mirror of
https://github.com/containers/podman
synced 2024-10-20 17:23:30 +00:00
add varlink bridge
allow the user to define a remote host and remote username for their remote podman sessions. this is then feed to the varlink "bridge" as the ssh credentials and endpoint. Signed-off-by: baude <bbaude@redhat.com>
This commit is contained in:
parent
64d1a357e8
commit
38199f4c28
|
@ -32,6 +32,10 @@ type MainFlags struct {
|
|||
CpuProfile string
|
||||
LogLevel string
|
||||
TmpDir string
|
||||
|
||||
RemoteUserName string
|
||||
RemoteHost string
|
||||
VarlinkAddress string
|
||||
}
|
||||
|
||||
type AttachValues struct {
|
||||
|
|
|
@ -9,7 +9,11 @@ import (
|
|||
const remote = true
|
||||
|
||||
func init() {
|
||||
// remote client specific flags can go here.
|
||||
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.RemoteUserName, "username", "", "username on the remote host")
|
||||
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.RemoteHost, "remote-host", "", "remote host")
|
||||
// TODO maybe we allow the altering of this for bridge connections?
|
||||
//rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.VarlinkAddress, "varlink-address", adapter.DefaultAddress, "address of the varlink socket")
|
||||
rootCmd.PersistentFlags().StringVar(&MainGlobalOpts.LogLevel, "log-level", "error", "Log messages above specified level: debug, info, warn, error, fatal or panic")
|
||||
}
|
||||
|
||||
func setSyslog() error {
|
||||
|
|
|
@ -3,8 +3,6 @@
|
|||
package shared
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
|
||||
"github.com/containers/libpod/cmd/podman/cliconfig"
|
||||
"github.com/containers/libpod/cmd/podman/varlink"
|
||||
"github.com/containers/libpod/pkg/rootless"
|
||||
|
@ -209,7 +207,6 @@ func boolFromVarlink(v *bool, flagName string, defaultValue bool) CRBool {
|
|||
cr.Val = defaultValue
|
||||
cr.Changed = false
|
||||
} else {
|
||||
fmt.Println(flagName, cr.Val)
|
||||
cr.Val = *v
|
||||
cr.Changed = true
|
||||
}
|
||||
|
|
|
@ -3,11 +3,17 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"time"
|
||||
|
||||
"github.com/containers/libpod/cmd/podman/cliconfig"
|
||||
"github.com/containers/libpod/cmd/podman/libpodruntime"
|
||||
iopodman "github.com/containers/libpod/cmd/podman/varlink"
|
||||
"github.com/containers/libpod/pkg/adapter"
|
||||
"github.com/containers/libpod/pkg/rootless"
|
||||
"github.com/containers/libpod/pkg/util"
|
||||
"github.com/containers/libpod/pkg/varlinkapi"
|
||||
"github.com/containers/libpod/version"
|
||||
"github.com/pkg/errors"
|
||||
|
@ -45,13 +51,31 @@ func init() {
|
|||
}
|
||||
|
||||
func varlinkCmd(c *cliconfig.VarlinkValues) error {
|
||||
varlinkURI := adapter.DefaultAddress
|
||||
if rootless.IsRootless() {
|
||||
xdg, err := util.GetRootlessRuntimeDir()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
socketDir := filepath.Join(xdg, "podman/io.podman")
|
||||
if _, err := os.Stat(filepath.Dir(socketDir)); os.IsNotExist(err) {
|
||||
if err := os.Mkdir(filepath.Dir(socketDir), 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
varlinkURI = fmt.Sprintf("unix:%s", socketDir)
|
||||
}
|
||||
args := c.InputArgs
|
||||
if len(args) < 1 {
|
||||
return errors.Errorf("you must provide a varlink URI")
|
||||
}
|
||||
|
||||
if len(args) > 1 {
|
||||
return errors.Errorf("too many arguments. Requires exactly 1")
|
||||
return errors.Errorf("too many arguments. you may optionally provide 1")
|
||||
}
|
||||
|
||||
if len(args) > 0 {
|
||||
varlinkURI = args[0]
|
||||
}
|
||||
|
||||
logrus.Debugf("Using varlink socket: %s", varlinkURI)
|
||||
timeout := time.Duration(c.Timeout) * time.Millisecond
|
||||
|
||||
// Create a single runtime for varlink
|
||||
|
@ -81,7 +105,7 @@ func varlinkCmd(c *cliconfig.VarlinkValues) error {
|
|||
}
|
||||
|
||||
// Run the varlink server at the given address
|
||||
if err = service.Listen(args[0], timeout); err != nil {
|
||||
if err = service.Listen(varlinkURI, timeout); err != nil {
|
||||
switch err.(type) {
|
||||
case varlink.ServiceTimeoutError:
|
||||
logrus.Infof("varlink service expired (use --timeout to increase session time beyond %d ms, 0 means never timeout)", c.Int64("timeout"))
|
||||
|
|
|
@ -7,8 +7,10 @@ podman\-varlink - Runs the varlink backend interface
|
|||
**podman varlink** [*options*] *uri*
|
||||
|
||||
## DESCRIPTION
|
||||
Starts the varlink service listening on *uri* that allows varlink clients to interact with podman. This should generally be done
|
||||
with systemd. See _Configuration_ below.
