diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/links-to-html.lua | 5 | ||||
| -rw-r--r-- | docs/podman-remote.1.md | 4 | ||||
| -rw-r--r-- | docs/podman-remote.conf.5.md | 4 | ||||
| -rwxr-xr-x | docs/podman-remote.sh | 105 | ||||
| -rw-r--r-- | docs/tutorials/README.md | 10 | ||||
| -rw-r--r-- | docs/tutorials/mac_client.md | 99 | ||||
| -rw-r--r-- | docs/tutorials/podman_tutorial.md | 3 | ||||
| -rw-r--r-- | docs/tutorials/remote_client.md | 77 |
8 files changed, 298 insertions, 9 deletions
diff --git a/docs/links-to-html.lua b/docs/links-to-html.lua new file mode 100644 index 000000000..74072a9e4 --- /dev/null +++ b/docs/links-to-html.lua @@ -0,0 +1,5 @@ +# links-to-html.lua +function Link(el) + el.target = string.gsub(el.target, "%.1.md", ".html") + return el +end diff --git a/docs/podman-remote.1.md b/docs/podman-remote.1.md index 84042a842..04010abaf 100644 --- a/docs/podman-remote.1.md +++ b/docs/podman-remote.1.md @@ -35,6 +35,10 @@ Print usage statement Log messages above specified level: debug, info, warn, error (default), fatal or panic +**--port**=*integer* + +Use an alternative port for the ssh connections. The default port is 22 + **--remote-config-path**=*path* Alternate path for configuration file diff --git a/docs/podman-remote.conf.5.md b/docs/podman-remote.conf.5.md index 3e1cffb02..3c8a1a801 100644 --- a/docs/podman-remote.conf.5.md +++ b/docs/podman-remote.conf.5.md @@ -22,6 +22,9 @@ of the user's remote connections. Denotes whether the connection is the default connection for the user. The default connection is used when the user does not specify a destination or connection name to `podman`. +**port** = int + Use an alternative port for the ssh connections. The default port is 22. + ## EXAMPLE @@ -37,6 +40,7 @@ is designated as the default connection. [connections.host2] destination = "192.168.122.133" username = "fedora" + port = 2222 ``` ## FILES diff --git a/docs/podman-remote.sh b/docs/podman-remote.sh index db3bb6d50..2f8e76d1b 100755 --- a/docs/podman-remote.sh +++ b/docs/podman-remote.sh @@ -1,11 +1,100 @@ -#!/bin/sh +#!/bin/bash -e +# Assemble remote man pages for darwin or windows from markdown files -BREWDIR=$1 -mkdir -p $BREWDIR -docs() { -[ -z $1 ] || type="-$1" -for i in $(podman-remote $1 --help | sed -n '/^Available Commands:/,/^Flags:/p'| sed -e '1d;$d' -e '/^$/d' | awk '{print $1}'); do install podman$type-$i.1 $BREWDIR 2>/dev/null || install links/podman$type-$i.1 $BREWDIR; done +PLATFORM=$1 ## windows or darwin +TARGET=$2 ## where to output files +SOURCES=${@:3} ## directories to find markdown files + +PODMAN=${PODMAN:-bin/podman-remote} ## location overridden for testing + +function usage() { + echo >&2 "$0 PLATFORM TARGET SOURCES..." + echo >&2 "PLATFORM: Is either darwin or windows." + echo >&2 "TARGET: Is the directory where files will be staged." + echo >&2 "SOURCES: Are the directories to source markdown files." +} + +function fail() { + echo >&2 -e "$@\n" + usage + exit 1 +} + +case $PLATFORM in +'darwin') + EXT=1 + PUBLISHER=darwin_fn + ;; +'windows') + EXT=1.md + PUBLISHER=windows_fn + ;; +'-help') + usage + exit 0 + ;; +*) fail '"darwin" and "windows" are currently the only supported platforms.' ;; +esac + +if [[ -z $TARGET ]]; then + fail 'TARGET directory is required' +fi + +if [[ -z $SOURCES ]]; then + fail 'At least one SOURCE directory is required' +fi + +if [[ ! -x $PODMAN ]]; then + fail "$PODMAN does not exist" +fi + +## darwin_fn copies the markdown page or link to flattened directory +function darwin_fn() { + local markdown=$1 + local file=$(basename $markdown) + local dir=$(dirname $markdown) + + if [[ -f $dir/links/$file ]]; then + markdown=$dir/links/$file + fi + install $markdown $TARGET +} + +## windows_fn converts the markdown page or link to HTML +function windows_fn() { + local markdown=$1 + local file=$(basename $markdown) + local dir=$(dirname $markdown) + + if [[ ! -f $markdown ]]; then + local link=$(sed -e 's?.so man1/\(.*\)?\1?' <$dir/links/${file%.md}) + markdown=$dir/$link.md + fi + pandoc --ascii --lua-filter=$dir/links-to-html.lua -o $TARGET/${file%.$EXT}.html $markdown +} + +## pub_pages finds and publishes the remote manual pages +function pub_pages() { + local source=$1 + local publisher=$2 + for f in $(ls $source/podman-remote*$EXT); do + $publisher $f + done + + for c in "container" "image" "pod" "volume" ""; do + local cmd=${c:+-$c} + for s in $($PODMAN $c --help | sed -n '/^Available Commands:/,/^Flags:/p' | sed -e '1d;$d' -e '/^$/d' | awk '{print $1}'); do + $publisher $source/podman$cmd-$s.$EXT + done + done } -docs -for cmd in 'container image pod volume'; do docs $cmd; done +## walk the SOURCES for markdown sources +mkdir -p $TARGET +for s in $SOURCES; do + if [[ -d $s ]]; then + pub_pages $s $PUBLISHER + else + echo >&2 "Warning: $s does not exist" + fi +done diff --git a/docs/tutorials/README.md b/docs/tutorials/README.md index 925cfb970..c340d683f 100644 --- a/docs/tutorials/README.md +++ b/docs/tutorials/README.md @@ -8,6 +8,14 @@ Learn how to setup Podman and perform some basic commands with the utility. -**[Basic Setup and Use of Podman in a Rootless environment.](https://github.com/containers/libpod/blob/master/docs/tutorials/rootless_tutorial.md). +**[Basic Setup and Use of Podman in a Rootless environment.](https://github.com/containers/libpod/blob/master/docs/tutorials/rootless_tutorial.md).