kpod inspect now uses the new libpod container state
and closely matches the output of docker inspect
some aspects of it are still WIP as the libpod container state
is still being worked on
Signed-off-by: umohnani8 <umohnani@redhat.com>
Add [r]shared, [r]private, [r]slave functionality to the --volume flag
for kpod create and kpod run
This sets the root propagation for each bind mount
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #87
Approved by: rhatdan
Allow kpod create/run to create contianers in different network namespaces, uts namespaces and
IPC Namespaces.
This patch just handles the simple join the host, or another containers namespaces.
Lots more work needed to full integrate --net
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #64
Approved by: mheon
Enable the --volume flag to validate user input
and add functionality for :z and :Z options
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #84
Approved by: mheon
Added lots of verification code to make sure resourses asociated with
containers is correct.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #60
Approved by: umohnani8
Users of kpod run could use these file systems to perform a breakout
or to learn valuable system information.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #61
Approved by: mheon
The way docker works is if a user specifies a non `-e Name=Value`, IE
just a `-e Name`, then the environment variable Name from the clients
OS.ENV is used.
Also by default Docker containers run with the HOSTNAME environment set
to the HOSTNAME specified for the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #21
Approved by: baude
This should turn on handling of SELinux, NoNewPrivs, seccomp and Apparmor
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #15
Approved by: rhatdan
