github.com/containers/libpod@v1.9.4-0.20220419124438-4284fd425507/cmd/podmanV2/common/create.go (about) 1 package common 2 3 import ( 4 "fmt" 5 "os" 6 7 buildahcli "github.com/containers/buildah/pkg/cli" 8 "github.com/containers/common/pkg/config" 9 "github.com/containers/libpod/cmd/podman/cliconfig" 10 "github.com/sirupsen/logrus" 11 "github.com/spf13/pflag" 12 ) 13 14 const ( 15 sizeWithUnitFormat = "(format: `<number>[<unit>]`, where unit = b (bytes), k (kilobytes), m (megabytes), or g (gigabytes))" 16 ) 17 18 var ( 19 defaultContainerConfig = getDefaultContainerConfig() 20 ) 21 22 func getDefaultContainerConfig() *config.Config { 23 defaultContainerConfig, err := config.Default() 24 if err != nil { 25 logrus.Error(err) 26 os.Exit(1) 27 } 28 return defaultContainerConfig 29 } 30 31 func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet { 32 createFlags := pflag.FlagSet{} 33 createFlags.StringSliceVar( 34 &cf.Annotation, 35 "annotation", []string{}, 36 "Add annotations to container (key:value)", 37 ) 38 createFlags.StringSliceVarP( 39 &cf.Attach, 40 "attach", "a", []string{}, 41 "Attach to STDIN, STDOUT or STDERR", 42 ) 43 createFlags.StringVar( 44 &cf.Authfile, 45 "authfile", buildahcli.GetDefaultAuthFile(), 46 "Path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override", 47 ) 48 createFlags.StringVar( 49 &cf.BlkIOWeight, 50 "blkio-weight", "", 51 "Block IO weight (relative weight) accepts a weight value between 10 and 1000.", 52 ) 53 createFlags.StringSliceVar( 54 &cf.BlkIOWeightDevice, 55 "blkio-weight-device", []string{}, 56 "Block IO weight (relative device weight, format: `DEVICE_NAME:WEIGHT`)", 57 ) 58 createFlags.StringSliceVar( 59 &cf.CapAdd, 60 "cap-add", []string{}, 61 "Add capabilities to the container", 62 ) 63 createFlags.StringSliceVar( 64 &cf.CapDrop, 65 "cap-drop", []string{}, 66 "Drop capabilities from the container", 67 ) 68 createFlags.StringVar( 69 &cf.CGroupsNS, 70 "cgroupns", getDefaultCgroupNS(), 71 "cgroup namespace to use", 72 ) 73 createFlags.StringVar( 74 &cf.CGroups, 75 "cgroups", "enabled", 76 `control container cgroup configuration ("enabled"|"disabled"|"no-conmon")`, 77 ) 78 createFlags.StringVar( 79 &cf.CGroupParent, 80 "cgroup-parent", "", 81 "Optional parent cgroup for the container", 82 ) 83 createFlags.StringVar( 84 &cf.CIDFile, 85 "cidfile", "", 86 "Write the container ID to the file", 87 ) 88 createFlags.StringVar( 89 &cf.ConmonPIDFile, 90 "conmon-pidfile", "", 91 "Path to the file that will receive the PID of conmon", 92 ) 93 createFlags.Uint64Var( 94 &cf.CPUPeriod, 95 "cpu-period", 0, 96 "Limit the CPU CFS (Completely Fair Scheduler) period", 97 ) 98 createFlags.Int64Var( 99 &cf.CPUQuota, 100 "cpu-quota", 0, 101 "Limit the CPU CFS (Completely Fair Scheduler) quota", 102 ) 103 createFlags.Uint64Var( 104 &cf.CPURTPeriod, 105 "cpu-rt-period", 0, 106 "Limit the CPU real-time period in microseconds", 107 ) 108 createFlags.Int64Var( 109 &cf.CPURTRuntime, 110 "cpu-rt-runtime", 0, 111 "Limit the CPU real-time runtime in microseconds", 112 ) 113 createFlags.Uint64Var( 114 &cf.CPUShares, 115 "cpu-shares", 0, 116 "CPU shares (relative weight)", 117 ) 118 createFlags.Float64Var( 119 &cf.CPUS, 120 "cpus", 0, 121 "Number of CPUs. The default is 0.000 which means no limit", 122 ) 123 createFlags.StringVar( 124 &cf.CPUSetCPUs, 125 "cpuset-cpus", "", 126 "CPUs in which to allow execution (0-3, 0,1)", 127 ) 128 createFlags.StringVar( 129 &cf.CPUSetMems, 130 "cpuset-mems", "", 131 "Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.", 132 ) 133 createFlags.BoolVarP( 134 &cf.Detach, 135 "detach", "d", false, 136 "Run container in background and print container ID", 137 ) 138 createFlags.StringVar( 139 &cf.DetachKeys, 140 "detach-keys", GetDefaultDetachKeys(), 141 "Override the key sequence for detaching a container. Format is a single character `[a-Z]` or a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: `a-cf`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`", 142 ) 143 createFlags.StringSliceVar( 144 &cf.Device, 145 "device", getDefaultDevices(), 146 fmt.Sprintf("Add a host device to the container"), 147 ) 148 createFlags.StringSliceVar( 149 &cf.DeviceCGroupRule, 150 "device-cgroup-rule", []string{}, 151 "Add a rule to the cgroup allowed devices list", 152 ) 153 createFlags.StringSliceVar( 154 &cf.DeviceReadBPs, 155 "device-read-bps", []string{}, 156 "Limit read rate (bytes per second) from a device (e.g. --device-read-bps=/dev/sda:1mb)", 157 ) 158 createFlags.StringSliceVar( 159 &cf.DeviceReadIOPs, 160 "device-read-iops", []string{}, 161 "Limit read rate (IO per second) from a device (e.g. --device-read-iops=/dev/sda:1000)", 162 ) 163 createFlags.StringSliceVar( 164 &cf.DeviceWriteBPs, 165 "device-write-bps", []string{}, 166 "Limit write rate (bytes per second) to a device (e.g. --device-write-bps=/dev/sda:1mb)", 167 ) 168 createFlags.StringSliceVar( 169 &cf.DeviceWriteIOPs, 170 "device-write-iops", []string{}, 171 "Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:1000)", 172 ) 173 createFlags.StringVar( 174 &cf.Entrypoint, 175 "entrypoint", "", 176 "Overwrite the default ENTRYPOINT of the image", 177 ) 178 createFlags.StringArrayVarP( 179 &cf.env, 180 "env", "e", getDefaultEnv(), 181 "Set environment variables in container", 182 ) 183 createFlags.BoolVar( 184 &cf.EnvHost, 185 "env-host", false, "Use all current host environment variables in container", 186 ) 187 createFlags.StringSliceVar( 188 &cf.EnvFile, 189 "env-file", []string{}, 190 "Read in a file of environment variables", 191 ) 192 createFlags.StringSliceVar( 193 &cf.Expose, 194 "expose", []string{}, 195 "Expose a port or a range of ports", 196 ) 197 createFlags.StringSliceVar( 198 &cf.GIDMap, 199 "gidmap", []string{}, 200 "GID map to use for the user namespace", 201 ) 202 createFlags.StringSliceVar( 203 &cf.GroupAdd, 204 "group-add", []string{}, 205 "Add additional groups to join", 206 ) 207 createFlags.Bool( 208 "help", false, "", 209 ) 210 createFlags.StringVar( 211 &cf.HealthCmd, 212 "health-cmd", "", 213 "set a healthcheck command for the container ('none' disables the existing healthcheck)", 214 ) 215 createFlags.StringVar( 216 &cf.HealthInterval, 217 "health-interval", cliconfig.DefaultHealthCheckInterval, 218 "set an interval for the healthchecks (a value of disable results in no automatic timer setup)", 219 ) 220 createFlags.UintVar( 221 &cf.HealthRetries, 222 "health-retries", cliconfig.DefaultHealthCheckRetries, 223 "the number of retries allowed before a healthcheck is considered to be unhealthy", 224 ) 225 createFlags.StringVar( 226 &cf.HealthStartPeriod, 227 "health-start-period", cliconfig.DefaultHealthCheckStartPeriod, 228 "the initialization time needed for a container to bootstrap", 229 ) 230 createFlags.StringVar( 231 &cf.HealthTimeout, 232 "health-timeout", cliconfig.DefaultHealthCheckTimeout, 233 "the maximum time allowed to complete the healthcheck before an interval is considered failed", 234 ) 235 createFlags.StringVarP( 236 &cf.Hostname, 237 "hostname", "h", "", 238 "Set container hostname", 239 ) 240 createFlags.BoolVar( 241 &cf.HTTPProxy, 242 "http-proxy", true, 243 "Set proxy environment variables in the container based on the host proxy vars", 244 ) 245 createFlags.StringVar( 246 &cf.ImageVolume, 247 "image-volume", cliconfig.DefaultImageVolume, 248 `Tells podman how to handle the builtin image volumes ("bind"|"tmpfs"|"ignore")`, 249 ) 250 createFlags.BoolVar( 251 &cf.Init, 252 "init", false, 253 "Run an