opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-07 07:45:34 +08:00
Code Issues Packages Projects Releases Wiki Activity

Quadlet Doc: Add section for .kube files

Browse Source 
In addition, for .container add RemapUidSize and fix Network

Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
This commit is contained in:
Ygal Blum
2022-12-25 14:37:26 +02:00
parent 3fbf62e968
commit 9f5f092f16
1 changed files with 68 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
docs/source/markdown/podman-systemd.unit.5.md
View File

@ -158,7 +158,7 @@ exact mapping of uids from host to container. You must specify these.
In `auto` mode mode, the subuids and subgids allocated to the `containers` user is used to allocate In `auto` mode mode, the subuids and subgids allocated to the `containers` user is used to allocate
host uids/gids to use for the container. By default this will try to estimate a count of the ids host uids/gids to use for the container. By default this will try to estimate a count of the ids
to remap, but RemapUidSize can be specified to use an explicit size. Use `RemapUid` and to remap, but `RemapUidSize` can be specified to use an explicit size. Use `RemapUid` and
`RemapGid` key to force a particular host uid to be mapped to the container. `RemapGid` key to force a particular host uid to be mapped to the container.
In `keep-id` mode, the running user is mapped to the same id in the container. This is supported In `keep-id` mode, the running user is mapped to the same id in the container. This is supported
@ -176,6 +176,10 @@ If `RemapUsers` is enabled, this specifies a gid mapping of the form `container_
which will map `amount` number of gids on the host starting at `from_gid` into the container, starting which will map `amount` number of gids on the host starting at `from_gid` into the container, starting
at `container_gid`. at `container_gid`.
#### `RemapUidSize=`
If `RemapUsers` is enabled and set to `auto`, this specifies the count of the ids to remap
#### `Notify=` (defaults to `no`) #### `Notify=` (defaults to `no`)
By default, Podman is run in such a way that the systemd startup notify command is handled by By default, Podman is run in such a way that the systemd startup notify command is handled by
@ -218,6 +222,11 @@ Specify a custom network for the container. This has the same format as the `--n
to `podman run`. For example, use `host` to use the host network in the container, or `none` to to `podman run`. For example, use `host` to use the host network in the container, or `none` to
not set up networking in the container. not set up networking in the container.
As a special case, if the `name` of the network ends with `.network`, a Podman network called
`systemd-$name` will be used, and the generated systemd service will contain
a dependency on the `$name-network.service`. Such a network can be automatically
created by using a `$name.network` quadlet file.
This key can be listed multiple times. This key can be listed multiple times.
#### `ExposeHostPort=` #### `ExposeHostPort=`
@ -280,6 +289,64 @@ similar to `Environment`.
This key can be listed multiple times. This key can be listed multiple times.
### Kube units
Kube units are named with a `.kube` extension and contain a `[Kube] `section describing
how `podman kube play` should be run as a service. The resulting service file will contain a line like
`ExecStart=podman kube play … file.yml`, and most of the keys in this section control the command-line
options passed to Podman. However, some options also affect the details of how systemd is set up to run and
interact with the container.
There is only one required key, `Yaml`, which defines the path to the Kubernetes YAML file.
Supported keys in the `Kube` section are:
#### `Yaml=`
The path, absolute or relative to the location of the unit file, to the Kubernetes YAML file to use.
#### `RemapUsers=`
If this is set, then host user and group ids are remapped in the container. It currently
supports values: `auto`, and `keep-id`.
In `auto` mode mode, the subuids and subgids allocated to the `containers` user is used to allocate
host uids/gids to use for the container. By default this will try to estimate a count of the ids
to remap, but `RemapUidSize` can be specified to use an explicit size. Use `RemapUid` and
`RemapGid` key to force a particular host uid to be mapped to the container.
In `keep-id` mode, the running user is mapped to the same id in the container. This is supported
only on user systemd units.
#### `RemapUid=`
If `RemapUsers` is enabled, this specifies a uid mapping of the form `container_uid:from_uid:amount`,
which will map `amount` number of uids on the host starting at `from_uid` into the container, starting
at `container_uid`.
#### `RemapGid=`
If `RemapUsers` is enabled, this specifies a gid mapping of the form `container_gid:from_gid:amount`,
which will map `amount` number of gids on the host starting at `from_gid` into the container, starting
at `container_gid`.
#### `RemapUidSize=`
If `RemapUsers` is enabled and set to `auto`, this specifies the count of the ids to remap.
#### `Network=`
Specify a custom network for the container. This has the same format as the `--network` option
to `podman kube play`. For example, use `host` to use the host network in the container, or `none` to
not set up networking in the container.
As a special case, if the `name` of the network ends with `.network`, a Podman network called
`systemd-$name` will be used, and the generated systemd service will contain
a dependency on the `$name-network.service`. Such a network can be automatically
created by using a `$name.network` quadlet file.
This key can be listed multiple times.
### Volume units ### Volume units
Volume files are named with a `.volume` extension and contain a section `[Volume]` describing the Volume files are named with a `.volume` extension and contain a section `[Volume]` describing the