1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
package main
import (
"fmt"
"os"
buildahcli "github.com/containers/buildah/pkg/cli"
"github.com/containers/libpod/cmd/podman/cliconfig"
"github.com/containers/libpod/pkg/adapter"
"github.com/pkg/errors"
"github.com/spf13/cobra"
)
var (
playKubeCommand cliconfig.KubePlayValues
playKubeDescription = `Command reads in a structured file of Kubernetes YAML.
It creates the pod and containers described in the YAML. The containers within the pod are then started and the ID of the new Pod is output.`
_playKubeCommand = &cobra.Command{
Use: "kube [flags] KUBEFILE",
Short: "Play a pod based on Kubernetes YAML",
Long: playKubeDescription,
RunE: func(cmd *cobra.Command, args []string) error {
playKubeCommand.InputArgs = args
playKubeCommand.GlobalFlags = MainGlobalOpts
playKubeCommand.Remote = remoteclient
return playKubeCmd(&playKubeCommand)
},
Example: `podman play kube demo.yml`,
}
// https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/
defaultSeccompRoot = "/var/lib/kubelet/seccomp"
)
func init() {
if !remote {
_playKubeCommand.Example = fmt.Sprintf("%s\n podman play kube --cert-dir /mycertsdir --tls-verify=true --quiet myWebPod", _playKubeCommand.Example)
}
playKubeCommand.Command = _playKubeCommand
playKubeCommand.SetHelpTemplate(HelpTemplate())
playKubeCommand.SetUsageTemplate(UsageTemplate())
flags := playKubeCommand.Flags()
flags.StringVar(&playKubeCommand.Creds, "creds", "", "`Credentials` (USERNAME:PASSWORD) to use for authenticating to a registry")
flags.BoolVarP(&playKubeCommand.Quiet, "quiet", "q", false, "Suppress output information when pulling images")
// Disabled flags for the remote client
if !remote {
flags.StringVar(&playKubeCommand.Authfile, "authfile", buildahcli.GetDefaultAuthFile(), "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
flags.StringVar(&playKubeCommand.CertDir, "cert-dir", "", "`Pathname` of a directory containing TLS certificates and keys")
flags.StringVar(&playKubeCommand.SignaturePolicy, "signature-policy", "", "`Pathname` of signature policy file (not usually used)")
flags.BoolVar(&playKubeCommand.TlsVerify, "tls-verify", true, "Require HTTPS and verify certificates when contacting registries")
flags.StringVar(&playKubeCommand.SeccompProfileRoot, "seccomp-profile-root", defaultSeccompRoot, "Directory path for seccomp profiles")
markFlagHidden(flags, "signature-policy")
}
flags.StringVar(&playKubeCommand.Network, "network", "", "Connect pod to CNI network(s)")
}
func playKubeCmd(c *cliconfig.KubePlayValues) error {
args := c.InputArgs
if len(args) > 1 {
return errors.New("you can only play one kubernetes file at a time")
}
if len(args) < 1 {
return errors.New("you must supply at least one file")
}
if c.Authfile != "" {
if _, err := os.Stat(c.Authfile); err != nil {
return errors.Wrapf(err, "error getting authfile %s", c.Authfile)
}
}
ctx := getContext()
runtime, err := adapter.GetRuntime(ctx, &c.PodmanCommand)
if err != nil {
return errors.Wrapf(err, "could not get runtime")
}
defer runtime.DeferredShutdown(false)
_, err = runtime.PlayKubeYAML(ctx, c, args[0])
return err
}
|