init binary inside the container that forwards signals and reaps processes", 254 ) 255 createFlags.StringVar( 256 &cf.InitPath, 257 "init-path", getDefaultInitPath(), 258 // Do not use the Value field for setting the default value to determine user input (i.e., non-empty string) 259 fmt.Sprintf("Path to the container-init binary"), 260 ) 261 createFlags.BoolVarP( 262 &cf.Interactive, 263 "interactive", "i", false, 264 "Keep STDIN open even if not attached", 265 ) 266 createFlags.StringVar( 267 &cf.IPC, 268 "ipc", getDefaultIPCNS(), 269 "IPC namespace to use", 270 ) 271 createFlags.StringVar( 272 &cf.KernelMemory, 273 "kernel-memory", "", 274 "Kernel memory limit "+sizeWithUnitFormat, 275 ) 276 createFlags.StringArrayVarP( 277 &cf.Label, 278 "label", "l", []string{}, 279 "Set metadata on container", 280 ) 281 createFlags.StringSliceVar( 282 &cf.LabelFile, 283 "label-file", []string{}, 284 "Read in a line delimited file of labels", 285 ) 286 createFlags.StringVar( 287 &cf.LogDriver, 288 "log-driver", "", 289 "Logging driver for the container", 290 ) 291 createFlags.StringSliceVar( 292 &cf.LogOptions, 293 "log-opt", []string{}, 294 "Logging driver options", 295 ) 296 createFlags.StringVarP( 297 &cf.Memory, 298 "memory", "m", "", 299 "Memory limit "+sizeWithUnitFormat, 300 ) 301 createFlags.StringVar( 302 &cf.MemoryReservation, 303 "memory-reservation", "", 304 "Memory soft limit "+sizeWithUnitFormat, 305 ) 306 createFlags.StringVar( 307 &cf.MemorySwap, 308 "memory-swap", "", 309 "Swap limit equal to memory plus swap: '-1' to enable unlimited swap", 310 ) 311 createFlags.Int64Var( 312 &cf.MemorySwappiness, 313 "memory-swappiness", -1, 314 "Tune container memory swappiness (0 to 100, or -1 for system default)", 315 ) 316 createFlags.StringVar( 317 &cf.Name, 318 "name", "", 319 "Assign a name to the container", 320 ) 321 createFlags.BoolVar( 322 &cf.NoHealthCheck, 323 "no-healthcheck", false, 324 "Disable healthchecks on container", 325 ) 326 createFlags.BoolVar( 327 &cf.OOMKillDisable, 328 "oom-kill-disable", false, 329 "Disable OOM Killer", 330 ) 331 createFlags.IntVar( 332 &cf.OOMScoreAdj, 333 "oom-score-adj", 0, 334 "Tune the host's OOM preferences (-1000 to 1000)", 335 ) 336 createFlags.StringVar( 337 &cf.OverrideArch, 338 "override-arch", "", 339 "use `ARCH` instead of the architecture of the machine for choosing images", 340 ) 341 //markFlagHidden(createFlags, "override-arch") 342 createFlags.StringVar( 343 &cf.OverrideOS, 344 "override-os", "", 345 "use `OS` instead of the running OS for choosing images", 346 ) 347 //markFlagHidden(createFlags, "override-os") 348 createFlags.StringVar( 349 &cf.PID, 350 "pid", getDefaultPidNS(), 351 "PID namespace to use", 352 ) 353 createFlags.Int64Var( 354 &cf.PIDsLimit, 355 "pids-limit", getDefaultPidsLimit(), 356 getDefaultPidsDescription(), 357 ) 358 createFlags.StringVar( 359 &cf.Pod, 360 "pod", "", 361 "Run container in an existing pod", 362 ) 363 createFlags.BoolVar( 364 &cf.Privileged, 365 "privileged", false, 366 "Give extended privileges to container", 367 ) 368 createFlags.BoolVarP( 369 &cf.PublishAll, 370 "publish-all", "P", false, 371 "Publish all exposed ports to random ports on the host interface", 372 ) 373 createFlags.StringVar( 374 &cf.Pull, 375 "pull", "missing", 376 `Pull image before creating ("always"|"missing"|"never")`, 377 ) 378 createFlags.BoolVarP( 379 &cf.Quiet, 380 "quiet", "q", false, 381 "Suppress output information when pulling images", 382 ) 383 createFlags.BoolVar( 384 &cf.ReadOnly, 385 "read-only", false, 386 "Make containers root filesystem read-only", 387 ) 388 createFlags.BoolVar( 389 &cf.ReadOnlyTmpFS, 390 "read-only-tmpfs", true, 391 "When running containers in read-only mode mount a read-write tmpfs