901a329587312366e5ecff583d08f0875b4b79294322df67d90fc6eed08fc1" -# ] -# } -# ~~~ -method DeleteStoppedContainers() -> (containers: []string) - -# ListImages returns information about the images that are currently in storage. -# See also [InspectImage](#InspectImage). -method ListImages() -> (images: []Image) - -# ListImagesWithFilters returns information about the images that are currently in storage -# after one or more filters has been applied. -# See also [InspectImage](#InspectImage). -method ListImagesWithFilters(filters: []string) -> (images: []Image) - -# GetImage returns information about a single image in storage. -# If the image caGetImage returns be found, [ImageNotFound](#ImageNotFound) will be returned. -method GetImage(id: string) -> (image: Image) - -# BuildImage takes a [BuildInfo](#BuildInfo) structure and builds an image. At a minimum, you must provide the -# contextDir tarball path, the 'dockerfiles' path, and 'output' option in the BuildInfo structure. The 'output' -# options is the name of the of the resulting build. It will return a [MoreResponse](#MoreResponse) structure -# that contains the build logs and resulting image ID. -# #### Example -# ~~~ -# $ sudo varlink call -m unix:///run/podman/io.podman/io.podman.BuildImage '{"build":{"contextDir":"/tmp/t/context.tar","dockerfiles":["Dockerfile"], "output":"foobar"}}' -# { -# "image": { -# "id": "", -# "logs": [ -# "STEP 1: FROM alpine\n" -# ] -# } -# } -# { -# "image": { -# "id": "", -# "logs": [ -# "STEP 2: COMMIT foobar\n" -# ] -# } -# } -# { -# "image": { -# "id": "", -# "logs": [ -# "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9\n" -# ] -# } -# } -# { -# "image": { -# "id": "b7b28af77ffec6054d13378df4fdf02725830086c7444d9c278af25312aa39b9", -# "logs": [] -# } -# } -# ~~~ -method BuildImage(build: BuildInfo) -> (image: MoreResponse) - -# This function is not implemented yet. -# method CreateImage() -> (notimplemented: NotImplemented) - -# InspectImage takes the name or ID of an image and returns a string representation of data associated with the -#image. You must serialize the string into JSON to use it further. An [ImageNotFound](#ImageNotFound) error will -# be returned if the image cannot be found. -method InspectImage(name: string) -> (image: string) - -# HistoryImage takes the name or ID of an image and returns information about its history and layers. The returned -# history is in the form of an array of ImageHistory structures. If the image cannot be found, an -# [ImageNotFound](#ImageNotFound) error is returned. -method HistoryImage(name: string) -> (history: []ImageHistory) - -# PushImage takes two input arguments: the name or ID of an image, the fully-qualified destination name of the image, -# It will return an [ImageNotFound](#ImageNotFound) error if -# the image cannot be found in local storage; otherwise it will return a [MoreResponse](#MoreResponse) -method PushImage(name: string, tag: string, compress: bool, format: string, removeSignatures: bool, signBy: string) -> (reply: MoreResponse) - -# TagImage takes the name or ID of an image in local storage as well as the desired tag name. If the image cannot -# be found, an [ImageNotFound](#ImageNotFound) error will be returned; otherwise, the ID of the image is returned on success. -method TagImage(name: string, tagged: string) -> (image: string) - -# UntagImage takes the name or ID of an image in local storage as well as the -# tag name to be removed. If the image cannot be found, an -# [ImageNotFound](#ImageNotFound) error will be returned; otherwise, the ID of -# the image is returned on success. -method UntagImage(name: string, tag: string) -> (image: string) - -# RemoveImage takes the name or ID of an image as well as a boolean that determines if containers using that image -# should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The -# ID of the removed image is returned when complete. See also [DeleteUnusedImages](DeleteUnusedImages). -# #### Example -# ~~~ -# varlink call -m unix:/run/podman/io.podman/io.podman.RemoveImage '{"name": "registry.fedoraproject.org/fedora", "force": true}' -# { -# "image": "426866d6fa419873f97e5cbd320eeb22778244c1dfffa01c944db3114f55772e" -# } -# ~~~ -method RemoveImage(name: string, force: bool) -> (image: string) - -# RemoveImageWithResponse takes the name or ID of an image as well as a boolean that determines if containers using that image -# should be deleted. If the image cannot be found, an [ImageNotFound](#ImageNotFound) error will be returned. The response is -# in the form of a RemoveImageResponse . -method RemoveImageWithResponse(name: string, force: bool) -> (response: RemoveImageResponse) - -# SearchImages searches available registries for images that contain the -# contents of "query" in their name. If "limit" is given, limits the amount of -# search results per registry. -method SearchImages(query: string, limit: ?int, filter: ImageSearchFilter) -> (results: []ImageSearchResult) - -# DeleteUnusedImages deletes any images not associated with a container. The IDs of the deleted images are returned -# in a string array. