diff options
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/podman/cliconfig/config.go | 6 | ||||
| -rw-r--r-- | cmd/podman/commands.go | 3 | ||||
| -rw-r--r-- | cmd/podman/common.go | 4 | ||||
| -rw-r--r-- | cmd/podman/push.go | 5 | ||||
| -rw-r--r-- | cmd/podman/service.go | 154 | ||||
| -rw-r--r-- | cmd/podman/service_dummy.go | 11 | ||||
| -rw-r--r-- | cmd/podman/shared/create.go | 6 | ||||
| -rw-r--r-- | cmd/podman/shared/pod.go | 56 | ||||
| -rw-r--r-- | cmd/podman/varlink.go | 2 | ||||
| -rw-r--r-- | cmd/service/main.go | 55 |
10 files changed, 208 insertions, 94 deletions
diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go index b261599e6..6bc8aa4a3 100644 --- a/cmd/podman/cliconfig/config.go +++ b/cmd/podman/cliconfig/config.go @@ -599,6 +599,12 @@ type VarlinkValues struct { Timeout int64 } +type ServiceValues struct { + PodmanCommand + Varlink bool + Timeout int64 +} + type SetTrustValues struct { PodmanCommand PolicyPath string diff --git a/cmd/podman/commands.go b/cmd/podman/commands.go index 31f1b3ba4..ebd7aeb0c 100644 --- a/cmd/podman/commands.go +++ b/cmd/podman/commands.go @@ -26,6 +26,9 @@ func getMainCommands() []*cobra.Command { if len(_varlinkCommand.Use) > 0 { rootCommands = append(rootCommands, _varlinkCommand) } + if len(_serviceCommand.Use) > 0 { + rootCommands = append(rootCommands, _serviceCommand) + } return rootCommands } diff --git a/cmd/podman/common.go b/cmd/podman/common.go index 8690be64f..46feae90d 100644 --- a/cmd/podman/common.go +++ b/cmd/podman/common.go @@ -12,7 +12,7 @@ import ( "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/rootless" "github.com/containers/libpod/pkg/sysinfo" - "github.com/fatih/camelcase" + "github.com/containers/libpod/pkg/util/camelcase" jsoniter "github.com/json-iterator/go" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -158,7 +158,7 @@ func getCreateFlags(c *cliconfig.PodmanCommand) { ) createFlags.String( "cgroups", "enabled", - "control container cgroup configuration", + `control container cgroup configuration ("enabled"|"disabled"|"no-conmon")`, ) createFlags.String( "cgroup-parent", "", diff --git a/cmd/podman/push.go b/cmd/podman/push.go index 1be8dfe11..b078959ba 100644 --- a/cmd/podman/push.go +++ b/cmd/podman/push.go @@ -100,7 +100,8 @@ func pushCmd(c *cliconfig.PushValues) error { // --compress and --format can only be used for the "dir" transport splitArg := strings.SplitN(destName, ":", 2) - if c.Flag("compress").Changed || c.Flag("format").Changed { + + if c.IsSet("compress") || c.Flag("format").Changed { if splitArg[0] != directory.Transport.Name() { return errors.Errorf("--compress and --format can be set only when pushing to a directory using the 'dir' transport") } @@ -141,7 +142,7 @@ func pushCmd(c *cliconfig.PushValues) error { DockerRegistryCreds: registryCreds, DockerCertPath: certPath, } - if c.Flag("tls-verify").Changed { + if c.IsSet("tls-verify") { dockerRegistryOptions.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.TlsVerify) } diff --git a/cmd/podman/service.go b/cmd/podman/service.go new file mode 100644 index 000000000..6e2b4a366 --- /dev/null +++ b/cmd/podman/service.go @@ -0,0 +1,154 @@ +// +build varlink,!remoteclient + +package main + +import ( + "fmt" + "net" + "os" + "path/filepath" + "strings" + "time" + + "github.com/containers/libpod/cmd/podman/cliconfig" + "github.com/containers/libpod/cmd/podman/libpodruntime" + iopodman "github.com/containers/libpod/cmd/podman/varlink" + "github.com/containers/libpod/libpod" + "github.com/containers/libpod/pkg/adapter" + api "github.com/containers/libpod/pkg/api/server" + "github.com/containers/libpod/pkg/rootless" + "github.com/containers/libpod/pkg/util" + "github.com/containers/libpod/pkg/varlinkapi" + "github.com/containers/libpod/version" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" + "github.com/spf13/cobra" + "github.com/varlink/go/varlink" +) + +var ( + serviceCommand cliconfig.ServiceValues + serviceDescription = `Run an API service + +Enable a listening service for API access to Podman commands. +` + + _serviceCommand = &cobra.Command{ + Use: "service [flags] [URI]", + Short: "Run API service", + Long: serviceDescription, + RunE: func(cmd *cobra.Command, args []string) error { + serviceCommand.InputArgs = args + serviceCommand.GlobalFlags = MainGlobalOpts + return serviceCmd(&serviceCommand) + }, + } +) + +func init() { + serviceCommand.Command = _serviceCommand + serviceCommand.SetHelpTemplate(HelpTemplate()) + serviceCommand.SetUsageTemplate(UsageTemplate()) + flags := serviceCommand.Flags() + flags.Int64VarP(&serviceCommand.Timeout, "timeout", "t", 1000, "Time until the service session expires in milliseconds. Use 0 to disable the timeout") + flags.BoolVar(&serviceCommand.Varlink, "varlink", false, "Use legacy varlink service instead of REST") +} + +func serviceCmd(c *cliconfig.ServiceValues) error { + // For V2, default to the REST socket + apiURI := adapter.DefaultAPIAddress + if c.Varlink { + apiURI = adapter.DefaultVarlinkAddress + } + + if rootless.IsRootless() { + xdg, err := util.GetRuntimeDir() + if err != nil { + return err + } + socketName := "podman.sock" + if c.Varlink { + socketName = "io.podman" + } + socketDir := filepath.Join(xdg, "podman", socketName) + if _, err := os.Stat(filepath.Dir(socketDir)); err != nil { + if os.IsNotExist(err) { + if err := os.Mkdir(filepath.Dir(socketDir), 0755); err != nil { + return err + } + } else { + return err + } + } + apiURI = fmt.Sprintf("unix:%s", socketDir) + } + + if len(c.InputArgs) > 0 { + apiURI = c.InputArgs[0] + } + + logrus.Infof("using API endpoint: %s", apiURI) + + // Create a single runtime api consumption + runtime, err := libpodruntime.GetRuntimeDisableFDs(getContext(), &c.PodmanCommand) + if err != nil { + return errors.Wrapf(err, "error creating libpod runtime") + } + defer runtime.DeferredShutdown(false) + + timeout := time.Duration(c.Timeout) * time.Millisecond + if c.Varlink { + return runVarlink(runtime, apiURI, timeout, c) + } + return runREST(runtime, apiURI, timeout) +} + +func runREST(r *libpod.Runtime, uri string, timeout time.Duration) error { + logrus.Warn("This function is EXPERIMENTAL") + fmt.Println("This function is EXPERIMENTAL.") + fields := strings.Split(uri, ":") + if len(fields) == 1 { + return errors.Errorf("%s is an invalid socket destination", uri) + } + address := strings.Join(fields[1:], ":") + l, err := net.Listen(fields[0], address) + if err != nil { + return errors.Wrapf(err, "unable to create socket %s", uri) + } + server, err := api.NewServerWithSettings(r, timeout, &l) + if err != nil { + return err + } + return server.Serve() +} + +func runVarlink(r *libpod.Runtime, uri string, timeout time.Duration, c *cliconfig.ServiceValues) error { + var varlinkInterfaces = []*iopodman.VarlinkInterface{varlinkapi.New(&c.PodmanCommand, r)} + service, err := varlink.NewService( + "Atomic", + "podman", + version.Version, + "https://github.com/containers/libpod", + ) + if err != nil { + return errors.Wrapf(err, "unable to create new varlink service") + } + + for _, i := range varlinkInterfaces { + if err := service.RegisterInterface(i); err != nil { + return errors.Errorf("unable to register varlink interface %v", i) + } + } + + // Run the varlink server at the given address + if err = service.Listen(uri, timeout); err != nil { + switch err.(type) { + case varlink.ServiceTimeoutError: + logrus.Infof("varlink service expired (use --timeout to increase session time beyond %d ms, 0 means never timeout)", timeout.String()) + return nil + default: + return errors.Wrapf(err, "unable to start varlink service") + } + } + return nil +} diff --git a/cmd/podman/service_dummy.go b/cmd/podman/service_dummy.go new file mode 100644 index 000000000..a774c34de --- /dev/null +++ b/cmd/podman/service_dummy.go @@ -0,0 +1,11 @@ +// +build !varlink + +package main + +import "github.com/spf13/cobra" + +var ( + _serviceCommand = &cobra.Command{ + Use: "", + } +) diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index 15d6bddbb..2f637694b 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -31,9 +31,9 @@ import ( "github.com/sirupsen/logrus" ) -// seccompAnnotationKey is the key of the image annotation embedding a seccomp +// seccompLabelKey is the key of the image annotation embedding a seccomp // profile. -const seccompAnnotationKey = "io.containers.seccomp.profile" +const seccompLabelKey = "io.containers.seccomp.profile" func CreateContainer(ctx context.Context, c *GenericCLIResults, runtime *libpod.Runtime) (*libpod.Container, *cc.CreateConfig, error) { var ( @@ -709,7 +709,7 @@ func ParseCreateOpts(ctx context.Context, c *GenericCLIResults, runtime *libpod. // SECCOMP if data != nil { - if value, exists := data.Annotations[seccompAnnotationKey]; exists { + if value, exists := labels[seccompLabelKey]; exists { secConfig.SeccompProfileFromImage = value } } diff --git a/cmd/podman/shared/pod.go b/cmd/podman/shared/pod.go index d8d69c8fc..7b0b497fc 100644 --- a/cmd/podman/shared/pod.go +++ b/cmd/podman/shared/pod.go @@ -10,14 +10,8 @@ import ( "github.com/pkg/errors" ) -const ( - PodStateStopped = "Stopped" - PodStateRunning = "Running" - PodStatePaused = "Paused" - PodStateExited = "Exited" - PodStateErrored = "Error" - PodStateCreated = "Created" -) +// TODO GetPodStatus and CreatePodStatusResults should removed once the adapter +// and shared packages are reworked. It has now been duplicated in libpod proper. // GetPodStatus determines the status of the pod based on the // statuses of the containers in the pod. @@ -25,7 +19,7 @@ const ( func GetPodStatus(pod *libpod.Pod) (string, error) { ctrStatuses, err := pod.Status() if err != nil { - return PodStateErrored, err + return define.PodStateErrored, err } return CreatePodStatusResults(ctrStatuses) } @@ -33,45 +27,45 @@ func GetPodStatus(pod *libpod.Pod) (string, error) { func CreatePodStatusResults(ctrStatuses map[string]define.ContainerStatus) (string, error) { ctrNum := len(ctrStatuses) if ctrNum == 0 { - return PodStateCreated, nil + return define.PodStateCreated, nil } statuses := map[string]int{ - PodStateStopped: 0, - PodStateRunning: 0, - PodStatePaused: 0, - PodStateCreated: 0, - PodStateErrored: 0, + define.PodStateStopped: 0, + define.PodStateRunning: 0, + define.PodStatePaused: 0, + define.PodStateCreated: 0, + define.PodStateErrored: 0, } for _, ctrStatus := range ctrStatuses { switch ctrStatus { case define.ContainerStateExited: fallthrough case define.ContainerStateStopped: - statuses[PodStateStopped]++ + statuses[define.PodStateStopped]++ case define.ContainerStateRunning: - statuses[PodStateRunning]++ + statuses[define.PodStateRunning]++ case define.ContainerStatePaused: - statuses[PodStatePaused]++ + statuses[define.PodStatePaused]++ case define.ContainerStateCreated, define.ContainerStateConfigured: - statuses[PodStateCreated]++ + statuses[define.PodStateCreated]++ default: - statuses[PodStateErrored]++ + statuses[define.PodStateErrored]++ } } switch { - case statuses[PodStateRunning] > 0: - return PodStateRunning, nil - case statuses[PodStatePaused] == ctrNum: - return PodStatePaused, nil - case statuses[PodStateStopped] == ctrNum: - return PodStateExited, nil - case statuses[PodStateStopped] > 0: - return PodStateStopped, nil - case statuses[PodStateErrored] > 0: - return PodStateErrored, nil + case statuses[define.PodStateRunning] > 0: + return define.PodStateRunning, nil + case statuses[define.PodStatePaused] == ctrNum: + return define.PodStatePaused, nil + case statuses[define.PodStateStopped] == ctrNum: + return define.PodStateExited, nil + case statuses[define.PodStateStopped] > 0: + return define.PodStateStopped, nil + case statuses[define.PodStateErrored] > 0: + return define.PodStateErrored, nil default: - return PodStateCreated, nil + return define.PodStateCreated, nil } } diff --git a/cmd/podman/varlink.go b/cmd/podman/varlink.go index cd21e3574..047d94fc2 100644 --- a/cmd/podman/varlink.go +++ b/cmd/podman/varlink.go @@ -51,7 +51,7 @@ func init() { } func varlinkCmd(c *cliconfig.VarlinkValues) error { - varlinkURI := adapter.DefaultAddress + varlinkURI := adapter.DefaultVarlinkAddress if rootless.IsRootless() { xdg, err := util.GetRuntimeDir() if err != nil { diff --git a/cmd/service/main.go b/cmd/service/main.go deleted file mode 100644 index 0290de892..000000000 --- a/cmd/service/main.go +++ /dev/null @@ -1,55 +0,0 @@ -package main - -import ( - "context" - "fmt" - "os" - - "github.com/containers/libpod/cmd/podman/cliconfig" - "github.com/containers/libpod/cmd/podman/libpodruntime" - api "github.com/containers/libpod/pkg/api/server" - "github.com/containers/storage/pkg/reexec" - log "github.com/sirupsen/logrus" - "github.com/spf13/cobra" -) - -func initConfig() { - // we can do more stuff in here. -} - -func main() { - if reexec.Init() { - // We were invoked with a different argv[0] indicating that we - // had a specific job to do as a subprocess, and it's done. - return - } - - cobra.OnInitialize(initConfig) - log.SetLevel(log.DebugLevel) - - config := cliconfig.PodmanCommand{ - Command: &cobra.Command{}, - InputArgs: []string{}, - GlobalFlags: cliconfig.MainFlags{}, - Remote: false, - } - // Create a single runtime for http - runtime, err := libpodruntime.GetRuntimeDisableFDs(context.Background(), &config) - if err != nil { - fmt.Printf("error creating libpod runtime: %s", err.Error()) - os.Exit(1) - } - defer runtime.DeferredShutdown(false) - - server, err := api.NewServer(runtime) - if err != nil { - fmt.Println(err.Error()) - os.Exit(1) - } - - err = server.Serve() - if err != nil { - fmt.Println(err.Error()) - os.Exit(1) - } -} |