Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Pod Volumes Support #11409

Merged
merged 1 commit into from
Sep 15, 2021
Merged

Conversation

cdoern
Copy link
Contributor

@cdoern cdoern commented Sep 2, 2021

added support for the --volume flag in pods using the new infra container design.
users can specify all volume options they can with regular containers.

Specifying the --volume flag causes the infra container to be populated with the specified mounts. All containers joining the pod then have a VolumesFrom container, causing them to inherit the mounts.

resolves #10379

Signed-off-by: cdoern [email protected]

@cdoern cdoern force-pushed the podVolumes branch 2 times, most recently from 03fe99e to 47f5dd0 Compare September 2, 2021 19:44
@cdoern
Copy link
Contributor Author

cdoern commented Sep 3, 2021

@mheon PTAL, not sure if I missed anything here.

@rhatdan
Copy link
Member

rhatdan commented Sep 7, 2021

LGTM

@TomSweeneyRedHat
Copy link
Member

LGTM
but would like a @mheon head nod

pkg/specgen/podspecgen.go Outdated Show resolved Hide resolved
@cdoern cdoern force-pushed the podVolumes branch 2 times, most recently from 2bf1147 to 1ebe26e Compare September 14, 2021 02:56
Copy link
Collaborator

@flouthoc flouthoc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of command line i think more apt would be to add support volumeMount as kube spec, not sure but i think test should suffice mounting named volume or emptydir since that is how I think pod volume should work. This should be the required use-case of shared volume between pod containers.

[Please ignore this comment if that was not intention of the issue]

apiVersion: v1
kind: Pod
metadata:
  name: two-containers
spec:

  volumes:
  - name: shared-data
    emptyDir: {}

  containers:

  - name: first
    image: nginx
    volumeMounts:
    - name: shared-data
      mountPath: /usr/share/nginx/html

  - name: second
    image: debian
    volumeMounts:
    - name: shared-data
      mountPath: /pod-data
    command: ["/bin/sh"]
    args:
      - "-c"
      - >
        while true; do
          date >> /pod-data/index.html;

          echo Hello from the second container >> /pod-data/index.html;
          sleep 1;
        done

@cdoern
Copy link
Contributor Author

cdoern commented Sep 14, 2021

@flouthoc this issue (I believe) is requesting a podman pod create option for volumes. The Kubernetes side of things already supports such a feature via the YAML.

added support for the --volume flag in pods using the new infra container design.
users can specify all volume options they can with regular containers

resolves containers#10379

Signed-off-by: cdoern <[email protected]>
@flouthoc
Copy link
Collaborator

@cdoern I tried a while ago afaik emptydir sharing between containers is not supported but i can confirm again.

@cdoern
Copy link
Contributor Author

cdoern commented Sep 14, 2021

@mheon @TomSweeneyRedHat PTAL, I think I moved up the decoding to a good spot, podspec now matches container spec in terms of volume information.

@mheon
Copy link
Member

mheon commented Sep 14, 2021

LGTM

@rhatdan
Copy link
Member

rhatdan commented Sep 14, 2021

/approve
/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Sep 14, 2021
@openshift-ci
Copy link
Contributor

openshift-ci bot commented Sep 14, 2021

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cdoern, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Sep 14, 2021
@mheon
Copy link
Member

mheon commented Sep 14, 2021

Wait - scratch that for a moment.

Are we not recording named volumes in the infra config?
/hold

@openshift-ci openshift-ci bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 14, 2021
@@ -597,6 +598,11 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
infraConfig.CPUSetCPUs = p.ResourceLim().CPU.Cpus
infraConfig.PidNS = p.PidMode()
infraConfig.UserNS = p.UserNSMode()
namedVolumes, mounts := infra.sortUserVolumes(infra.Config().Spec)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is wrong - named volumes are a separate field in the infra container's config, they are not in the spec

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

see comment below

@mheon
Copy link
Member

mheon commented Sep 14, 2021

Nevermind, fire drill averted. They're stored correctly but we're retrieving from for podman pod inspect in the wrong way.

@TomSweeneyRedHat
Copy link
Member

@mheon, want to remove the "hold" on this given the fire drill findings and the happy green test buttons?

@cdoern
Copy link
Contributor Author

cdoern commented Sep 14, 2021

wait @mheon I am pretty sure .sortUserVolumes goes through the config to get the named volumes, see libpod/container_internal.go L 2151. I actually do not know why the spec is even passed, it is not used in the function.

container_inspect.go uses the same thing

@mheon
Copy link
Member

mheon commented Sep 15, 2021

It adds the additional specifications that all volumes listed must be user-specified, which is probably OK.

/hold cancel

@openshift-ci openshift-ci bot removed the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Sep 15, 2021
@openshift-merge-robot openshift-merge-robot merged commit 4b6ffda into containers:main Sep 15, 2021
@dispensable
Copy link

dispensable commented Oct 14, 2021

@ flouthoc this issue (I believe) is requesting a podman pod create option for volumes. The Kubernetes side of things already supports such a feature via the YAML.

Correcte me if I am wrong, so can we use spec.containers.volumeMounts[N].mountPropagation in the YAML file for podman play kube ?

eg:

- mountPath: xx
  name: xx
  mountPropagation: HostToContainer

Tested with podman 3.3.1/4.0.0-dev(with this pr merged), after podman play kube still got a rprivate bind

@mheon
Copy link
Member

mheon commented Oct 14, 2021

May not be supported, but should be easy to add. Please open a new issue.

@dispensable
Copy link

dispensable commented Oct 15, 2021

I was wrong, according to this func. just add a mountPath: /path/:rslave can get a rslave bind mount. Sorry for bothering you

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Shared volumes, like in Kubernetes Pod
7 participants