summaryrefslogtreecommitdiff
path: root/cmd/podman/networks
Commit message (Collapse)AuthorAge
* Wire network interface into libpodPaul Holzinger2021-09-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make use of the new network interface in libpod. This commit contains several breaking changes: - podman network create only outputs the new network name and not file path. - podman network ls shows the network driver instead of the cni version and plugins. - podman network inspect outputs the new network struct and not the cni conflist. - The bindings and libpod api endpoints have been changed to use the new network structure. The container network status is stored in a new field in the state. The status should be received with the new `c.getNetworkStatus`. This will migrate the old status to the new format. Therefore old containers should contine to work correctly in all cases even when network connect/ disconnect is used. New features: - podman network reload keeps the ip and mac for more than one network. - podman container restore keeps the ip and mac for more than one network. - The network create compat endpoint can now use more than one ipam config. The man pages and the swagger doc are updated to reflect the latest changes. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* network create: add warning for deprecated macvlan flagPaul Holzinger2021-09-07
| | | | | | | | | | | | The macvlan driver is not deprecated, only the --macvlan flag is. Remove the flag from the man page since it is deprecated and add a warning to podman network create if it is used. [NO TESTS NEEDED] Fixes #11400 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* InfraContainer Reworkcdoern2021-08-26
| | | | | | | | | | InfraContainer should go through the same creation process as regular containers. This change was from the cmd level down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state) Signed-off-by: cdoern <cdoern@redhat.com>
* Scrub podman commands to use report packageJhon Honce2021-06-16
| | | | | | | | | | | | | | | | Refactor podman commands that have drifted from using c/common report pkg. Report pkg is needed to implement go template functions. Removed obsolete code from podman which exists in c/common. Latest template library added default newlines and method to remove them. Incorporated needed changes in c/common PR below. Depends on https://github.com/containers/common/pull/624 Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1855983 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* [Techinal Debt] Cleanup ABI vs. Tunnel CLI commandsJhon Honce2021-05-27
| | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] This commit cleans up two issues: * Most commands support all EngineModes so default to that. Let outlayers declare their intent. * Use cobra.Annotations to set supported EngineMode. This simplies instantiating commands as there is now one method to communicate a commands requirements rather than two. * Combined aliased commands into one file * Fixed aliased commands where Args field did not match * Updated examples in README.md for writing commands * Remove redundant flag DisableFlagsInUseLine in cobra.Command initialization. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #10328 from Luap99/completionsOpenShift Merge Robot2021-05-17
|\ | | | | Several shell completion fixes
| * Several shell completion fixesPaul Holzinger2021-05-17
| | | | | | | | | | | | | | | | | | | | - fix network filters - add prune filters - pod create --share support comma separated namespaces [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | podman network reload add rootless supportPaul Holzinger2021-05-17
|/ | | | | | | | | | Allow podman network reload to be run as rootless user. While it is unlikely that the iptable rules are flushed inside the rootless cni namespace, it could still happen. Also fix podman network reload --all to ignore errors when a container does not have the bridge network mode, e.g. slirp4netns. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add support for cli network prune --filter flagJakub Guzik2021-05-12
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Add go template shell completion for --formatPaul Holzinger2021-04-22
| | | | | | | | | | | | | | | | | | | The --format flags accepts go template strings. I use this often but I consistently forget the field names. This commit adds a way to provide shell completion for the --format flag. It works by automatically receiving the field names with the reflect package from the given struct. This requires almost no maintenance since this ensures that we always use the correct field names. This also works for nested structs. ``` $ podman ps --format "{{.P" {{.Pid}} {{.PIDNS}} {{.Pod}} {{.PodName}} {{.Ports}} ``` NOTE: This only works when you use quotes otherwise the shell does not provide completions. Also this does not work for fish at the moment. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add --noheading flag to all list commandsDaniel J Walsh2021-04-21
| | | | | | | | | | Currently we have only podman images list --noheading. This PR Adds this option to volumes, containers, pods, networks, machines, and secrets. Fixes: https://github.com/containers/podman/issues/10065 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Split libpod/network packagePaul Holzinger2021-03-15