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.DeleteUnusedImages -# { -# "images": [ -# "166ea6588079559c724c15223f52927f514f73dd5c5cf2ae2d143e3b2e6e9b52", -# "da86e6ba6ca197bf6bc5e9d900febd906b133eaa4750e6bed647b0fbe50ed43e", -# "3ef70f7291f47dfe2b82931a993e16f5a44a0e7a68034c3e0e086d77f5829adc", -# "59788edf1f3e78cd0ebe6ce1446e9d10788225db3dedcfd1a59f764bad2b2690" -# ] -# } -# ~~~ -method DeleteUnusedImages() -> (images: []string) - -# Commit, creates an image from an existing container. It requires the name or -# ID of the container as well as the resulting image name. Optionally, you can define an author and message -# to be added to the resulting image. You can also define changes to the resulting image for the following -# attributes: _CMD, ENTRYPOINT, ENV, EXPOSE, LABEL, ONBUILD, STOPSIGNAL, USER, VOLUME, and WORKDIR_. To pause the -# container while it is being committed, pass a _true_ bool for the pause argument. If the container cannot -# be found by the ID or name provided, a (ContainerNotFound)[#ContainerNotFound] error will be returned; otherwise, -# the resulting image's ID will be returned as a string inside a MoreResponse. -method Commit(name: string, image_name: string, changes: []string, author: string, message: string, pause: bool, manifestType: string) -> (reply: MoreResponse) - -# ImportImage imports an image from a source (like tarball) into local storage. The image can have additional -# descriptions added to it using the message and changes options. See also [ExportImage](ExportImage). -method ImportImage(source: string, reference: string, message: string, changes: []string, delete: bool) -> (image: string) - -# ExportImage takes the name or ID of an image and exports it to a destination like a tarball. There is also -# a boolean option to force compression. It also takes in a string array of tags to be able to save multiple -# tags of the same image to a tarball (each tag should be of the form <image>:<tag>). Upon completion, the ID -# of the image is returned. If the image cannot be found in local storage, an [ImageNotFound](#ImageNotFound) -# error will be returned. See also [ImportImage](ImportImage). -method ExportImage(name: string, destination: string, compress: bool, tags: []string) -> (image: string) - -# PullImage pulls an image from a repository to local storage. After a successful pull, the image id and logs -# are returned as a [MoreResponse](#MoreResponse). This connection also will handle a WantsMores request to send -# status as it occurs. -method PullImage(name: string, creds: AuthConfig) -> (reply: MoreResponse) - -# CreatePod creates a new empty pod. It uses a [PodCreate](#PodCreate) type for input. -# On success, the ID of the newly created pod will be returned. -# #### Example -# ~~~ -# $ varlink call unix:/run/podman/io.podman/io.podman.CreatePod '{"create": {"name": "test"}}' -# { -# "pod": "b05dee7bd4ccfee688099fe1588a7a898d6ddd6897de9251d4671c9b0feacb2a" -# } -# -# $ varlink call unix:/run/podman/io.podman/io.podman.CreatePod '{"create": {"infra": true, "share": ["ipc", "net", "uts"]}}' -# { -# "pod": "d7697449a8035f613c1a8891286502aca68fff7d5d49a85279b3bda229af3b28" -# } -# ~~~ -method CreatePod(create: PodCreate) -> (pod: string) - -# ListPods returns a list of pods in no particular order. They are -# returned as an array of ListPodData structs. See also [GetPod](#GetPod). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.ListPods -# { -# "pods": [ -# { -# "cgroup": "machine.slice", -# "containersinfo": [ -# { -# "id": "00c130a45de0411f109f1a0cfea2e298df71db20fa939de5cab8b2160a36be45", -# "name": "1840835294cf-infra", -# "status": "running" -# }, -# { -# "id": "49a5cce72093a5ca47c6de86f10ad7bb36391e2d89cef765f807e460865a0ec6", -# "name": "upbeat_murdock", -# "status": "running" -# } -# ], -# "createdat": "2018-12-07 13:10:15.014139258 -0600 CST", -# "id": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f", -# "name": "foobar", -# "numberofcontainers": "2", -# "status": "Running" -# }, -# { -# "cgroup": "machine.slice", -# "containersinfo": [ -# { -# "id": "1ca4b7bbba14a75ba00072d4b705c77f3df87db0109afaa44d50cb37c04a477e", -# "name": "784306f655c6-infra", -# "status": "running" -# } -# ], -# "createdat": "2018-12-07 13:09:57.105112457 -0600 CST", -# "id": "784306f655c6200aea321dd430ba685e9b2cc1f7d7528a72f3ff74ffb29485a2", -# "name": "nostalgic_pike", -# "numberofcontainers": "1", -# "status": "Running" -# } -# ] -# } -# ~~~ -method ListPods() -> (pods: []ListPodData) - -# GetPod takes a name or ID of a pod and returns single [ListPodData](#ListPodData) -# structure. A [PodNotFound](#PodNotFound) error will be returned if the pod cannot be found. -# See also [ListPods](ListPods). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.GetPod '{"name": "foobar"}' -# { -# "pod": { -# "cgroup": "machine.slice", -# "containersinfo": [ -# { -# "id": "00c130a45de0411f109f1a0cfea2e298df71db20fa939de5cab8b2160a36be45", -# "name": "1840835294cf-infra", -# "status": "running" -# }, -# { -# "id": "49a5cce72093a5ca47c6de86f10ad7bb36391e2d89cef765f807e460865a0ec6", -# "name": "upbeat_murdock", -# "status": "running" -# } -# ], -# "createdat": "2018-12-07 13:10:15.014139258 -0600 CST", -# "id": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f", -# "name": "foobar", -# "numberofcontainers": "2", -# "status": "Running" -# } -# } -# ~~~ -method GetPod(name: string) -> (pod: ListPodData) - -# InspectPod takes the name or ID of an image and returns a string representation of data associated with the -# pod. You must serialize the string into JSON to use it further. A [PodNotFound](#PodNotFound) error will -# be returned if the pod cannot be found. -method InspectPod(name: string) -> (pod: string) - -# StartPod starts containers in a pod. It takes the name or ID of pod. If the pod cannot be found, a [PodNotFound](#PodNotFound) -# error will be returned. Containers in a pod are started independently. If there is an error starting one container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was started with no errors, the pod ID is returned. -# See also [CreatePod](#CreatePod). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.StartPod '{"name": "135d71b9495f"}' -# { -# "pod": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6", -# } -# ~~~ -method StartPod(name: string) -> (pod: string) - -# StopPod stops containers in a pod. It takes the name or ID of a pod and a timeout. -# If the pod cannot be found, a [PodNotFound](#PodNotFound) error will be returned instead. -# Containers in a pod are stopped independently. If there is an error stopping one container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was stopped with no errors, the pod ID is returned. -# See also [KillPod](KillPod). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.StopPod '{"name": "135d71b9495f"}' -# { -# "pod": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6" -# } -# ~~~ -method StopPod(name: string, timeout: int) -> (pod: string) - -# RestartPod will restart containers in a pod given a pod name or ID. Containers in -# the pod that are running will be stopped, then all stopped containers will be run. -# If the pod cannot be found by name or ID, a [PodNotFound](#PodNotFound) error will be returned. -# Containers in a pod are restarted independently. If there is an error restarting one container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was restarted with no errors, the pod ID is returned. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.RestartPod '{"name": "135d71b9495f"}' -# { -# "pod": "135d71b9495f7c3967f536edad57750bfdb569336cd107d8aabab45565ffcfb6" -# } -# ~~~ -method RestartPod(name: string) -> (pod: string) - -# KillPod takes the name or ID of a pod as well as a signal to be applied to the pod. If the pod cannot be found, a -# [PodNotFound](#PodNotFound) error is returned. -# Containers in a pod are killed independently. If there is an error killing one container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was killed with no errors, the pod ID is returned. -# See also [StopPod](StopPod). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.KillPod '{"name": "foobar", "signal": 15}' -# { -# "pod": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f" -# } -# ~~~ -method KillPod(name: string, signal: int) -> (pod: string) - -# PausePod takes the name or ID of a pod and pauses the running containers associated with it. If the pod cannot be found, -# a [PodNotFound](#PodNotFound) error will be returned. -# Containers in a pod are paused independently. If there is an error pausing one container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was paused with no errors, the pod ID is returned. -# See also [UnpausePod](#UnpausePod). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.PausePod '{"name": "foobar"}' -# { -# "pod": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f" -# } -# ~~~ -method PausePod(name: string) -> (pod: string) - -# UnpausePod takes the name or ID of a pod and unpauses the paused containers associated with it. If the pod cannot be -# found, a [PodNotFound](#PodNotFound) error will be returned. -# Containers in a pod are unpaused independently. If there is an error unpausing one container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was unpaused with no errors, the pod ID is returned. -# See also [PausePod](#PausePod). -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.UnpausePod '{"name": "foobar"}' -# { -# "pod": "1840835294cf076a822e4e12ba4152411f131bd869e7f6a4e8b16df9b0ea5c7f" -# } -# ~~~ -method UnpausePod(name: string) -> (pod: string) - -# RemovePod takes the name or ID of a pod as well a boolean representing whether a running -# container in the pod can be stopped and removed. If a pod has containers associated with it, and force is not true, -# an error will occur. -# If the pod cannot be found by name or ID, a [PodNotFound](#PodNotFound) error will be returned. -# Containers in a pod are removed independently. If there is an error removing any container, the ID of those containers -# will be returned in a list, along with the ID of the pod in a [PodContainerError](#PodContainerError). -# If the pod was removed with no errors, the pod ID is returned. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.RemovePod '{"name": "62f4fd98cb57", "force": "true"}' -# { -# "pod": "62f4fd98cb57f529831e8f90610e54bba74bd6f02920ffb485e15376ed365c20" -# } -# ~~~ -method RemovePod(name: string, force: bool) -> (pod: string) - -# This method has not be implemented yet. -# method WaitPod() -> (notimplemented: NotImplemented) - -method TopPod(pod: string, latest: bool, descriptors: []string) -> (stats: []string) - -# GetPodStats takes the name or ID of a pod and returns a pod name and slice of ContainerStats structure which -# contains attributes like memory and cpu usage. If the pod cannot be found, a [PodNotFound](#PodNotFound) -# error will be returned. If the pod has no running containers associated with it, a [NoContainerRunning](#NoContainerRunning) -# error will be returned. -# #### Example -# ~~~ -# $ varlink call unix:/run/podman/io.podman/io.podman.GetPodStats '{"name": "7f62b508b6f12b11d8fe02e"}' -# { -# "containers": [ -# { -# "block_input": 0, -# "block_output": 0, -# "cpu": 2.833470544016107524276e-08, -# "cpu_nano": 54363072, -# "id": "a64b51f805121fe2c5a3dc5112eb61d6ed139e3d1c99110360d08b58d48e4a93", -# "mem_limit": 12276146176, -# "mem_perc": 7.974359265237864966003e-03, -# "mem_usage": 978944, -# "name": "quirky_heisenberg", -# "net_input": 866, -# "net_output": 7388, -# "pids": 1, -# "system_nano": 20000000 -# } -# ], -# "pod": "7f62b508b6f12b11d8fe02e0db4de6b9e43a7d7699b33a4fc0d574f6e82b4ebd" -# } -# ~~~ -method GetPodStats(name: string) -> (pod: string, containers: []ContainerStats) - -# GetPodsByStatus searches for pods whose status is included in statuses -method GetPodsByStatus(statuses: []string) -> (pods: []string) - -# ImageExists talks a full or partial image ID or name and returns an int as to whether -# the image exists in local storage. An int result of 0 means the image does exist in -# local storage; whereas 1 indicates the image does not exists in local storage. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.ImageExists '{"name": "imageddoesntexist"}' -# { -# "exists": 1 -# } -# ~~~ -method ImageExists(name: string) -> (exists: int) - -# ImageTree returns the image tree for the provided image name or ID -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.ImageTree '{"name": "alpine"}' -# { -# "tree": "Image ID: e7d92cdc71fe\nTags: [docker.io/library/alpine:latest]\nSize: 5.861MB\nImage Layers\nāāā ID: 5216338b40a7 Size: 5.857MB Top Layer of: [docker.io/library/alpine:latest]\n" -# } -# ~~~ -method ImageTree(name: string, whatRequires: bool) -> (tree: string) - -# ContainerExists takes a full or partial container ID or name and returns an int as to -# whether the container exists in local storage. A result of 0 means the container does -# exists; whereas a result of 1 means it could not be found. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.ContainerExists '{"name": "flamboyant_payne"}'{ -# "exists": 0 -# } -# ~~~ -method ContainerExists(name: string) -> (exists: int) - -# ContainerCheckPoint performs a checkpopint on a container by its name or full/partial container -# ID. On successful checkpoint, the id of the checkpointed container is returned. -method ContainerCheckpoint(name: string, keep: bool, leaveRunning: bool, tcpEstablished: bool) -> (id: string) - -# ContainerRestore restores a container that has been checkpointed. The container to be restored can -# be identified by its name or full/partial container ID. A successful restore will result in the return -# of the container's ID. -method ContainerRestore(name: string, keep: bool, tcpEstablished: bool) -> (id: string) - -# ContainerRunlabel runs executes a command as described by a given container image label. -method ContainerRunlabel(runlabel: Runlabel) -> () - -# ExecContainer executes a command in the given container. -method ExecContainer(opts: ExecOpts) -> () - -# ListContainerMounts gathers all the mounted container mount points and returns them as an array -# of strings -# #### Example -# ~~~ -# $ varlink call unix:/run/podman/io.podman/io.podman.ListContainerMounts -# { -# "mounts": { -# "04e4c255269ed2545e7f8bd1395a75f7949c50c223415c00c1d54bfa20f3b3d9": "/var/lib/containers/storage/overlay/a078925828f57e20467ca31cfca8a849210d21ec7e5757332b72b6924f441c17/merged", -# "1d58c319f9e881a644a5122ff84419dccf6d138f744469281446ab243ef38924": "/var/lib/containers/storage/overlay/948fcf93f8cb932f0f03fd52e3180a58627d547192ffe3b88e0013b98ddcd0d2/merged" -# } -# } -# ~~~ -method ListContainerMounts() -> (mounts: [string]string) - -# MountContainer mounts a container by name or full/partial ID. Upon a successful mount, the destination -# mount is returned as a string. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.MountContainer '{"name": "jolly_shannon"}'{ -# "path": "/var/lib/containers/storage/overlay/419eeb04e783ea159149ced67d9fcfc15211084d65e894792a96bedfae0470ca/merged" -# } -# ~~~ -method MountContainer(name: string) -> (path: string) - -# UnmountContainer umounts a container by its name or full/partial container ID. -# #### Example -# ~~~ -# $ varlink call -m unix:/run/podman/io.podman/io.podman.UnmountContainer '{"name": "jolly_shannon", "force": false}' -# {} -# ~~~ -method UnmountContainer(name: string, force: bool) -> () - -# ImagesPrune removes all unused images from the local store. Upon successful pruning, -# the IDs of the removed images are returned. -method ImagesPrune(all: bool, filter: []string) -> (pruned: []string) - -# This function is not implemented yet. -# method ListContainerPorts(name: string) -> (notimplemented: NotImplemented) - -# GenerateKube generates a Kubernetes v1 Pod description of a Podman container or pod -# and its containers. The description is in YAML. See also [ReplayKube](ReplayKube). -method GenerateKube(name: string, service: bool) -> (pod: KubePodService) - -# ReplayKube recreates a pod and its containers based on a Kubernetes v1 Pod description (in YAML) -# like that created by GenerateKube. See also [GenerateKube](GenerateKube). -# method ReplayKube() -> (notimplemented: NotImplemented) - -# ContainerConfig returns a container's config in string form. This call is for -# development of Podman only and generally should not be used. -method ContainerConfig(name: string) -> (config: string) - -# ContainerArtifacts returns a container's artifacts in string form. This call is for -# development of Podman only and generally should not be used. -method ContainerArtifacts(name: string, artifactName: string) -> (config: string) - -# ContainerInspectData returns a container's inspect data in string form. This call is for -# development of Podman only and generally should not be used. -method ContainerInspectData(name: string, size: bool) -> (config: string) - -# ContainerStateData returns a container's state config in string form. This call is for -# development of Podman only and generally should not be used. -method ContainerStateData(name: string) -> (config: string) - -# PodStateData returns inspectr level information of a given pod in string form. This call is