mirror of
https://github.com/containers/podman.git
synced 2025-08-06 19:44:14 +08:00
Add support for ShmSize to quadlet
I am working on running android auto in a quadlet. [Container] AddDevice=/dev/dri/renderD128 AddDevice=/dev/kvm DropCapability=all Environment=PULSE_SERVER=$XDG_RUNTIME_DIR/pulse/native Environment=WAYLAND_DISPLAY=wayland-0 Environment=XDG_RUNTIME_DIR Image=quay.io/slopezpa/qemu-aaos ContainerName=Android PodmanArgs=--shm-size=5g SecurityLabelDisable=true Volume=$XDG_RUNTIME_DIR:$XDG_RUNTIME_DIR And I need to be able to set the --shm-size option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh
@ -132,6 +132,7 @@ Valid options for `[Container]` are listed below:
|
|||||||
| SecurityLabelLevel=s0:c1,c2 | --security-opt label=level:s0:c1,c2 |
|
| SecurityLabelLevel=s0:c1,c2 | --security-opt label=level:s0:c1,c2 |
|
||||||
| SecurityLabelNested=true | --security-opt label=nested |
|
| SecurityLabelNested=true | --security-opt label=nested |
|
||||||
| SecurityLabelType=spc_t | --security-opt label=type:spc_t |
|
| SecurityLabelType=spc_t | --security-opt label=type:spc_t |
|
||||||
|
| ShmSize=100m | --shm-size=100m |
|
||||||
| Sysctl=name=value | --sysctl=name=value |
|
| Sysctl=name=value | --sysctl=name=value |
|
||||||
| Timezone=local | --tz local |
|
| Timezone=local | --tz local |
|
||||||
| Tmpfs=/work | --tmpfs /work |
|
| Tmpfs=/work | --tmpfs /work |
|
||||||
@ -447,6 +448,12 @@ Set the label process type for the container processes.
|
|||||||
Use a Podman secret in the container either as a file or an environment variable.
|
Use a Podman secret in the container either as a file or an environment variable.
|
||||||
This is equivalent to the Podman `--secret` option and generally has the form `secret[,opt=opt ...]`
|
This is equivalent to the Podman `--secret` option and generally has the form `secret[,opt=opt ...]`
|
||||||
|
|
||||||
|
### `ShmSize=`
|
||||||
|
|
||||||
|
Size of /dev/shm.
|
||||||
|
|
||||||
|
This is equivalent to the Podman `--shm-size` option and generally has the form `number[unit]`
|
||||||
|
|
||||||
### `Sysctl=`
|
### `Sysctl=`
|
||||||
|
|
||||||
Configures namespaced kernel parameters for the container. The format is `Sysctl=name=value`.
|
Configures namespaced kernel parameters for the container. The format is `Sysctl=name=value`.
|
||||||
|
|||||||
@ -55,6 +55,7 @@ const (
|
|||||||
KeyEnvironmentFile = "EnvironmentFile"
|
KeyEnvironmentFile = "EnvironmentFile"
|
||||||
KeyEnvironmentHost = "EnvironmentHost"
|
KeyEnvironmentHost = "EnvironmentHost"
|
||||||
KeyExec = "Exec"
|
KeyExec = "Exec"
|
||||||
|
KeyExitCodePropagation = "ExitCodePropagation"
|
||||||
KeyExposeHostPort = "ExposeHostPort"
|
KeyExposeHostPort = "ExposeHostPort"
|
||||||
KeyGroup = "Group"
|
KeyGroup = "Group"
|
||||||
KeyHealthCmd = "HealthCmd"
|
KeyHealthCmd = "HealthCmd"
|
||||||
@ -69,10 +70,9 @@ const (
|
|||||||
KeyHealthStartupTimeout = "HealthStartupTimeout"
|
KeyHealthStartupTimeout = "HealthStartupTimeout"
|
||||||
KeyHealthTimeout = "HealthTimeout"
|
KeyHealthTimeout = "HealthTimeout"
|
||||||
KeyHostName = "HostName"
|
KeyHostName = "HostName"
|
||||||
KeyImage = "Image"
|
|
||||||
KeyIP = "IP"
|
KeyIP = "IP"
|
||||||
KeyIP6 = "IP6"
|
KeyIP6 = "IP6"
|
||||||
KeyExitCodePropagation = "ExitCodePropagation"
|
KeyImage = "Image"
|
||||||
KeyLabel = "Label"
|
KeyLabel = "Label"
|
||||||
KeyLogDriver = "LogDriver"
|
KeyLogDriver = "LogDriver"
|
||||||
KeyMask = "Mask"
|
KeyMask = "Mask"
|
||||||
@ -102,13 +102,14 @@ const (
|
|||||||
KeyRootfs = "Rootfs"
|
KeyRootfs = "Rootfs"
|
||||||
KeyRunInit = "RunInit"
|
KeyRunInit = "RunInit"
|
||||||
KeySeccompProfile = "SeccompProfile"
|
KeySeccompProfile = "SeccompProfile"