** The steps required to setup rootless Podman are enumerated. + +**[Setup on OS X](https://github.com/containers/libpod/blob/master/doc/tutorials/mac_client.md)** + +Special setup for running the Podman remote client on a Mac and connecting to Podman running on a Linux VM are documented + +**[Remote Client](https://github.com/containers/libpod/blob/master/doc/tutorials/remote_client.md)** + +A brief how-to on using the Podman remote-client. diff --git a/docs/tutorials/mac_client.md b/docs/tutorials/mac_client.md new file mode 100644 index 000000000..bf08e8cc1 --- /dev/null +++ b/docs/tutorials/mac_client.md @@ -0,0 +1,99 @@ +# Podman Mac Client tutorial + +## What is the Podman Mac Client + +First and foremost, the Mac Client is under heavy development. We are working on getting the +Mac client to be packaged and run for a native-like experience. This is the setup tutorial +for the Mac client at its current stage of development and packaging. + +The purpose of the Mac client for Podman is to allow users to run Podman on a Mac. Since Podman is a Linux +container engine, The Mac client is actually a version of the [Podman-remote client](remote_client.md), +edited to that the client side works on a Mac machine, and connects to a Podman "backend" on a Linux +machine, virtual or physical. The goal is to have a native-like experience when working with the Mac +client, so the command line interface of the remote client is exactly the same as the regular Podman +commands with the exception of some flags and commands that do not apply to the Mac client. + +## What you need + +To use the Mac client, you will need a binary built for MacOS and a Podman "backend" on a Linux machine; +hereafter referred to as the Podman node. In this context, a Podman node is a Linux system with Podman +installed on it and the varlink service activated. You will also need to be able to ssh into this +system as a user with privileges to the varlink socket (more on this later). + +For best results, use the most recent version of MacOS + +## Getting the Mac client +The Mac client is available through [Homebrew](https://brew.sh/). +``` +$ brew cask install podman +``` + +## Setting up the client and Podman node connection + +To use the Mac client, you must perform some setup on both the Mac and Podman nodes. In this case, +the Mac node refers to the Mac on which Podman is being run; and the Podman node refers to where +Podman and its storage reside. + +### Connection settings +Your Linux box must have ssh enabled, and you must copy your Mac's public key from `~/.sconf sh/id.pub` to +`/root/.ssh/authorized_keys` on your Linux box using `ssh-copy-id` This allows for the use of SSH keys +for remote access. + +You may need to edit your `/etc/ssh/sshd_config` in your Linux machine as follows: +``` +PermitRootLogin yes +``` + +Use of SSH keys are strongly encouraged to ensure a secure login. However, if you wish to avoid ‘logging in’ every +time you run a Podman command, you may edit your `/etc/ssh/sshd_config` on your Linux machine as follows: +``` +PasswordAuthentication no +PermitRootLogin without-password +``` + +### Podman node setup +The Podman node must be running a Linux distribution that supports Podman and must have Podman (not the Mac +client) installed. You must also have root access to the node. Check if your system uses systemd: +``` +$cat /proc/1/comm +systemd +``` +If it does, then simply start the Podman varlink socket: +``` +$ sudo systemctl start io.podman.socket +$ sudo systemctl enable io.podman.socket +``` + +If your system cannot use systemd, then you can manually establish the varlink socket with the Podman +command: +``` +$ sudo podman --log-level debug varlink --timeout 0 unix://run/podman/io.podman +``` + +### Required permissions +For now, the Mac client requires that you be able to run a privileged Podman and have privileged ssh +access to the remote system. This limitation is being worked on. + +#### Running the remote client +There are three different ways to pass connection information into the client: flags, conf file, and +environment variables. All three require information on username and a remote host ip address. Most often, +your username should be root and you can obtain your remote-host-ip using `ip addr` + +To connect using flags, you can use +``` +$ podman --remote-host remote-host-ip --username root images +REPOSITORY TAG IMAGE ID CREATED SIZE +quay.io/podman/stable latest 9c1e323be87f 10 days ago 414 MB +localhost/test latest 4b8c27c343e1 4 weeks ago 253 MB +k8s.gcr.io/pause 3.1 da86e6ba6ca1 20 months ago 747 kB +``` +If