on /run, /tmp and /var/tmp", 392 ) 393 createFlags.StringVar( 394 &cf.Restart, 395 "restart", "", 396 `Restart policy to apply when a container exits ("always"|"no"|"on-failure")`, 397 ) 398 createFlags.BoolVar( 399 &cf.Rm, 400 "rm", false, 401 "Remove container (and pod if created) after exit", 402 ) 403 createFlags.BoolVar( 404 &cf.RootFS, 405 "rootfs", false, 406 "The first argument is not an image but the rootfs to the exploded container", 407 ) 408 createFlags.StringArrayVar( 409 &cf.SecurityOpt, 410 "security-opt", getDefaultSecurityOptions(), 411 fmt.Sprintf("Security Options"), 412 ) 413 createFlags.StringVar( 414 &cf.ShmSize, 415 "shm-size", getDefaultShmSize(), 416 "Size of /dev/shm "+sizeWithUnitFormat, 417 ) 418 createFlags.StringVar( 419 &cf.StopSignal, 420 "stop-signal", "", 421 "Signal to stop a container. Default is SIGTERM", 422 ) 423 createFlags.UintVar( 424 &cf.StopTimeout, 425 "stop-timeout", defaultContainerConfig.Engine.StopTimeout, 426 "Timeout (in seconds) to stop a container. Default is 10", 427 ) 428 createFlags.StringSliceVar( 429 &cf.StoreageOpt, 430 "storage-opt", []string{}, 431 "Storage driver options per container", 432 ) 433 createFlags.StringVar( 434 &cf.SubUIDName, 435 "subgidname", "", 436 "Name of range listed in /etc/subgid for use in user namespace", 437 ) 438 createFlags.StringVar( 439 &cf.SubGIDName, 440 "subuidname", "", 441 "Name of range listed in /etc/subuid for use in user namespace", 442 ) 443 444 createFlags.StringSliceVar( 445 &cf.Sysctl, 446 "sysctl", getDefaultSysctls(), 447 "Sysctl options", 448 ) 449 createFlags.StringVar( 450 &cf.SystemdD, 451 "systemd", "true", 452 `Run container in systemd mode ("true"|"false"|"always")`, 453 ) 454 createFlags.StringArrayVar( 455 &cf.TmpFS, 456 "tmpfs", []string{}, 457 "Mount a temporary filesystem (`tmpfs`) into a container", 458 ) 459 createFlags.BoolVarP( 460 &cf.TTY, 461 "tty", "t", false, 462 "Allocate a pseudo-TTY for container", 463 ) 464 createFlags.StringSliceVar( 465 &cf.UIDMap, 466 "uidmap", []string{}, 467 "UID map to use for the user namespace", 468 ) 469 createFlags.StringSliceVar( 470 &cf.Ulimit, 471 "ulimit", getDefaultUlimits(), 472 "Ulimit options", 473 ) 474 createFlags.StringVarP( 475 &cf.User, 476 "user", "u", "", 477 "Username or UID (format: <name|uid>[:<group|gid>])", 478 ) 479 createFlags.StringVar( 480 &cf.UserNS, 481 "userns", getDefaultUserNS(), 482 "User namespace to use", 483 ) 484 createFlags.StringVar( 485 &cf.UTS, 486 "uts", getDefaultUTSNS(), 487 "UTS namespace to use", 488 ) 489 createFlags.StringArrayVar( 490 &cf.Mount, 491 "mount", []string{}, 492 "Attach a filesystem mount to the container", 493 ) 494 createFlags.StringArrayVarP( 495 &cf.Volume, 496 "volume", "v", getDefaultVolumes(), 497 "Bind mount a volume into the container", 498 ) 499 createFlags.StringSliceVar( 500 &cf.VolumesFrom, 501 "volumes-from", []string{}, 502 "Mount volumes from the specified container(s)", 503 ) 504 createFlags.StringVarP( 505 &cf.Workdir, 506 "workdir", "w", "", 507 "Working directory inside the container", 508 ) 509 createFlags.StringVar( 510 &cf.SeccompPolicy, 511 "seccomp-policy", "default", 512 "Policy for selecting a seccomp profile (experimental)", 513 ) 514 return &createFlags 515 } 516 517 func AliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName { 518 switch name { 519 case "healthcheck-command": 520 name = "health-cmd" 521 case "healthcheck-interval": 522 name = "health-interval" 523 case "healthcheck-retries": 524 name = "health-retries" 525 case "healthcheck-start-period": 526 name = "health-start-period" 527 case "healthcheck-timeout": 528 name = "health-timeout" 529 case "net": 530 name = "network" 531 } 532 return pflag.NormalizedName(name) 533 }