Add support for specifying CNI networks in podman play kube

Fixes: containers#5609 Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
kunalkushwaha · Mar 27, 2020 · 91dbdff · 91dbdff
1 parent 90d82eb
commit 91dbdff
Show file tree

Hide file tree

Showing 5 changed files with 32 additions and 1 deletion.
diff --git a/cmd/podman/cliconfig/config.go b/cmd/podman/cliconfig/config.go
@@ -318,6 +318,7 @@ type KubePlayValues struct {
 	Authfile           string
 	CertDir            string
 	Creds              string
+	Network            string
 	Quiet              bool
 	SignaturePolicy    string
 	TlsVerify          bool

diff --git a/cmd/podman/play_kube.go b/cmd/podman/play_kube.go
@@ -51,6 +51,7 @@ func init() {
 		flags.StringVar(&playKubeCommand.SeccompProfileRoot, "seccomp-profile-root", defaultSeccompRoot, "Directory path for seccomp profiles")
 		markFlagHidden(flags, "signature-policy")
 	}
+	flags.StringVar(&playKubeCommand.Network, "network", "", "Connect pod to CNI network(s)")
 }
 
 func playKubeCmd(c *cliconfig.KubePlayValues) error {

diff --git a/completions/bash/podman b/completions/bash/podman
@@ -2683,6 +2683,7 @@ _podman_play_kube() {
     --authfile
     --cert-dir
     --creds
+    --network
     "
 
     local boolean_options="

diff --git a/docs/source/markdown/podman-play-kube.1.md b/docs/source/markdown/podman-play-kube.1.md
@@ -36,6 +36,10 @@ The [username[:password]] to use to authenticate with the registry if required.
 If one or both values are not supplied, a command line prompt will appear and the
 value can be entered.  The password is entered without echo.
 
+**--network**=*cni networks*
+
+A comma-separated list of the names of CNI networks the pod should join.
+
 **--quiet**, **-q**
 
 Suppress output information when pulling images
@@ -62,8 +66,16 @@ $ podman play kube demo.yml
 52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
 ```
 
+CNI network(s) can be specified as comma-separated list using ``--network``
+```
+$ podman play kube demo.yml --network cni1,cni2
+52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
+```
+
+Please take into account that CNI networks must be created first using podman-network-create(1).
+
 ## SEE ALSO
-podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1), podman-play(1)
+podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1), podman-play(1), podman-network-create(1)
 
 ## HISTORY
 December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)
diff --git a/pkg/adapter/pods.go b/pkg/adapter/pods.go
@@ -595,6 +595,22 @@ func (r *LocalRuntime) PlayKubeYAML(ctx context.Context, c *cliconfig.KubePlayVa
 	podPorts := getPodPorts(podYAML.Spec.Containers)
 	podOptions = append(podOptions, libpod.WithInfraContainerPorts(podPorts))
 
+	if c.Flag("network").Changed {
+		netValue := c.String("network")
+		switch strings.ToLower(netValue) {
+		case "bridge", "host":
+			return nil, errors.Errorf("invalid value passed to --network: bridge or host networking must be configured in YAML")
+		case "":
+			return nil, errors.Errorf("invalid value passed to --network: must provide a comma-separated list of CNI networks")
+		default:
+			// We'll assume this is a comma-separated list of CNI
+			// networks.
+			networks := strings.Split(netValue, ",")
+			logrus.Debugf("Pod joining CNI networks: %v", networks)
+			podOptions = append(podOptions, libpod.WithPodNetworks(networks))
+		}
+	}
+
 	// Create the Pod
 	pod, err = r.NewPod(ctx, podOptions...)
 	if err != nil {