for -# development of Podman only and generally should not be used. -method PodStateData(name: string) -> (config: string) - -# This call is for the development of Podman only and should not be used. -method CreateFromCC(in: []string) -> (id: string) - -# Spec returns the oci spec for a container. This call is for development of Podman only and generally should not be used. -method Spec(name: string) -> (config: string) - -# Sendfile allows a remote client to send a file to the host -method SendFile(type: string, length: int) -> (file_handle: string) - -# ReceiveFile allows the host to send a remote client a file -method ReceiveFile(path: string, delete: bool) -> (len: int) - -# VolumeCreate creates a volume on a remote host -method VolumeCreate(options: VolumeCreateOpts) -> (volumeName: string) - -# VolumeRemove removes a volume on a remote host -method VolumeRemove(options: VolumeRemoveOpts) -> (successes: []string, failures: [string]string) - -# GetVolumes gets slice of the volumes on a remote host -method GetVolumes(args: []string, all: bool) -> (volumes: []Volume) - -# InspectVolume inspects a single volume. Returns inspect JSON in the form of a -# string. -method InspectVolume(name: string) -> (volume: string) - -# VolumesPrune removes unused volumes on the host -method VolumesPrune() -> (prunedNames: []string, prunedErrors: []string) - -# ImageSave allows you to save an image from the local image storage to a tarball -method ImageSave(options: ImageSaveOptions) -> (reply: MoreResponse) - -# GetPodsByContext allows you to get a list pod ids depending on all, latest, or a list of -# pod names. The definition of latest pod means the latest by creation date. In a multi- -# user environment, results might differ from what you expect. -method GetPodsByContext(all: bool, latest: bool, args: []string) -> (pods: []string) - -# LoadImage allows you to load an image into local storage from a tarball. -method LoadImage(name: string, inputFile: string, quiet: bool, deleteFile: bool) -> (reply: MoreResponse) - -# GetEvents returns known libpod events filtered by the options provided. -method GetEvents(filter: []string, since: string, until: string) -> (events: Event) - -# Diff returns a diff between libpod objects -method Diff(name: string) -> (diffs: []DiffInfo) - -# GetLayersMapWithImageInfo is for the development of Podman and should not be used. -method GetLayersMapWithImageInfo() -> (layerMap: string) - -# BuildImageHierarchyMap is for the development of Podman and should not be used. -method BuildImageHierarchyMap(name: string) -> (imageInfo: string) - -# ImageNotFound means the image could not be found by the provided name or ID in local storage. -error ImageNotFound (id: string, reason: string) - -# ContainerNotFound means the container could not be found by the provided name or ID in local storage. -error ContainerNotFound (id: string, reason: string) - -# NoContainerRunning means none of the containers requested are running in a command that requires a running container. -error NoContainerRunning () - -# PodNotFound means the pod could not be found by the provided name or ID in local storage. -error PodNotFound (name: string, reason: string) - -# VolumeNotFound means the volume could not be found by the name or ID in local storage. -error VolumeNotFound (id: string, reason: string) - -# PodContainerError means a container associated with a pod failed to perform an operation. It contains -# a container ID of the container that failed. -error PodContainerError (podname: string, errors: []PodContainerErrorData) - -# NoContainersInPod means a pod has no containers on which to perform the operation. It contains -# the pod ID. -error NoContainersInPod (name: string) - -# InvalidState indicates that a container or pod was in an improper state for the requested operation -error InvalidState (id: string, reason: string) - -# ErrorOccurred is a generic error for an error that occurs during the execution. The actual error message -# is includes as part of the error's text. -error ErrorOccurred (reason: string) - -# RuntimeErrors generally means a runtime could not be found or gotten. -error RuntimeError (reason: string) - -# The Podman endpoint requires that you use a streaming connection. -error WantsMoreRequired (reason: string) - -# Container is already stopped -error ErrCtrStopped (id: string) - -# This function requires CGroupsV2 to run in rootless mode. -error ErrRequiresCgroupsV2ForRootless(reason: string) |