| | | | | | | | | | | | The `libpod/network` package should only be used on the backend and not the client. The client used this package only for two functions so move them into a new `pkg/network` package. This is needed so we can put linux only code into `libpod/network`, see #9710. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Updated based on Jhonce commentsParker Van Roy2021-02-24
| | | | | | | | | Added ID to default removed outdated imports slight refactor Test Network Headers added to network_test.go Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* Refactored fileParker Van Roy2021-02-24
| | | | | | | | moved --format to templateOut() Rm parse package except JSON Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* bump go module to v3Valentin Rothberg2021-02-22
| | | | | | | | | We missed bumping the go module, so let's do it now :) * Automated go code with github.com/sirkon/go-imports-rename * Manually via `vgrep podman/v2` the rest Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Enable whitespace linterPaul Holzinger2021-02-11
| | | | | | | | Use the whitespace linter and fix the reported problems. [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* add network prunebaude2021-02-06
| | | | | | | | | add the ability to prune unused cni networks. filters are not implemented but included both compat and podman api endpoints. Fixes :#8673 Signed-off-by: baude <bbaude@redhat.com>
* podman network existsPaul Holzinger2021-01-19
| | | | | | Add podman network exists command with remote support. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add system test for shell completionPaul Holzinger2020-12-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There exists a unit test to ensure that shell completion functions are defined. However there was no check about the quality of the provided shell completions. Lets change that. The idea is to create a general test that makes sure we are suggesting containers,pods,images... for the correct commands. This works by reading the command use line and checking for each arg if we provide the correct suggestions for this arg. It includes the following tests: - flag suggestions if [options] is set - container, pod, image, network, volume, registry completion - path completion for the appropriate arg KEYWORDS (`PATH`,`CONTEXT`,etc.) - no completion if there are no args - completion for more than one arg if it ends with `...]` The test does not cover completion values for flags and not every arg KEYWORD is supported. This is still a huge improvement and covers most use cases. This test spotted several inconsistencies between the completion and the command use line. All of them have been adjusted to make the test pass. The biggest advantage is that the completions always match the latest command changes. So if someone changes the arguments for a command this ensures that the completions must be adjusted. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Implement pod-network-reloadMatthew Heon2020-12-07
| | | | | | | | | | | | | | | | | | | | | | | This adds a new command, 'podman network reload', to reload the networks of existing containers, forcing recreation of firewall rules after e.g. `firewall-cmd --reload` wipes them out. Under the hood, this works by calling CNI to tear down the existing network, then recreate it using identical settings. We request that CNI preserve the old IP and MAC address in most cases (where the container only had 1 IP/MAC), but there will be some downtime inherent to the teardown/bring-up approach. The architecture of CNI doesn't really make doing this without downtime easy (or maybe even possible...). At present, this only works for root Podman, and only locally. I don't think there is much of a point to adding remote support (this is very much a local debugging command), but I think adding rootless support (to kill/recreate slirp4netns) could be valuable. Signed-off-by: Matthew Heon <matthew.heon@pm.me> Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add support for network idsPaul Holzinger2020-12-02
| | | | | | | | | | | | | | | | | | | The network ID is not stored. It is just the sha256 hash from the network name. There is a risk of a potential hash collision. However it's very unlikely and even if we hit this it will complain that more than network with this ID exists. The main benefit is that the compat api can have proper network ID support. Also this adds the support for `podman network ls --format "{{.ID}}"` and `--filter id=<ID>`. It also ensures that we can do network rm <ID> and network inspect <ID>. Since we use a hash this commit is backwards compatible even for already existing networks. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Add podman network create option for bridge mtuAnders F Björklund2020-12-01
| | | | Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* podman network label supportPaul Holzinger2020-11-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add label support for podman network create. Use the `args` field in the cni config file to store the podman labels. Use `podman_labels` as key name and store the labels as map[string]string. For reference: https://github.com/containernetworking/cni/blob/master/CONVENTIONS.md#args-in-network-config https://github.com/containernetworking/cni/blob/spec-v0.4.0/SPEC.md#network-configuration Example snippet: ``` ... "args": { "podman_labels": { "key1":"value1", "key2":"value2" } } ... ``` Make podman network list support several filters. Supported filters are name, plugin, driver and label. Filters with different keys work exclusive. Several label filters work exclusive and the other filter keys are working inclusive. Also adjust the compat api to support labels in network create and list. Breaking changes: - podman network ls -f shortform is used for --filter instead --format This matches docker and other podman commands (container ps, volume ps) - libpod network list endpoint filter parameter is removed. Instead the filters paramter should be used as json encoded map[string][]string. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* more shell completion improvementsPaul Holzinger2020-11-23
| | | | | | | | | | * podman image ls --filter * podman network ls --filter * podman volume ls --filter * podman network connect/disconnect * podman events --filter Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #8404 from rhatdan/rmOpenShift Merge Robot2020-11-20
|\ | | | | Add alias for podman network rm -> remove
| * Add alias for podman network rm -> removeDaniel J Walsh2020-11-19
| | | | | | | | | | | | | | | | docker network remove exists and is alias to docker network rm. Bug for bug compatible. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | add network connect|disconnect compat endpointsbaude2020-11-19
|/ | | | | | | | | | | this enables the ability to connect and disconnect a container from a given network. it is only for the compatibility layer. some code had to be refactored to avoid circular imports. additionally, tests are being deferred temporarily due to some incompatibility/bug in either docker-py or our stack. Signed-off-by: baude <bbaude@redhat.com>
* Fix missing headers in `network ls`Jhon Honce2020-11-17
| | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add shell completion with cobraPaul Holzinger2020-11-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow automatic generation for shell completion scripts with the internal cobra functions (requires v1.0.0+). This should replace the handwritten completion scripts and even adds support for fish. With this approach it is less likley that completions and code are out of sync. We can now create the scripts with - podman completion bash - podman completion zsh - podman completion fish To test the completion run: source <(podman completion bash) The same works for podman-remote and podman --remote and it will complete your remote containers/images with the correct endpoints values from --url/--connection. The completion logic is written in go and provided by the cobra library. The completion functions lives in `cmd/podman/completion/completion.go`. The unit test at cmd/podman/shell_completion_test.go checks if each command and flag has an autocompletion function set. This prevents that commands and flags have no shell completion set. This commit does not replace the current autocompletion scripts. Closes #6440 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* enable ipv6 network configuration optionsAntonio Ojea2020-11-10
| | | | | | | | | | | | | enable the ipv6 flag in podman network to be able to create dual-stack networks for containers. This is required to be compatible with docker, where --ipv6 really means dual stack. podman, unlike docker, support IPv6 only containers since 07e3f1bba9674c0cb93a0fa260930bfebbf75728. Signed-off-by: Antonio Ojea <aojea@redhat.com>
* Restore --format table header supportJhon Honce2020-10-29
| | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Add pod, volume, network to inspect packageAshley Cui2020-10-27
| | | | | | | | | | | | | | | | | | podman inspect only had the capabilities to inspect containers and images. if a user wanted to inspect a pod, volume, or network, they would have to use `podman network inspect`, `podman pod inspect` etc. Docker's cli allowed users to inspect both volumes and networks using regular inspect, so this commit gives the user the functionality If the inspect type is not specified using --type, the order of inspection is: containers images volumes networks pods meaning if container that has the same name as an image, podman inspect would return the container inspect. To avoid duplicate code, podman network inspect and podman volume inspect now use the inspect package as well. Podman pod inspect does not because podman pod inspect returns a single json object while podman inspect can return multiple) Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #8077 from jwhonce/wip/reportOpenShift Merge Robot2020-10-21
|\ | | | | Refactor podman to use c/common/pkg/report
| * Refactor podman to use c/common/pkg/reportJhon Honce2020-10-21
| | | | | | | | | | | | | | All formatting for containers stack moved into one package The does not correct issue with headers when using custom tables Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Switch use of Flags to OptionsDaniel J Walsh2020-10-21
|/ | | | | | | | Want to have man pages match commands, since we have lots of printed man pages with using Options, we will change the command line to use Options in --help. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Restore --format table...Jhon Honce2020-10-08