|
||||
Starts the varlink service listening on *uri* that allows varlink clients to interact with podman. If no *uri* is provided, a default
|
||||
URI will be used depending on the user calling the varlink service. The default for the root user is `unix:/run/podman/io.podman`. Regular
|
||||
users will have a default *uri* of `$XDG_RUNTIME_DIR/podman/io.podman`. For example, `unix:/run/user/1000/podman/io.podman`
|
||||
The varlink service should generally be done with systemd. See _Configuration_ below.
|
||||
|
||||
## GLOBAL OPTIONS
|
||||
|
||||
|
@ -23,16 +25,23 @@ second. A value of `0` means no timeout and the session will not expire.
|
|||
|
||||
## EXAMPLES
|
||||
|
||||
Run the podman varlink service manually and accept the default timeout.
|
||||
Run the podman varlink service accepting all default options.
|
||||
|
||||
```
|
||||
$ podman varlink unix:/run/podman/io.podman
|
||||
$ podman varlink
|
||||
```
|
||||
|
||||
|
||||
Run the podman varlink service with an alternate URI and accept the default timeout.
|
||||
|
||||
```
|
||||
$ podman varlink unix:/tmp/io.podman
|
||||
```
|
||||
|
||||
Run the podman varlink service manually with a 5 second timeout.
|
||||
|
||||
```
|
||||
$ podman varlink --timeout 5000 unix:/run/podman/io.podman
|
||||
$ podman varlink --timeout 5000
|
||||
```
|
||||
|
||||
## CONFIGURATION
|
||||
|
|
|
@ -3,30 +3,45 @@
|
|||
package adapter
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
|
||||
"github.com/sirupsen/logrus"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/varlink/go/varlink"
|
||||
)
|
||||
|
||||
// DefaultAddress is the default address of the varlink socket
|
||||
const DefaultAddress = "unix:/run/podman/io.podman"
|
||||
type VarlinkConnectionInfo struct {
|
||||
RemoteUserName string
|
||||
RemoteHost string
|
||||
VarlinkAddress string
|
||||
}
|
||||
|
||||
// Connect provides a varlink connection
|
||||
func (r RemoteRuntime) Connect() (*varlink.Connection, error) {
|
||||
var err error
|
||||
var connection *varlink.Connection
|
||||
if bridge := os.Getenv("PODMAN_VARLINK_BRIDGE"); bridge != "" {
|
||||
logrus.Infof("Connecting with varlink bridge")
|
||||
logrus.Debugf("%s", bridge)
|
||||
var (
|
||||
err error
|
||||
connection *varlink.Connection
|
||||
)
|
||||
|
||||
logLevel := r.cmd.LogLevel
|
||||
|
||||
// I'm leaving this here for now as a document of the birdge format. It can be removed later once the bridge
|
||||
// function is more flushed out.
