From 02c4374057a4f4ff1cf136a2f849b4b156d69dac Mon Sep 17 00:00:00 2001 From: Urvashi Mohnani <umohnani@redhat.com> Date: Sun, 22 May 2022 23:31:37 -0400 Subject: [PATCH] [CI:DOCS] Add play kube support docs Add a doc to outline which kube yaml fields the play kube command currently supports. This will be updated as more fields are supported in the future. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com> --- docs/play_kube_support.md | 152 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 152 insertions(+) create mode 100644 docs/play_kube_support.md diff --git a/docs/play_kube_support.md b/docs/play_kube_support.md new file mode 100644 index 0000000000..cf983bc042 --- /dev/null +++ b/docs/play_kube_support.md @@ -0,0 +1,152 @@ +# Podman Play Kube Support + +This document outlines the kube yaml fields that are currently supported by the **podman play kube** command. + +Note: **N/A** means that the option cannot be supported in a single-node Podman environment. + +## Pod Fields + +| Field | Support | +|---------------------------------------------------|---------| +| containers | ✅ | +| initContainers | ✅ | +| imagePullSecrets | | +| enableServiceLinks | | +| os<nolink>.name | | +| volumes | | +| nodeSelector | N/A | +| nodeName | N/A | +| affinity.nodeAffinity | N/A | +| affinity.podAffinity | N/A | +| affinity.podAntiAffinity | N/A | +| tolerations.key | N/A | +| tolerations.operator | N/A | +| tolerations.effect | N/A | +| tolerations.tolerationSeconds | N/A | +| schedulerName | N/A | +| runtimeClassName | | +| priorityClassName | | +| priority | | +| topologySpreadConstraints.maxSkew | N/A | +| topologySpreadConstraints.topologyKey | N/A | +| topologySpreadConstraints.whenUnsatisfiable | N/A | +| topologySpreadConstraints.labelSelector | N/A | +| topologySpreadConstraints.minDomains | N/A | +| restartPolicy | ✅ | +| terminationGracePeriod | | +| activeDeadlineSeconds | | +| readinessGates.conditionType | | +| hostname | ✅ | +| setHostnameAsFQDN | | +| subdomain | | +| hostAliases.hostnames | ✅ | +| hostAliases.ip | ✅ | +| dnsConfig.nameservers | ✅ | +| dnsConfig<nolink>.options.name | ✅ | +| dnsConfig.options.value | ✅ | +| dnsConfig.searches | ✅ | +| dnsPolicy | | +| hostNetwork | ✅ | +| hostPID | | +| hostIPC | | +| shareProcessNamespace | ✅ | +| serviceAccountName | | +| automountServiceAccountToken | | +| securityContext.runAsUser | | +| securityContext.runAsNonRoot | | +| securityContext.runAsGroup | | +| securityContext.supplementalGroups | | +| securityContext.fsGroup | | +| securityContext.fsGroupChangePolicy | | +| securityContext.seccompProfile.type | | +| securityContext.seccompProfile.localhostProfile | | +| securityContext.seLinuxOptions.level | | +| securityContext.seLinuxOptions.role | | +| securityContext.seLinuxOptions.type | | +| securityContext.seLinuxOptions.user | | +| securityContext<nolink>.sysctls.name | | +| securityContext.sysctls.value | | +| securityContext.windowsOptions.gmsaCredentialSpec | | +| securityContext.windowsOptions.hostProcess | | +| securityContext.windowsOptions.runAsUserName | | + +## Container Fields + +| Field | Support | +|---------------------------------------------------|---------| +| name | ✅ | +| image | ✅ | +| imagePullPolicy | ✅ | +| command | ✅ | +| args | ✅ | +| workingDir | ✅ | +| ports.containerPort | ✅ | +| ports.hostIP | ✅ | +| ports.hostPort | ✅ | +| ports<nolink>.name | ✅ | +| ports.protocol | ✅ | +| env<nolink>.name | ✅ | +| env.value | ✅ | +| env.valueFrom.configMapKeyRef.key | ✅ | +| env<nolink>.valueFrom.configMapKeyRef.name | ✅ | +| env.valueFrom.configMapKeyRef.optional | ✅ | +| env.valueFrom.fieldRef | ✅ | +| env.valueFrom.resourceFieldRef | ✅ | +| env.valueFrom.secretKeyRef.key | ✅ | +| env<nolink>.valueFrom.secretKeyRef.name | ✅ | +| env.valueFrom.secretKeyRef.optional | ✅ | +| envFrom<nolink>.configMapRef.name | ✅ | +| envFrom.configMapRef.optional | ✅ | +| envFrom.prefix | | +| envFrom<nolink>.secretRef.name | ✅ | +| envFrom.secretRef.optional | ✅ | +| volumeMounts.mountPath | ✅ | +| volumeMounts<nolink>.name | ✅ | +| volumeMounts.mountPropagation | | +| volumeMounts.readOnly | ✅ | +| volumeMounts.subPath | | +| volumeMounts.subPathExpr | | +| volumeDevices.devicePath | | +| volumeDevices<nolink>.name | | +| resources.limits | ✅ | +| resources.requests | ✅ | +| lifecycle.postStart | | +| lifecycle.preStop | | +| terminationMessagePath | | +| terminationMessagePolicy | | +| livenessProbe | ✅ | +| readinessProbe | | +| startupProbe | | +| securityContext.runAsUser | ✅ | +| securityContext.runAsNonRoot | | +| securityContext.runAsGroup | ✅ | +| securityContext.readOnlyRootFilesystem | ✅ | +| securityContext.procMount | | +| securityContext.privileged | ✅ | +| securityContext.allowPrivilegeEscalation | ✅ | +| securityContext.capabilities.add | ✅ | +| securityContext.capabilities.drop | ✅ | +| securityContext.seccompProfile.type | | +| securityContext.seccompProfile.localhostProfile | | +| securityContext.seLinuxOptions.level | ✅ | +| securityContext.seLinuxOptions.role | ✅ | +| securityContext.seLinuxOptions.type | ✅ | +| securityContext.seLinuxOptions.user | ✅ | +| securityContext.windowsOptions.gmsaCredentialSpec | | +| securityContext.windowsOptions.hostProcess | | +| securityContext.windowsOptions.runAsUserName | | +| stdin | | +| stdinOnce | | +| tty | | + +## PersistentVolumeClaim Fields + +| Field | Support | +|--------------------|---------| +| volumeName | | +| storageClassName | ✅ | +| volumeMode | | +| accessModes | ✅ | +| selector | | +| resources.limits | | +| resources.requests | ✅ |