the conf file is set up, you may simply use Podman as you would on the linux machine. Take a look at +[podman-remote.conf.5.md](https://github.com/containers/libpod/blob/master/docs/podman-remote.conf.5.md) on how to use the conf file: + +``` +$ podman images +REPOSITORY TAG IMAGE ID CREATED SIZE +quay.io/podman/stable latest 9c1e323be87f 10 days ago 414 MB +localhost/test latest 4b8c27c343e1 4 weeks ago 253 MB +k8s.gcr.io/pause 3.1 da86e6ba6ca1 20 months ago 747 kB +``` diff --git a/docs/tutorials/podman_tutorial.md b/docs/tutorials/podman_tutorial.md index d2f8e08fa..559d25d6a 100644 --- a/docs/tutorials/podman_tutorial.md +++ b/docs/tutorials/podman_tutorial.md @@ -5,6 +5,9 @@ Podman is a utility provided as part of the libpod library. It can be used to c containers. The following tutorial will teach you how to set up Podman and perform some basic commands with Podman. +If you are running on a Mac, you should instead follow the [Mac tutorial](https://github.com/containers/libpod/blob/master/mac_client.md) +to set up the remote Podman client. + **NOTE**: the code samples are intended to be run as a non-root user, and use `sudo` where root escalation is required. diff --git a/docs/tutorials/remote_client.md b/docs/tutorials/remote_client.md new file mode 100644 index 000000000..197ff3d26 --- /dev/null +++ b/docs/tutorials/remote_client.md @@ -0,0 +1,77 @@ +# Podman remote-client tutorial + +## What is the remote-client + +First and foremost, the remote-client is under heavy development. We are adding new +commands and functions frequently. We also are working on a rootless implementation that +does not require privileged users. + +The purpose of the Podman remote-client is to allow users to interact with a Podman "backend" +while on a separate client. The command line interface of the remote client is exactly the +same as the regular Podman commands with the exception of some flags being removed as they +do not apply to the remote-client. + +## What you need +To use the remote-client, you will need a binary for your client and a Podman "backend"; hereafter +referred to as the Podman node. In this context, a Podman node is a Linux system with Podman +installed on it and the varlink service activated. You will also need to be able to ssh into this +system as a user with privileges to the varlink socket (more on this later). + +## Building the remote client +At this time, the remote-client is not being packaged for any distribution. It must be built from +source. To set up your build environment, see [Installation notes](https://github.com/containers/libpod/blob/master/install.md) and follow the +section [Building from scratch](https://github.com/containers/libpod/blob/master/install.md#building-from-scratch). Once you can successfully +build the regular Podman binary, you can now build the remote-client. +``` +$ make podman-remote +``` +Like building the regular Podman, the resulting binary will be in the *bin* directory. This is the binary +you will run on the remote node later in the instructions. + +## Setting up the remote and Podman nodes + +To use the remote-client, you must perform some setup on both the remote and Podman nodes. In this case, +the remote node refers to where the remote-client is being run; and the Podman node refers to where +Podman and its storage reside. + +### Podman node setup +The Podman node must have Podman (not the remote-client) installed as normal. If your system uses systemd, +then simply start the Podman varlink socket. +``` +$ sudo systemctl start io.podman.socket +``` + +If your system cannot use systemd, then you can manually establish the varlink socket with the Podman +command: +``` +$ sudo podman --log-level debug varlink --timeout 0 unix://run/podman/io.podman +``` + +### Required permissions +For now, the remote-client requires that you be able to run a privileged Podman and have privileged ssh +access to the remote system. This limitation is being worked on. + +### Remote node setup + +#### Initiate an ssh session to the Podman node +To use the remote client, we must establish an ssh connection to the Podman server. We will also use +that session to bind the remote varlink socket locally. + +``` +$ ssh -L 127.0.0.1:1234:/run/podman/io.podman root@remotehost +``` +Note here we are binding the Podman socket to a local TCP socket on port 1234. + +#### Running the remote client +With the ssh session established, we can now run the remote client in a different terminal window. You +must inform Podman where to look for the bound socket you created in the previous step using an +environment variable. + +``` +$ PODMAN_VARLINK_ADDRESS="tcp:127.0.0.1:1234" bin/podman-remote images +REPOSITORY TAG IMAGE ID CREATED SIZE +docker.io/library/ubuntu latest 47b19964fb50 2 weeks ago 90.7 MB +docker.io/library/alpine latest caf27325b298 3 weeks ago 5.8 MB +quay.io/cevich/gcloud_centos latest 641dad61989a 5 weeks ago 489 MB +k8s.gcr.io/pause 3.1 da86e6ba6ca1 14 months ago 747 kB +``` |