NAME¶ 名称
podman-kube-generate - Generate Kubernetes YAML based on containers, pods or volumes
podman-kube-generate - 根据容器、Pod 或卷生成基于 Kubernetes 的 YAML
SYNOPSIS¶ 概要
podman kube generate [options] container… | pod… | volume…
podman kube generate [选项] 容器... | Pod... | 卷...
DESCRIPTION¶ 描述
podman kube generate generates Kubernetes YAML (v1 specification) from Podman containers, pods or volumes. Regardless of whether
the input is for containers or pods, Podman generates the specification as a Pod by default. The input may be in the form
of one or more containers, pods or volumes names or IDs.
podman kube generate 从 Podman 容器、Pod 或卷生成 Kubernetes YAML(v1 规范)。无论输入是容器还是 Pod,Podman 默认生成 Pod 规范。输入可以是一个或多个容器、Pod 或卷的名称或 ID 的形式。
Podman Containers or Pods
Volumes appear in the generated YAML according to two different volume types. Bind-mounted volumes become hostPath volume types and named volumes become persistentVolumeClaim volume types. Generated hostPath volume types are one of three subtypes depending on the state of the host path: DirectoryOrCreate when no file or directory exists at the host, Directory when host path is a directory, or File when host path is a file. The value for claimName for a persistentVolumeClaim is the name of the named volume registered in Podman.
生成的 YAML 中的卷根据两种不同的卷类型显示。绑定挂载的卷变成 hostPath 卷类型,命名卷变成 persistentVolumeClaim 卷类型。生成的 hostPath 卷类型根据主机路径的状态有三种子类型之一:当主机上不存在文件或目录时为 DirectoryOrCreate,当主机路径为目录时为 Directory,或者当主机路径为文件时为 File。persistentVolumeClaim 的 claimName 值是在 Podman 中注册的命名卷的名称。
Potential name conflicts between volumes are avoided by using a standard naming scheme for each volume type. The hostPath volume types are named according to the path on the host machine, replacing forward slashes with hyphens less any leading and trailing forward slashes. The special case of the filesystem root, /
, translates to the name root
. Additionally, the name is suffixed with -host
to avoid naming conflicts with persistentVolumeClaim volumes. Each persistentVolumeClaim volume type uses the name of its associated named volume suffixed with -pvc
.
通过为每种卷类型使用标准命名方案来避免卷之间的潜在名称冲突。hostPath 卷类型根据主机上的路径命名,将正斜杠替换为连字符,去除任何前导和尾随正斜杠。文件系统根目录的特殊情况 /
转换为名称 root
。此外,名称后缀为 -host
以避免与 persistentVolumeClaim 卷的命名冲突。每个 persistentVolumeClaim 卷类型使用其关联的命名卷的名称后缀为 -pvc
。
Note that if an init container is created with type once
and the pod has been started, it does not show up in the generated kube YAML as once
type init containers are deleted after they are run. If the pod has only been created and not started, it is in the generated kube YAML.
Init containers created with type always
are always generated in the kube YAML as they are never deleted, even after running to completion.
请注意,如果使用类型 once
创建了一个 init 容器,并且 pod 已经启动,它不会显示在生成的 kube YAML 中,因为 once
类型的 init 容器在运行后会被删除。如果 pod 只是被创建而没有启动,它会出现在生成的 kube YAML 中。使用类型 always
创建的 init 容器总是会在 kube YAML 中生成,因为它们永远不会被删除,即使运行完成后也是如此。
Note: When using volumes and generating a Kubernetes YAML for an unprivileged and rootless podman container on an SELinux enabled system, one of the following options must be completed:
注意:在使用卷并为启用 SELinux 的系统上的非特权和无根 podman 容器生成 Kubernetes YAML 时,必须完成以下选项之一:
Add the “privileged: true” option to the pod spec
将“privileged: true”选项添加到 pod spec 中Add
type: spc_t
under thesecurityContext
seLinuxOptions
in the pod spec
在 pod 规范中的securityContext
seLinuxOptions
下添加type: spc_t
Relabel the volume via the CLI command
chcon -t container_file_t -R <directory>
通过 CLI 命令chcon -t container_file_t -R <directory>
重新标记卷
Once completed, the correct permissions are in place to access the volume when the pod/container is created in a Kubernetes cluster.
完成后,在 Kubernetes 集群中创建 pod/container 时,正确的权限已经设置好以访问卷
Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1).
请注意,生成的 Kubernetes YAML 文件可用于通过 podman-play-kube(1) 重新运行部署。
Note that if the pod being generated was created with the --infra-name flag set, then the generated kube yaml will have the io.podman.annotations.infra.name set where the value is the name of the infra container set by the user.
请注意,如果生成的 Pod 是使用 --infra-name 标志创建的,则生成的 kube yaml 将具有用户设置的基础设施容器名称的 io.podman.annotations.infra.name 设置为值。
Also note that both Deployment and DaemonSet can only have restartPolicy
set to Always
.
还请注意,部署和 DaemonSet 只能将 restartPolicy
设置为 Always
。
OPTIONS¶ 选项
--filename, -f=filename¶
--文件名, -f=文件名 ¶
Output to the given file instead of STDOUT. If the file already exists, kube generate
refuses to replace it and returns an error.
将输出写入指定文件,而不是标准输出。如果文件已经存在, kube generate
拒绝替换它并返回错误。
--podman-only¶ --仅限 podman ¶
Add podman-only reserved annotations in generated YAML file (Cannot be used by Kubernetes)
在生成的 YAML 文件中添加仅限于 podman 的保留注释(不能被 Kubernetes 使用)
--replicas, -r=replica count¶
--replicas, -r=副本数量 ¶
The value to set replicas
to when generating a Deployment kind.
