github.com/hanks177/podman/v4@v4.1.3-0.20220613032544-16d90015bc83/docs/source/markdown/podman-generate-kube.1.md (about) 1 % podman-generate-kube(1) 2 ## NAME 3 podman-generate-kube - Generate Kubernetes YAML based on containers, pods or volumes 4 5 ## SYNOPSIS 6 **podman generate kube** [*options*] *container...* | *pod...* | *volume...* 7 8 ## DESCRIPTION 9 **podman generate kube** will generate Kubernetes YAML (v1 specification) from Podman containers, pods or volumes. Regardless of whether 10 the input is for containers or pods, Podman will always generate the specification as a Pod. The input may be in the form 11 of one or more containers, pods or volumes names or IDs. 12 13 `Podman Containers or Pods` 14 15 Volumes appear in the generated YAML according to two different volume types. Bind-mounted volumes become *hostPath* volume types and named volumes become *persistentVolumeClaim* volume types. Generated *hostPath* volume types will be one of three subtypes depending on the state of the host path: *DirectoryOrCreate* when no file or directory exists at the host, *Directory* when host path is a directory, or *File* when host path is a file. The value for *claimName* for a *persistentVolumeClaim* is the name of the named volume registered in Podman. 16 17 Potential name conflicts between volumes are avoided by using a standard naming scheme for each volume type. The *hostPath* volume types are named according to the path on the host machine, replacing forward slashes with hyphens less any leading and trailing forward slashes. The special case of the filesystem root, `/`, translates to the name `root`. Additionally, the name is suffixed with `-host` to avoid naming conflicts with *persistentVolumeClaim* volumes. Each *persistentVolumeClaim* volume type uses the name of its associated named volume suffixed with `-pvc`. 18 19 Note that if an init container is created with type `once` and the pod has been started, the init container will not show up in the generated kube YAML as `once` type init containers are deleted after they are run. If the pod has only been created and not started, it will be in the generated kube YAML. 20 Init containers created with type `always` will always be generated in the kube YAML as they are never deleted, even after running to completion. 21 22 *Note*: When using volumes and generating a Kubernetes YAML for an unprivileged and rootless podman container on an **SELinux enabled system**, one of the following options must be completed: 23 * Add the "privileged: true" option to the pod spec 24 * Add `type: spc_t` under the `securityContext` `seLinuxOptions` in the pod spec 25 * Relabel the volume via the CLI command `chcon -t container_file_t -R <directory>` 26 27 Once completed, the correct permissions will be in place to access the volume when the pod/container is created in a Kubernetes cluster. 28 29 Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1). 30 31 ## OPTIONS 32 33 #### **--filename**, **-f**=**filename** 34 35 Output to the given file, instead of STDOUT. If the file already exists, `generate kube` will refuse to replace it and return an error. 36 37 #### **--service**, **-s** 38 39 Generate a Kubernetes service object in addition to the Pods. Used to generate a Service specification for the corresponding Pod output. In particular, if the object has portmap bindings, the service specification will include a NodePort declaration to expose the service. A 40 random port is assigned by Podman in the specification. 41 42 ## EXAMPLES 43 44 Create Kubernetes Pod YAML for a container called `some-mariadb`. 45 ``` 46 $ sudo podman generate kube some-mariadb 47 # Save the output of this file and use kubectl create -f to import 48 # it into Kubernetes. 