From c4039edba7befd25ae91f3597fd7d350e9412dcb Mon Sep 17 00:00:00 2001 From: rebortg Date: Sun, 12 Jun 2022 21:40:20 +0200 Subject: container: add missing commands --- docs/configuration/container/index.rst | 154 +++++++++++++++++++++++---------- 1 file changed, 110 insertions(+), 44 deletions(-) diff --git a/docs/configuration/container/index.rst b/docs/configuration/container/index.rst index 796b6146..044e31b8 100644 --- a/docs/configuration/container/index.rst +++ b/docs/configuration/container/index.rst @@ -1,34 +1,19 @@ -:lastproofread: 2021-06-30 - -.. include:: /_include/need_improvement.txt - -.. _container: +:lastproofread: 2022-06-10 ######### Container ######### +The VyOS container implementation is based on `Podman` as +a deamonless container engine. + ************* Configuration ************* -.. cfgcmd:: set container - - Set a named container. - -.. cfgcmd:: set container network - - Creates a named container network - -.. cfgcmd:: set container registry - - Adds registry to list of unqualified-search-registries. By default, for any - image that does not include the registry in the image name, Vyos will use - docker.io as the container registry. - .. cfgcmd:: set container name image - Sets the image name in the hub registry + Sets the image name in the hub registry .. code-block:: none @@ -50,50 +35,52 @@ Configuration The following commands translate to "--net host" when the container is created - .. note:: **allow-host-networks** cannot be used with **network** + .. note:: **allow-host-networks** cannot be used with **network** -.. cfgcmd:: set container name description +.. cfgcmd:: set container name network - Sets the container description + Attaches user-defined network to a container. + Only one network must be specified and must already exist. -.. cfgcmd:: set container name environment '' value '' +.. cfgcmd:: set container name network address
- Add custom environment variables. - Multiple environment variables are allowed. - The following commands translate to "-e key=value" when the container - is created. + Optionally set a specific static IPv4 or IPv6 address for the container. + This address must be within the named network prefix. - .. code-block:: none + .. note:: The first IP in the container network is reserved by the engine and cannot be used - set container name mysql-server environment 'MYSQL_DATABASE' value 'zabbix' - set container name mysql-server environment 'MYSQL_USER' value 'zabbix' - set container name mysql-server environment 'MYSQL_PASSWORD' value 'zabbix_pwd' - set container name mysql-server environment 'MYSQL_ROOT_PASSWORD' value 'root_pwd' +.. cfgcmd:: set container name description -.. cfgcmd:: set container name network + Set a container description - Attaches user-defined network to a container. - Only one network must be specified and must already exist. +.. cfgcmd:: set container name environment value - Optionally a specific static IPv4 or IPv6 address can be set for - the container. This address must be within the named network. + Add custom environment variables. + Multiple environment variables are allowed. + The following commands translate to "-e key=value" when the container + is created. .. code-block:: none - set container network address
- - .. note:: The first IP in the container network is reserved by the engine and cannot be used + set container name mysql-server environment MYSQL_DATABASE value 'zabbix' + set container name mysql-server environment MYSQL_USER value 'zabbix' + set container name mysql-server environment MYSQL_PASSWORD value 'zabbix_pwd' + set container name mysql-server environment MYSQL_ROOT_PASSWORD value 'root_pwd' -.. cfgcmd:: set container name port [source | destination ] +.. cfgcmd:: set container name port source +.. cfgcmd:: set container name port destination +.. cfgcmd:: set container name port protocol - Publishes a port for the container + Publish a port for the container. .. code-block:: none set container name zabbix-web-nginx-mysql port http source 80 set container name zabbix-web-nginx-mysql port http destination 8080 + set container name zabbix-web-nginx-mysql port http protocol tcp -.. cfgcmd:: set container name volume [source | destination ] +.. cfgcmd:: set container name volume source +.. cfgcmd:: set container name volume destination Mount a volume into the container @@ -102,6 +89,85 @@ Configuration set container name coredns volume 'corefile' source /config/coredns/Corefile set container name coredns volume 'corefile' destination /etc/Corefile +.. cfgcmd:: set container name restart [no | on-failure | always] + + Set the restart behavior of the container. + + - **no**: Do not restart containers on exit + - **on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default) + - **always**: Restart containers when they exit, regardless of status, retrying indefinitely + +.. cfgcmd:: set container name memory + + Constrain the memory available to the container. + + Default is 512 MB. Use 0 MB for unlimited memory. + +.. cfgcmd:: set container name device source +.. cfgcmd:: set container name device destination + + Add a host device to the container. + +.. cfgcmd:: container name cap-add + + Set container capabilities or permissions. + + - **net-admin**: Network operations (interface, firewall, routing tables) + - **net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024) + - **net-raw**: Permission to create raw network sockets + - **setpcap**: Capability sets (from bounded or inherited set) + - **sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame) + - **sys-time**: Permission to set system clock + +.. cfgcmd:: set container name disable + + Disable a container. + +.. cfgcmd:: set container network + + Creates a named container network + +.. cfgcmd:: set container registry + + Adds registry to list of unqualified-search-registries. By default, for any + image that does not include the registry in the image name, Vyos will use + docker.io as the container registry. + + +****************** +Operation Commands +****************** + +.. opcmd:: add container image + + Pull a new image for container + +.. opcmd:: show container + + Show the list of all active containers. + +.. opcmd:: show container image + + Show the local container images. + +.. opcmd:: show container log + + Show logs from a given container + +.. opcmd:: show container network + + Show a list available container networks + +.. opcmd:: restart container + + Restart a given container + +.. opcmd:: update container image + + Update container image + + + ********************* Example Configuration ********************* -- cgit v1.2.3