|
||||||
|
KeySecret = "Secret"
|
||||||
KeySecurityLabelDisable = "SecurityLabelDisable"
|
KeySecurityLabelDisable = "SecurityLabelDisable"
|
||||||
KeySecurityLabelFileType = "SecurityLabelFileType"
|
KeySecurityLabelFileType = "SecurityLabelFileType"
|
||||||
KeySecurityLabelLevel = "SecurityLabelLevel"
|
KeySecurityLabelLevel = "SecurityLabelLevel"
|
||||||
KeySecurityLabelNested = "SecurityLabelNested"
|
KeySecurityLabelNested = "SecurityLabelNested"
|
||||||
KeySecurityLabelType = "SecurityLabelType"
|
KeySecurityLabelType = "SecurityLabelType"
|
||||||
KeySecret = "Secret"
|
|
||||||
KeySetWorkingDirectory = "SetWorkingDirectory"
|
KeySetWorkingDirectory = "SetWorkingDirectory"
|
||||||
|
KeyShmSize = "ShmSize"
|
||||||
KeySysctl = "Sysctl"
|
KeySysctl = "Sysctl"
|
||||||
KeyTimezone = "Timezone"
|
KeyTimezone = "Timezone"
|
||||||
KeyTmpfs = "Tmpfs"
|
KeyTmpfs = "Tmpfs"
|
||||||
@ -179,6 +180,7 @@ var (
|
|||||||
KeySecurityLabelLevel: true,
|
KeySecurityLabelLevel: true,
|
||||||
KeySecurityLabelNested: true,
|
KeySecurityLabelNested: true,
|
||||||
KeySecurityLabelType: true,
|
KeySecurityLabelType: true,
|
||||||
|
KeyShmSize: true,
|
||||||
KeySysctl: true,
|
KeySysctl: true,
|
||||||
KeyTimezone: true,
|
KeyTimezone: true,
|
||||||
KeyTmpfs: true,
|
KeyTmpfs: true,
|
||||||
@ -493,6 +495,11 @@ func ConvertContainer(container *parser.UnitFile, names map[string]string, isUse
|
|||||||
podman.addf("--cap-add=%s", strings.ToLower(caps))
|
podman.addf("--cap-add=%s", strings.ToLower(caps))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
shmSize, hasShmSize := container.Lookup(ContainerGroup, KeyShmSize)
|
||||||
|
if hasShmSize {
|
||||||
|
podman.addf("--shm-size=%s", shmSize)
|
||||||
|
}
|
||||||
|
|
||||||
sysctl := container.LookupAllStrv(ContainerGroup, KeySysctl)
|
sysctl := container.LookupAllStrv(ContainerGroup, KeySysctl)
|
||||||
for _, sysctlItem := range sysctl {
|
for _, sysctlItem := range sysctl {
|
||||||
podman.addf("--sysctl=%s", sysctlItem)
|
podman.addf("--sysctl=%s", sysctlItem)
|
||||||
|
|||||||
5
test/e2e/quadlet/shmsize.container
Normal file
5
test/e2e/quadlet/shmsize.container
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
## assert-podman-args "--shm-size=5g"
|
||||||
|
|
||||||
|
[Container]
|
||||||
|
Image=localhost/imagename
|
||||||
|
ShmSize=5g
|
||||||
@ -594,6 +594,7 @@ BOGUS=foo
|
|||||||
Entry("seccomp.container", "seccomp.container", 0, ""),
|
Entry("seccomp.container", "seccomp.container", 0, ""),
|
||||||
Entry("secrets.container", "secrets.container", 0, ""),
|
Entry("secrets.container", "secrets.container", 0, ""),
|
||||||
Entry("selinux.container", "selinux.container", 0, ""),
|
Entry("selinux.container", "selinux.container", 0, ""),
|
||||||
|
Entry("shmsize.container", "shmsize.container", 0, ""),
|
||||||
Entry("shortname.container", "shortname.container", 0, "Warning: shortname.container specifies the image \"shortname\" which not a fully qualified image name. This is not ideal for performance and security reasons. See the podman-pull manpage discussion of short-name-aliases.conf for details."),
|
Entry("shortname.container", "shortname.container", 0, "Warning: shortname.container specifies the image \"shortname\" which not a fully qualified image name. This is not ideal for performance and security reasons. See the podman-pull manpage discussion of short-name-aliases.conf for details."),
|
||||||
Entry("sysctl.container", "sysctl.container", 0, ""),
|
Entry("sysctl.container", "sysctl.container", 0, ""),
|
||||||
Entry("timezone.container", "timezone.container", 0, ""),
|
Entry("timezone.container", "timezone.container", 0, ""),
|
||||||
|
|||||||
Reference in New Issue
Block a user