Note: this can only be set with the option --type=deployment
.
在生成 Deployment 类型时设置 replicas
的值。注意:只能使用选项 --type=deployment
进行设置。
--service, -s¶
Generate a Kubernetes service object in addition to the Pods. Used to generate a Service specification for the corresponding Pod output. In particular, if the object has portmap bindings, the service specification includes a NodePort declaration to expose the service. A random port is assigned by Podman in the specification.
生成一个 Kubernetes 服务对象,除了 Pods 外。用于为相应的 Pod 输出生成一个 Service 规范。特别是,如果对象具有端口映射绑定,服务规范将包括一个 NodePort 声明以公开服务。Podman 在规范中分配一个随机端口。
--type, -t=pod | deployment | daemonset¶
The Kubernetes kind to generate in the YAML file. Currently, the only supported Kubernetes specifications are Pod
, Deployment
and DaemonSet
. By default, the Pod
specification is generated.
生成在 YAML 文件中的 Kubernetes 类型。目前,唯一支持的 Kubernetes 规范是 Pod
, Deployment
和 DaemonSet
。默认情况下,生成 Pod
规范。
EXAMPLES¶ 示例
Create Kubernetes Pod YAML for the specified container.
为指定的容器创建 Kubernetes Pod YAML。
$ podman kube generate some-mariadb
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-4.8.2
# NOTE: If you generated this yaml from an unprivileged and rootless podman container on an SELinux
# enabled system, check the podman generate kube man page for steps to follow to ensure that your pod/container
# has the right permissions to access the volumes added.
---
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2024-01-09T02:24:55Z"
labels:
app: some-mariadb-pod
name: some-mariadb-pod
spec:
containers:
- args:
- mariadbd
env:
- name: MARIADB_ROOT_PASSWORD
value: x
image: docker.io/library/mariadb:10.11
name: some-mariadb
ports:
- containerPort: 3306
hostPort: 34891
volumeMounts:
- mountPath: /var/lib/mysql
name: mariadb_data-pvc
volumes:
- name: mariadb_data-pvc
persistentVolumeClaim:
claimName: mariadb_data
Create Kubernetes Deployment YAML with 3 replicas for the specified container.
使用 3 个副本为指定容器创建 Kubernetes 部署 YAML。
$ podman kube generate --type deployment --replicas 3 dep-ct
r
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-4.5.0-dev
apiVersion: apps/v1
kind: Deployment
metadata:
creationTimestamp: "2023-03-27T20:45:08Z"
labels:
app: dep-ctr-pod
name: dep-ctr-pod-deployment
spec:
replicas: 3
selector:
matchLabels:
app: dep-ctr-pod
template:
metadata:
annotations:
io.podman.annotations.ulimit: nofile=524288:524288,nproc=127332:127332
creationTimestamp: "2023-03-27T20:45:08Z"
labels:
app: dep-ctr-pod
name: dep-ctr-pod
spec:
containers:
- command:
- top
image: docker.io/library/alpine:latest
name: dep-ctr
Create Kubernetes Pod YAML for the specified container with the host directory /home/user/my-data
bind-mounted onto the container path /volume
.
为指定容器创建 Kubernetes Pod YAML,将主机目录 /home/user/my-data
绑定到容器路径 /volume
上。
$ podman kube generate my-container-with-bind-mounted-data
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-3.1.0-dev
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2021-03-18T16:26:08Z"
labels:
app: my-container-with-bind-mounted-data
name: my-container-with-bind-mounted-data
spec:
containers:
- command:
- /bin/sh
image: docker.io/library/alpine:latest
name: test-bind-mount
volumeMounts:
- mountPath: /volume
name: home-user-my-data-host
restartPolicy: Never
volumes:
- hostPath:
path: /home/user/my-data
type: Directory
name: home-user-my-data-host
Create Kubernetes Pod YAML for the specified container with named volume priceless-data
mounted onto the container path /volume
.
为指定容器创建 Kubernetes Pod YAML,将命名卷 priceless-data
挂载到容器路径 /volume
上。
$ podman kube generate my-container-using-priceless-data
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-3.1.0-dev
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: "2021-03-18T16:26:08Z"
labels:
app: my-container-using-priceless-data
name: my-container-using-priceless-data
spec:
containers:
- command:
- /bin/sh
image: docker.io/library/alpine:latest
name: test-bind-mount
volumeMounts:
- mountPath: /volume
name: priceless-data-pvc
restartPolicy: Never
volumes:
- name: priceless-data-pvc
persistentVolumeClaim:
claimName: priceless-data
Create Kubernetes Pod YAML for the specified pod and include a service.
为指定的 Pod 创建 Kubernetes Pod YAML,并包含一个服务。
$ sudo podman kube generate -s demoweb
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-0.12.2-dev
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2018-12-18T15:16:06Z
labels:
app: demoweb
name: demoweb-libpod
spec:
containers:
- command:
- python3
- /root/code/graph.py
image: quay.io/baude/demoweb:latest
name: practicalarchimedes
tty: true
workingDir: /root/code
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: 2018-12-18T15:16:06Z
labels:
app: demoweb
name: demoweb-libpod
spec:
ports:
- name: "8050"
nodePort: 31269
port: 8050
targetPort: 0
selector:
app: demoweb
type: NodePort
status:
loadBalancer: {}
SEE ALSO¶ 参见 ¶
podman(1), podman-container(1), podman-pod(1), podman-kube-play(1), podman-kube-down(1)
HISTORY¶ 历史 ¶
December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)
2018 年 12 月,最初由 Brent Baude (bbaude at redhat dot com) 编译。