|
||||
//bridge := `ssh -T root@192.168.122.1 "/usr/bin/varlink -A '/usr/bin/podman varlink \$VARLINK_ADDRESS' bridge"`
|
||||
if len(r.cmd.RemoteHost) > 0 {
|
||||
// The user has provided a remote host endpoint
|
||||
if len(r.cmd.RemoteUserName) < 1 {
|
||||
return nil, errors.New("you must provide a username when providing a remote host name")
|
||||
}
|
||||
bridge := fmt.Sprintf(`ssh -T %s@%s /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`, r.cmd.RemoteUserName, r.cmd.RemoteHost, logLevel)
|
||||
connection, err = varlink.NewBridge(bridge)
|
||||
} else if bridge := os.Getenv("PODMAN_VARLINK_BRIDGE"); bridge != "" {
|
||||
connection, err = varlink.NewBridge(bridge)
|
||||
} else {
|
||||
address := os.Getenv("PODMAN_VARLINK_ADDRESS")
|
||||
if address == "" {
|
||||
address = DefaultAddress
|
||||
}
|
||||
logrus.Infof("Connecting with varlink address")
|
||||
logrus.Debugf("%s", address)
|
||||
connection, err = varlink.NewConnection(address)
|
||||
}
|
||||
if err != nil {
|
||||
|
|
4
pkg/adapter/client_config.go
Normal file
4
pkg/adapter/client_config.go
Normal file
|
@ -0,0 +1,4 @@
|
|||
package adapter
|
||||
|
||||
// DefaultAddress is the default address of the varlink socket
|
||||
const DefaultAddress = "unix:/run/podman/io.podman"
|
|
@ -38,6 +38,7 @@ type RemoteImageRuntime struct{}
|
|||
type RemoteRuntime struct {
|
||||
Conn *varlink.Connection
|
||||
Remote bool
|
||||
cmd cliconfig.MainFlags
|
||||
}
|
||||
|
||||
// LocalRuntime describes a typical libpod runtime
|
||||
|
@ -47,17 +48,17 @@ type LocalRuntime struct {
|
|||
|
||||
// GetRuntime returns a LocalRuntime struct with the actual runtime embedded in it
|
||||
func GetRuntime(ctx context.Context, c *cliconfig.PodmanCommand) (*LocalRuntime, error) {
|
||||
runtime := RemoteRuntime{}
|
||||
runtime := RemoteRuntime{
|
||||
Remote: true,
|
||||
cmd: c.GlobalFlags,
|
||||
}
|
||||
conn, err := runtime.Connect()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
runtime.Conn = conn
|
||||
return &LocalRuntime{
|
||||
&RemoteRuntime{
|
||||
Conn: conn,
|
||||
Remote: true,
|
||||
},
|
||||
&runtime,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
|
@ -60,6 +60,7 @@ func (i *LibpodAPI) Attach(call iopodman.VarlinkCall, name string, detachKeys st
|
|||
if !start && state != libpod.ContainerStateRunning {
|
||||
return call.ReplyErrorOccurred("container must be running to attach")
|
||||
}
|
||||
call.Reply(nil)
|
||||
reader, writer, _, pw, streams := setupStreams(call)
|
||||
|
||||
go func() {
|
||||
|
|
|
@ -86,15 +86,18 @@ func (i *LibpodAPI) GetInfo(call iopodman.VarlinkCall) error {
|
|||
Graph_status: graphStatus,
|
||||
}
|
||||
|
||||
registriesInterface := info[2].Data["registries"]
|
||||
insecureRegistriesInterface := info[3].Data["registries"]
|
||||
if registriesInterface != nil {
|
||||
registries = registriesInterface.([]string)
|
||||
if len(info) > 2 {
|
||||
registriesInterface := info[2].Data["registries"]
|
||||
if registriesInterface != nil {
|
||||
registries = registriesInterface.([]string)
|
||||
}
|
||||
}
|
||||
if insecureRegistriesInterface != nil {
|
||||
insecureRegistries = insecureRegistriesInterface.([]string)
|
||||
if len(info) > 3 {
|
||||
insecureRegistriesInterface := info[3].Data["registries"]
|
||||
if insecureRegistriesInterface != nil {
|
||||
insecureRegistries = insecureRegistriesInterface.([]string)
|
||||
}
|
||||
}
|
||||
|
||||
podmanInfo.Store = infoStore
|
||||
podmanInfo.Podman = pmaninfo
|
||||
podmanInfo.Registries = registries
|
||||
|
|
|
@ -93,8 +93,8 @@ k8s.io/api kubernetes-1.10.13-beta.0 https://github.com/kubernetes/api
|
|||
k8s.io/apimachinery kubernetes-1.10.13-beta.0 https://github.com/kubernetes/apimachinery
|
||||
k8s.io/client-go kubernetes-1.10.13-beta.0 https://github.com/kubernetes/client-go
