Support volumeMounts.subPath in podman kube play

[fpoirotte]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind feature

Description

Please consider adding support for volumeMounts.subPath in podman kube play.
This topic was briefly discussed in 2020 (#5654) but the request was rejected at the time.
I would like to request it again to improve compatibility between kubernetes and podman.

Steps to reproduce the issue:

1. Create /tmp/my-lamp-site.yaml with this content:

apiVersion: v1
kind: Pod
metadata:
  name: my-lamp-site
spec:
    containers:
    - name: mysql
      image: docker.io/library/mysql
      env:
      - name: MYSQL_ROOT_PASSWORD
        value: "rootpasswd"
      volumeMounts:
      - mountPath: /var/lib/mysql
        name: site-data
        subPath: mysql
    - name: php
      image: docker.io/library/php:7.0-apache
      volumeMounts:
      - mountPath: /var/www/html
        name: site-data
        subPath: html
    volumes:
    - name: site-data
      persistentVolumeClaim:
        claimName: my-lamp-site-data

2. Create a volume : podman volume create my-lamp-site-data

3. podman play kube /tmp/my-lamp-site.yaml

Describe the results you received:

mysql's data is written at the root of the my-lamp-site-data volume

Describe the results you expected:

mysql's data should have been stored in a subfolder named mysql inside the volume because that's what subPath points to.

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

Version:      4.0.0-dev
API Version:  4.0.0-dev
Go Version:   go1.17.5
Built:        Fri Jan 14 16:29:25 2022
OS/Arch:      linux/amd64

Output of podman info --debug:

host:
  arch: amd64
  buildahVersion: 1.23.0
  cgroupControllers: []
  cgroupManager: cgroupfs
  cgroupVersion: v1
  conmon:
    package: conmon-2.0.30-1.module_el8.6.0+944+d413f95e.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.30, commit: e28f6ed9f4a6f18e27f3efdab92de483806e6b9c'
  cpus: 48
  distribution:
    distribution: '"centos"'
    version: "8"
  eventLogger: file
  hostname: <redacted>
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1501
      size: 1
    - container_id: 1
      host_id: 200000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 5125
      size: 1
    - container_id: 1
      host_id: 200000
      size: 65536
  kernel: 4.18.0-348.7.1.el8_5.x86_64
  linkmode: dynamic
  logDriver: k8s-file
  memFree: 104679890944
  memTotal: 134499938304
  ociRuntime:
    name: runc
    package: runc-1.0.2-1.module_el8.6.0+926+8bef8ae7.x86_64
    path: /usr/bin/runc
    version: |-
      runc version 1.0.2
      spec: 1.0.2-dev
      go: go1.16.7
      libseccomp: 2.5.2
  os: linux
  remoteSocket:
    exists: true
    path: /run/user/5125/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.1.8-1.module_el8.6.0+926+8bef8ae7.x86_64
    version: |-
      slirp4netns version 1.1.8
      commit: d361001f495417b880f20329121e3aa431a8f90f
      libslirp: 4.4.0
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.2
  swapFree: 4294963200
  swapTotal: 4294963200
  uptime: 320h 19m 23.36s (Approximately 13.33 days)
plugins:
  log:
  - k8s-file
  - none
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - registry.centos.org
  - docker.io
store:
  configFile: /home/fpoirotte/.config/containers/storage.conf
  containerStore:
    number: 4
    paused: 0
    running: 4
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/fpoirotte/.local/share/containers/storage
  graphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 52
  runRoot: /run/user/5125/containers
  volumePath: /home/fpoirotte/.local/share/containers/storage/volumes
version:
  APIVersion: 4.0.0-dev
  Built: 1642174165
  BuiltTime: Fri Jan 14 16:29:25 2022
  GitCommit: ""
  GoVersion: go1.17.5
  OsArch: linux/amd64
  Version: 4.0.0-dev

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.0.0-0.10.el8.x86_64 (manually-built based on https://src.fedoraproject.org/rpms/podman/blob/rawhide/f/podman.spec)

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

Yes

Additional environment details (AWS, VirtualBox, physical, etc.):

irrelevant

[rhatdan]

@umohnani8 @vrothberg WDYT?

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

@vrothberg @umohnani8 Thoughts?

[vrothberg]

Apologies for missing the ping last month. I will defer to @mheon since he is the volumes expert.

[mheon]

I'd need to figure out what subPath actually does. If it's just specifying that we join the subPath to the actual volume path when mounting - that's very easy, we can definitely do that. If there's something more complicated going on behind the scenes, that would be more difficult for us to support.

[fpoirotte]

From a user's point of view, it seems to do exactly what you described.
Not sure if it does anything funny behind the scene though.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[rhatdan]

@fpoirotte interested in opening a PR to add this?

[fpoirotte]

I don't really have any experience with the Go language so I'm not sure I would be up to the task. I would feel much safer knowing someone with more experience is taking over this subject.

[rhatdan]

No problem. Thanks for reporting it.
@umohnani8 PTAL

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[mheon]

Good candidate for interns

[rhatdan]

Agreed. Or @cdoern

[cdoern]

I'd be happy to take this one but if @jakecorrenti or @karthikelango137 want it, just let me know

[jakecorrenti]

I'd be happy to take this one but if @jakecorrenti or @karthikelango137 want it, just let me know

I'm already working on a couple things already, I don't want to take it and have it sit

[karthikelango137]

I'd be happy to take this one but if @jakecorrenti or @karthikelango137 want it, just let me know

I'm working on a couple other issues, you can take it

[github-actions]

A friendly reminder that this issue had no activity for 30 days.

[gilfrade]

I'm also waiting for this support, is there any news about this feature @cdoern ?

Thanks.

[rhatdan]

If someone from the community wants to step up and help move this forward, that would be great.

[cdoern]

I can come back to this during my break this week unless someone else wants to take over @rhatdan @gilfrade I was relatively close if I recall correctly just never made a PR

[rhatdan]

SGTM

[jesselang]

I'm familiar with how subPath behaves in the Kubernetes pod spec. I'm new to podman/libpod, but I'd be happy to take a swing at a PR for this. That being said, if there's WIP toward it, I'd love to see that carried forward!

[cdoern]

@jesselang I will push my code that I have and you can take a look at what I was thinking

[gilfrade]

I don't have the know how to help developing this feature but i can help testing this PR.

[umohnani8]

@cdoern any progress here?

[gilfrade]

Any news about this feature? Thanks

[gsalvatella]

This is probably the only remaining feature that will make docker compose obsolete. With subPath we can finally have all our configuration inside a single Kubernetes YAML. Looking forward to it!

[cdoern]

@gsalvatella so sorry about this one, I'll make this a top priority this week, thanks for being consistent!!!!!

[cdoern]

@gsalvatella @gilfrade just an update, I have this almost working with named volumes in podman, will have a PR you can try out by weeks end.