1podman-play-kube(1)() podman-play-kube(1)()
2
3
4
6 podman-play-kube - Create containers, pods or volumes based on Kuber‐
7 netes YAML
8
9
11 podman play kube [options] file.yml|-
12
13
15 podman play kube will read in a structured file of Kubernetes YAML. It
16 will then recreate the containers, pods or volumes described in the
17 YAML. Containers within a pod are then started and the ID of the new
18 Pod or the name of the new Volume is output. If the yaml file is speci‐
19 fied as "-" then podman play kube will read the YAML file from stdin.
20
21
22 Ideally the input file would be one created by Podman (see podman-gen‐
23 erate-kube(1)). This would guarantee a smooth import and expected re‐
24 sults.
25
26
27 Currently, the supported Kubernetes kinds are: - Pod - Deployment -
28 PersistentVolumeClaim
29
30
31 Kubernetes Pods or Deployments
32
33
34 Only two volume types are supported by play kube, the hostPath and per‐
35 sistentVolumeClaim volume types. For the hostPath volume type, only the
36 default (empty), DirectoryOrCreate, Directory, FileOrCreate, File, and
37 Socket subtypes are supported. The CharDevice and BlockDevice subtypes
38 are not supported. Podman interprets the value of hostPath path as a
39 file path when it contains at least one forward slash, otherwise Podman
40 treats the value as the name of a named volume. When using a persis‐
41 tentVolumeClaim, the value for claimName is the name for the Podman
42 named volume.
43
44
45 Note: hostPath volume types created by play kube will be given an
46 SELinux private label (Z)
47
48
49 Note: If the :latest tag is used, Podman will attempt to pull the image
50 from a registry. If the image was built locally with Podman or Buildah,
51 it will have localhost as the domain, in that case, Podman will use the
52 image from the local store even if it has the :latest tag.
53
54
55 Kubernetes PersistentVolumeClaims
56
57
58 A Kubernetes PersistentVolumeClaim represents a Podman named volume.
59 Only the PersistentVolumeClaim name is required by Podman to create a
60 volume. Kubernetes annotations can be used to make use of the available
61 options for Podman volumes.
62
63
64 • volume.podman.io/driver
65
66 • volume.podman.io/device
67
68 • volume.podman.io/type
69
70 • volume.podman.io/uid
71
72 • volume.podman.io/gid
73
74 • volume.podman.io/mount-options
75
76
77
79 --authfile=path
80 Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/contain‐
81 ers/auth.json, which is set using podman login. If the authorization
82 state is not found there, $HOME/.docker/config.json is checked, which
83 is set using docker login.
84
85
86 Note: You can also override the default path of the authentication file
87 by setting the REGISTRY_AUTH_FILE environment variable. export REG‐
88 ISTRY_AUTH_FILE=path
89
90
91 --cert-dir=path
92 Use certificates at path (*.crt, *.cert, *.key) to connect to the reg‐
93 istry. Please refer to containers-certs.d(5) for details. (This option
94 is not available with the remote Podman client)
95
96
97 --configmap=path
98 Use Kubernetes configmap YAML at path to provide a source for environ‐
99 ment variable values within the containers of the pod.
100
101
102 Note: The --configmap option can be used multiple times or a comma-sep‐
103 arated list of paths can be used to pass multiple Kubernetes configmap
104 YAMLs.
105
106
107 --creds
108 The [username[:password]] to use to authenticate with the registry if
109 required. If one or both values are not supplied, a command line
110 prompt will appear and the value can be entered. The password is en‐
111 tered without echo.
112
113
114 --ip=IP address
115 Assign a static ip address to the pod. This option can be specified
116 several times when play kube creates more than one pod.
117
118
119 --log-driver=driver
120 Set logging driver for all created containers.
121
122
123 --mac-address=MAC address
124 Assign a static mac address to the pod. This option can be specified
125 several times when play kube creates more than one pod.
126
127
128 --network=networks, --net
129 A comma-separated list of the names of CNI networks the pod should
130 join.
131
132
133 --quiet, -q
134 Suppress output information when pulling images
135
136
137 --seccomp-profile-root=path
138 Directory path for seccomp profiles (default: "/var/lib/kubelet/sec‐
139 comp"). (This option is not available with the remote Podman client)
140
141
142 --start=true|false
143 Start the pod after creating it, set to false to only create it.
144
145
146 --tls-verify=true|false
147 Require HTTPS and verify certificates when contacting registries (de‐
148 fault: true). If explicitly set to true, then TLS verification will be
149 used. If set to false, then TLS verification will not be used. If not
150 specified, TLS verification will be used unless the target registry is
151 listed as an insecure registry in registries.conf.
152
153
154 --help, -h
155 Print usage statement
156
157
159 Recreate the pod and containers as described in a file called demo.yml
160
161
162 $ podman play kube demo.yml
163 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
164
165
166
167 Recreate the pod and containers as described in a file demo.yml sent to
168 stdin
169
170
171 $ cat demo.yml | podman play kube -
172 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
173
174
175
176 Provide configmap-foo.yml and configmap-bar.yml as sources for environ‐
177 ment variables within the containers.
178
179
180 $ podman play kube demo.yml --configmap configmap-foo.yml,configmap-bar.yml
181 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
182
183 $ podman play kube demo.yml --configmap configmap-foo.yml --configmap configmap-bar.yml
184 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
185
186
187
188 CNI network(s) can be specified as comma-separated list using --network
189
190
191 $ podman play kube demo.yml --network cni1,cni2
192 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
193
194
195
196 Please take into account that CNI networks must be created first using
197 podman-network-create(1).
198
199
201 podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1),
202 podman-play(1), podman-network-create(1), containers-certs.d(5)
203
204
206 December 2018, Originally compiled by Brent Baude (bbaude at redhat dot
207 com)
208
209
210
211 podman-play-kube(1)()