From 91dbdff77e159fb5377cd57733a05c72cbd94c97 Mon Sep 17 00:00:00 2001 From: Christian Felder Date: Thu, 26 Mar 2020 15:12:22 +0100 Subject: [PATCH] Add support for specifying CNI networks in podman play kube Fixes: #5609 Signed-off-by: Christian Felder --- cmd/podman/cliconfig/config.go | 1 + cmd/podman/play_kube.go | 1 + completions/bash/podman | 1 + docs/source/markdown/podman-play-kube.1.md | 14 +++++++++++++- pkg/adapter/pods.go | 16 ++++++++++++++++ 5 files changed, 32 insertions(+), 1 deletion(-) diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go index 3428746a95..f96140fd2f 100644 --- a/cmd/podman/cliconfig/config.go +++ b/cmd/podman/cliconfig/config.go @@ -318,6 +318,7 @@ type KubePlayValues struct { Authfile string CertDir string Creds string + Network string Quiet bool SignaturePolicy string TlsVerify bool diff --git a/cmd/podman/play_kube.go b/cmd/podman/play_kube.go index 2028d2ef45..a5669c5951 100644 --- a/cmd/podman/play_kube.go +++ b/cmd/podman/play_kube.go @@ -51,6 +51,7 @@ func init() { flags.StringVar(&playKubeCommand.SeccompProfileRoot, "seccomp-profile-root", defaultSeccompRoot, "Directory path for seccomp profiles") markFlagHidden(flags, "signature-policy") } + flags.StringVar(&playKubeCommand.Network, "network", "", "Connect pod to CNI network(s)") } func playKubeCmd(c *cliconfig.KubePlayValues) error { diff --git a/completions/bash/podman b/completions/bash/podman index ca22ade0aa..036a35aa15 100644 --- a/completions/bash/podman +++ b/completions/bash/podman @@ -2683,6 +2683,7 @@ _podman_play_kube() { --authfile --cert-dir --creds + --network " local boolean_options=" diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md index 2367ff7fe3..dd9441800e 100644 --- a/docs/source/markdown/podman-play-kube.1.md +++ b/docs/source/markdown/podman-play-kube.1.md @@ -36,6 +36,10 @@ The [username[:password]] to use to authenticate with the registry if required. If one or both values are not supplied, a command line prompt will appear and the value can be entered. The password is entered without echo. +**--network**=*cni networks* + +A comma-separated list of the names of CNI networks the pod should join. + **--quiet**, **-q** Suppress output information when pulling images @@ -62,8 +66,16 @@ $ podman play kube demo.yml 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 ``` +CNI network(s) can be specified as comma-separated list using ``--network`` +``` +$ podman play kube demo.yml --network cni1,cni2 +52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6 +``` + +Please take into account that CNI networks must be created first using podman-network-create(1). + ## SEE ALSO -podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1), podman-play(1) +podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1), podman-play(1), podman-network-create(1) ## HISTORY December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com) diff --git a/pkg/adapter/pods.go b/pkg/adapter/pods.go index 9a83e99455..64ebd39546 100644 --- a/pkg/adapter/pods.go +++ b/pkg/adapter/pods.go @@ -595,6 +595,22 @@ func (r *LocalRuntime) PlayKubeYAML(ctx context.Context, c *cliconfig.KubePlayVa podPorts := getPodPorts(podYAML.Spec.Containers) podOptions = append(podOptions, libpod.WithInfraContainerPorts(podPorts)) + if c.Flag("network").Changed { + netValue := c.String("network") + switch strings.ToLower(netValue) { + case "bridge", "host": + return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML") + case "": + return nil, errors.Errorf("invalid value passed to --network: must provide a comma-separated list of CNI networks") + default: + // We'll assume this is a comma-separated list of CNI + // networks. + networks := strings.Split(netValue, ",") + logrus.Debugf("Pod joining CNI networks: %v", networks) + podOptions = append(podOptions, libpod.WithPodNetworks(networks)) + } + } + // Create the Pod pod, err = r.NewPod(ctx, podOptions...) if err != nil {