mirror of
https://github.com/containers/podman.git
synced 2025-10-19 20:23:08 +08:00
d9a85466a0
Add support to kube play to support the TerminationGracePeriodSeconds fiels by sending the value of that to podman's stopTimeout. Add support to kube generate to generate TerminationGracePeriodSeconds if stopTimeout is set for a container (will ignore podman's default). Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
10 KiB
10 KiB
Podman Kube Play Support
This document outlines the kube yaml fields that are currently supported by the podman kube play command.
Note: N/A means that the option cannot be supported in a single-node Podman environment.
Pod Fields
| Field | Support |
|---|---|
| containers | ✅ |
| initContainers | ✅ |
| imagePullSecrets | no |
| enableServiceLinks | no |
| os.name | no |
| volumes | ✅ |
| nodeSelector | N/A |
| nodeName | N/A |
| affinity.nodeAffinity | N/A |
| affinity.podAffinity | N/A |
| affinity.podAntiAffinity | N/A |
| tolerations.key | N/A |
| tolerations.operator | N/A |
| tolerations.effect | N/A |
| tolerations.tolerationSeconds | N/A |
| schedulerName | N/A |
| runtimeClassName | no |
| priorityClassName | no |
| priority | no |
| topologySpreadConstraints.maxSkew | N/A |
| topologySpreadConstraints.topologyKey | N/A |
| topologySpreadConstraints.whenUnsatisfiable | N/A |
| topologySpreadConstraints.labelSelector | N/A |
| topologySpreadConstraints.minDomains | N/A |
| restartPolicy | ✅ |
| terminationGracePeriodSeconds | ✅ |
| activeDeadlineSeconds | no |
| readinessGates.conditionType | no |
| hostname | ✅ |
| setHostnameAsFQDN | no |
| subdomain | no |
| hostAliases.hostnames | ✅ |
| hostAliases.ip | ✅ |
| dnsConfig.nameservers | ✅ |
| dnsConfig.options.name | ✅ |
| dnsConfig.options.value | ✅ |
| dnsConfig.searches | ✅ |
| dnsPolicy | no |
| hostNetwork | ✅ |
| hostPID | ✅ |
| hostIPC | ✅ |
| shareProcessNamespace | ✅ |
| serviceAccountName | no |
| automountServiceAccountToken | no |
| securityContext.runAsUser | ✅ |
| securityContext.runAsNonRoot | no |
| securityContext.runAsGroup | ✅ |
| securityContext.supplementalGroups | ✅ |
| securityContext.fsGroup | no |
| securityContext.fsGroupChangePolicy | no |
| securityContext.seccompProfile.type | no |
| securityContext.seccompProfile.localhostProfile | no |
| securityContext.seLinuxOptions.level | ✅ |
| securityContext.seLinuxOptions.role | ✅ |
| securityContext.seLinuxOptions.type | ✅ |
| securityContext.seLinuxOptions.user | ✅ |
| securityContext.sysctls.name | ✅ |
| securityContext.sysctls.value | ✅ |
| securityContext.windowsOptions.gmsaCredentialSpec | no |
| securityContext.windowsOptions.hostProcess | no |
| securityContext.windowsOptions.runAsUserName | no |
Container Fields
| Field | Support |
|---|---|
| name | ✅ |
| image | ✅ |
| imagePullPolicy | ✅ |
| command | ✅ |
| args | ✅ |
| workingDir | ✅ |
| ports.containerPort | ✅ |
| ports.hostIP | ✅ |
| ports.hostPort | ✅ |
| ports.name | ✅ |
| ports.protocol | ✅ |
| env.name | ✅ |
| env.value | ✅ |
| env.valueFrom.configMapKeyRef.key | ✅ |
| env.valueFrom.configMapKeyRef.name | ✅ |
| env.valueFrom.configMapKeyRef.optional | ✅ |
| env.valueFrom.fieldRef | ✅ |
| env.valueFrom.resourceFieldRef | ✅ |
| env.valueFrom.secretKeyRef.key | ✅ |
| env.valueFrom.secretKeyRef.name | ✅ |
| env.valueFrom.secretKeyRef.optional | ✅ |
| envFrom.configMapRef.name | ✅ |
| envFrom.configMapRef.optional | ✅ |
| envFrom.prefix | no |
| envFrom.secretRef.name | ✅ |
| envFrom.secretRef.optional | ✅ |
| volumeMounts.mountPath | ✅ |
| volumeMounts.name | ✅ |
| volumeMounts.mountPropagation | no |
| volumeMounts.readOnly | ✅ |
| volumeMounts.subPath | no |
| volumeMounts.subPathExpr | no |
| volumeDevices.devicePath | no |
| volumeDevices.name | no |
| resources.limits | ✅ |
| resources.requests | ✅ |
| lifecycle.postStart | no |
| lifecycle.preStop | no |
| terminationMessagePath | no |
| terminationMessagePolicy | no |
| livenessProbe | ✅ |
| readinessProbe | no |
| startupProbe | no |
| securityContext.runAsUser | ✅ |
| securityContext.runAsNonRoot | no |
| securityContext.runAsGroup | ✅ |
| securityContext.readOnlyRootFilesystem | ✅ |
| securityContext.procMount | ✅ |
| securityContext.privileged | ✅ |
| securityContext.allowPrivilegeEscalation | ✅ |
| securityContext.capabilities.add | ✅ |
| securityContext.capabilities.drop | ✅ |
| securityContext.seccompProfile.type | no |
| securityContext.seccompProfile.localhostProfile | no |
| securityContext.seLinuxOptions.level | ✅ |
| securityContext.seLinuxOptions.role | ✅ |
| securityContext.seLinuxOptions.type | ✅ |
| securityContext.seLinuxOptions.user | ✅ |
| securityContext.windowsOptions.gmsaCredentialSpec | no |
| securityContext.windowsOptions.hostProcess | no |
| securityContext.windowsOptions.runAsUserName | no |
| stdin | no |
| stdinOnce | no |
| tty | no |
PersistentVolumeClaim Fields
| Field | Support |
|---|---|
| volumeName | no |
| storageClassName | ✅ |
| volumeMode | no |
| accessModes | ✅ |
| selector | no |
| resources.limits | no |
| resources.requests | ✅ |
ConfigMap Fields
| Field | Support |
|---|---|
| binaryData | ✅ |
| data | ✅ |
| immutable | no |
Deployment Fields
| Field | Support |
|---|---|
| replicas | ✅ (the actual replica count is ignored and set to 1) |
| selector | ✅ |
| template | ✅ |
| minReadySeconds | no |
| strategy.type | no |
| strategy.rollingUpdate.maxSurge | no |
| strategy.rollingUpdate.maxUnavailable | no |
| revisionHistoryLimit | no |
| progressDeadlineSeconds | no |
| paused | no |