|
||||
github.com/mrunalp/fileutils 7d4729fb36185a7c1719923406c9d40e54fb93c7
|
||||
github.com/varlink/go 64e07fabffa33e385817b41971cf2674f692f391
|
||||
github.com/containers/buildah v1.8.2
|
||||
github.com/varlink/go 0f1d566d194b9d6d48e0d47c5e4d822628919066
|
||||
# TODO: Gotty has not been updated since 2012. Can we find replacement?
|
||||
github.com/Nvveen/Gotty cd527374f1e5bff4938207604a14f2e38a9cf512
|
||||
github.com/fsouza/go-dockerclient v1.3.0
|
||||
|
|
11
vendor/github.com/varlink/go/varlink/bridge.go
generated
vendored
11
vendor/github.com/varlink/go/varlink/bridge.go
generated
vendored
|
@ -6,6 +6,7 @@ import (
|
|||
"bufio"
|
||||
"io"
|
||||
"net"
|
||||
"os"
|
||||
"os/exec"
|
||||
)
|
||||
|
||||
|
@ -30,12 +31,13 @@ func (p PipeCon) Close() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// NewConnection returns a new connection to the given address.
|
||||
func NewBridge(bridge string) (*Connection, error) {
|
||||
// NewBridgeWithStderr returns a new connection with the given bridge.
|
||||
func NewBridgeWithStderr(bridge string, stderr io.Writer) (*Connection, error) {
|
||||
//var err error
|
||||
|
||||
c := Connection{}
|
||||
cmd := exec.Command("sh", "-c", bridge)
|
||||
cmd.Stderr = stderr
|
||||
r, err := cmd.StdoutPipe()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -56,3 +58,8 @@ func NewBridge(bridge string) (*Connection, error) {
|
|||
|
||||
return &c, nil
|
||||
}
|
||||
|
||||
// NewBridge returns a new connection with the given bridge.
|
||||
func NewBridge(bridge string) (*Connection, error) {
|
||||
return NewBridgeWithStderr(bridge, os.Stderr)
|
||||
}
|
||||
|
|
11
vendor/github.com/varlink/go/varlink/bridge_windows.go
generated
vendored
11
vendor/github.com/varlink/go/varlink/bridge_windows.go
generated
vendored
|
@ -4,6 +4,7 @@ import (
|
|||
"bufio"
|
||||
"io"
|
||||
"net"
|
||||
"os"
|
||||
"os/exec"
|
||||
)
|
||||
|
||||
|
@ -28,12 +29,13 @@ func (p PipeCon) Close() error {
|
|||
return nil
|
||||
}
|
||||
|
||||
// NewConnection returns a new connection to the given address.
|
||||
func NewBridge(bridge string) (*Connection, error) {
|
||||
// NewBridgeWithStderr returns a new connection with the given bridge.
|
||||
func NewBridgeWithStderr(bridge string, stderr io.Writer) (*Connection, error) {
|
||||
//var err error
|
||||
|
||||
c := Connection{}
|
||||
cmd := exec.Command("cmd", "/C", bridge)
|
||||
cmd.Stderr = stderr
|
||||
r, err := cmd.StdoutPipe()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
|
@ -54,3 +56,8 @@ func NewBridge(bridge string) (*Connection, error) {
|
|||
|
||||
return &c, nil
|
||||
}
|
||||
|
||||
// NewBridge returns a new connection with the given bridge.
|
||||
func NewBridge(bridge string) (*Connection, error) {
|
||||
return NewBridgeWithStderr(bridge, os.Stderr)
|
||||
}
|
Loading…
Reference in a new issue