49 # 50 # Created with podman-0.11.2-dev 51 apiVersion: v1 52 kind: Pod 53 metadata: 54 creationTimestamp: 2018-12-03T19:07:59Z 55 labels: 56 app: some-mariadb 57 name: some-mariadb-libpod 58 spec: 59 containers: 60 - command: 61 - docker-entrypoint.sh 62 - mysqld 63 env: 64 - name: HOSTNAME 65 - name: GOSU_VERSION 66 value: "1.10" 67 - name: GPG_KEYS 68 value: "199369E5404BD5FC7D2FE43BCBCB082A1BB943DB \t177F4010FE56CA3336300305F1656F24C74CD1D8 69 \t430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A \t4D1BB29D63D98E422B2113B19334A25F8507EFA5" 70 - name: MARIADB_MAJOR 71 value: "10.3" 72 - name: MARIADB_VERSION 73 value: 1:10.3.10+maria~bionic 74 - name: MYSQL_ROOT_PASSWORD 75 value: x 76 image: quay.io/baude/demodb:latest 77 name: some-mariadb 78 ports: 79 - containerPort: 3306 80 hostPort: 36533 81 resources: {} 82 securityContext: 83 capabilities: 84 drop: 85 - CAP_MKNOD 86 - CAP_NET_RAW 87 - CAP_AUDIT_WRITE 88 tty: true 89 status: {} 90 ``` 91 92 Create Kubernetes Pod YAML for a container with the directory `/home/user/my-data` on the host bind-mounted in the container to `/volume`. 93 ``` 94 $ podman generate kube my-container-with-bind-mounted-data 95 # Save the output of this file and use kubectl create -f to import 96 # it into Kubernetes. 97 # 98 # Created with podman-3.1.0-dev 99 apiVersion: v1 100 kind: Pod 101 metadata: 102 creationTimestamp: "2021-03-18T16:26:08Z" 103 labels: 104 app: my-container-with-bind-mounted-data 105 name: my-container-with-bind-mounted-data 106 spec: 107 containers: 108 - command: 109 - /bin/sh 110 image: docker.io/library/alpine:latest 111 name: test-bind-mount 112 resources: {} 113 securityContext: 114 capabilities: 115 drop: 116 - CAP_MKNOD 117 - CAP_NET_RAW 118 - CAP_AUDIT_WRITE 119 volumeMounts: 120 - mountPath: /volume 121 name: home-user-my-data-host 122 restartPolicy: Never 123 volumes: 124 - hostPath: 125 path: /home/user/my-data 126 type: Directory 127 name: home-user-my-data-host 128 status: {} 129 ``` 130 131 Create Kubernetes Pod YAML for a container with the named volume `priceless-data` mounted in the container at `/volume`. 132 ``` 133 $ podman generate kube my-container-using-priceless-data 134 # Save the output of this file and use kubectl create -f to import 135 # it into Kubernetes. 136 # 137 # Created with podman-3.1.0-dev 138 apiVersion: v1 139 kind: Pod 140 metadata: 141 creationTimestamp: "2021-03-18T16:26:08Z" 142 labels: 143 app: my-container-using-priceless-data 144 name: my-container-using-priceless-data 145 spec: 146 containers: 147 - command: 148 - /bin/sh 149 image: docker.io/library/alpine:latest 150 name: test-bind-mount 151 resources: {} 152 securityContext: 153 capabilities: 154 drop: 155 - CAP_MKNOD 156 - CAP_NET_RAW 157 - CAP_AUDIT_WRITE 158 volumeMounts: 159 - mountPath: /volume 160 name: priceless-data-pvc 161 restartPolicy: Never 162 volumes: 163 - name: priceless-data-pvc 164 persistentVolumeClaim: 165 claimName: priceless-data 166 status: {} 167 ``` 168 169 Create Kubernetes Pod YAML for a pod called `demoweb` and include a service. 170 ``` 171 $ sudo podman generate kube -s demoweb 172 # Save the output of this file and use kubectl create -f to import 173 # it into Kubernetes. 174 # 175 # Created with podman-0.12.2-dev 176 apiVersion: v1 177 kind: Pod 178 metadata: 179 creationTimestamp: 2018-12-18T15:16:06Z 180 labels: 181 app: demoweb 182 name: demoweb-libpod 183 spec: 184 containers: 185 - command: 186 - python3 187 - /root/code/graph.py 188 image: quay.io/baude/demoweb:latest 189 name: practicalarchimedes 190 resources: {} 191 tty: true 192 workingDir: /root/code 193 status: {} 194 --- 195 apiVersion: v1 196 kind: Service 197 metadata: 198 creationTimestamp: 2018-12-18T15:16:06Z 199 labels: 200 app: demoweb 201 name: demoweb-libpod 202 spec: 203 ports: 204 - name: "8050" 205 nodePort: 31269 206 port: 8050 207 targetPort: 0 208 selector: 209 app: demoweb 210 type: NodePort 211 status: 212 loadBalancer: {} 213 ``` 214 215 ## SEE ALSO 216 **[podman(1)](podman.1.md)**, **[podman-container(1)](podman-container.1.md)**, **[podman-pod(1)](podman-pod.1.md)**, **[podman-play-kube(1)](podman-play-kube.1.md)** 217 218 ## HISTORY 219 December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)