| | | | | | | | | | | | Following commands: * systemd generate * networks inspect * pod stats * Fixed test where format was quoted and then quoted again * Fixed bug where output never printed '--' on missed reads * pod ps Signed-off-by: Jhon Honce <jhonce@redhat.com>
* prevent unpredictable results with network create|removebaude2020-10-07
| | | | | | | | | | due to a lack of "locking" on cni operations, we could get ourselves in trouble when doing rapid creation or removal of networks. added a simple file lock to deal with the collision and because it is not considered a performent path, use of the file lock should be ok. if proven otherwise in the future, some generic shared memory lock should be implemented for libpod and also used here. moved pkog/network to libpod/network because libpod is now being pulled into the package and it has therefore lost its generic nature. this will make it easier to absorb into libpod as we try to make the network closer to core operations. Fixes: #7807 Signed-off-by: baude <bbaude@redhat.com>
* Fix handling of remove of bogus volumes, networks and PodsDaniel J Walsh2020-09-29
| | | | | | | | | | | | In podman containers rm and podman images rm, the commands exit with error code 1 if the object does not exists. This PR implements similar functionality to volumes, networks, and Pods. Similarly if volumes or Networks are in use by other containers, and return exit code 2. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* rootless: support `podman network create` (CNI-in-slirp4netns)Akihiro Suda2020-09-09
| | | | | | | | | | | | | | | | | Usage: ``` $ podman network create foo $ podman run -d --name web --hostname web --network foo nginx:alpine $ podman run --rm --network foo alpine wget -O - http://web.dns.podman Connecting to web.dns.podman (10.88.4.6:80) ... <h1>Welcome to nginx!</h1> ... ``` See contrib/rootless-cni-infra for the design. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* replace the html/template package with text/templatePaul Holzinger2020-07-25
| | | | | | | | | Currently some commands use the html/template package. This can lead to invalid output. e.g. `system df --verbose` will print `&lt;none&gt;` instead of `<none>` with an untaged image. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* move go module to v2Valentin Rothberg2020-07-06
| | | | | | | | | | | | | | | With the advent of Podman 2.0.0 we crossed the magical barrier of go modules. While we were able to continue importing all packages inside of the project, the project could not be vendored anymore from the outside. Move the go module to new major version and change all imports to `github.com/containers/libpod/v2`. The renaming of the imports was done via `gomove` [1]. [1] https://github.com/KSubedi/gomove Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fixes --remote flag issuesJhon Honce2020-06-26
| | | | | | | | | | | | | | | * --remote, --url and --identity are now anchored to podman command. Subcommands should no longer have issues * TraverseChildren now set to V1 expectations * Latest flag now has helper function. Now has consistent usage. * IsRemote() uses cobra parser to determin if --remote is given * Moved validation functions from parser pkg to validate pkg * Fixes #6598 Fixes #6704 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* BATS tests: new too-many-arguments testEd Santiago2020-06-23
| | | | | | | | | | | | | | | | | | | | | | | | | ...plus a few others. And fixes to actual parsing. If a command's usage message includes '...' in the argument list, assume it can take unlimited arguments. Nothing we can check. For all others, though, the ALL-CAPS part on the right-hand side of the usage message will define an upper bound on the number of arguments accepted by the command. So in our 'podman --help' test, generate N+1 args and run that command. We expect a 125 exit status and a suitably helpful error message. Not all podman commands or subcommands were checking, so I fixed that. And, fixed some broken usage messages (all-caps FLAGS, and '[flags]' at the end of 'ARGS'). Add new checks to the help test to prevent those in the future. Plus a little refactoring/cleanup where necessary. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Turn on More lintersDaniel J Walsh2020-06-15
| | | | | | | | | - misspell - prealloc - unparam - nakedret Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fixup issues found by golintDaniel J Walsh2020-06-10
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Remove github.com/libpod/libpod from cmd/pkg/podmanDaniel J Walsh2020-05-21
| | | | | | | By moving a couple of variables from libpod/libpod to libpod/libpod/define I am able shrink the podman-remote-* executables by another megabyte. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* format option added to network inspect command.Kunal Kushwaha2020-05-20
| | | | | | This helps user to print the inspect output in go template format. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* filter option added to network ls command.Kunal Kushwaha2020-05-20
| | | | | | | filter option helps to filter output based on name or supported plugins by CNI networks. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* enable podman v2 networking for remote clientBrent Baude2020-05-12
| | | | Signed-off-by: Brent Baude <bbaude@redhat.com>