vyos/vyos-documentation
1
0
Fork 0
mirror of https://github.com/vyos/vyos-documentation.git synced 2025-10-26 08:41:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

container: add missing commands

Browse Source
This commit is contained in:
rebortg 2022-06-12 21:40:20 +02:00
parent 676ab229b1
commit c4039edba7
1 changed files with 110 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
docs/configuration/container/index.rst
View File

@ -1,31 +1,16 @@
:lastproofread: 2021-06-30 :lastproofread: 2022-06-10
.. include:: /_include/need_improvement.txt
.. _container:
######### #########
Container Container
######### #########
The VyOS container implementation is based on `Podman<https://podman.io/>` as
a deamonless container engine.
************* *************
Configuration Configuration
************* *************
.. cfgcmd:: set container <name>
Set a named container.
.. cfgcmd:: set container network <networkname>
Creates a named container network
.. cfgcmd:: set container registry <name>
Adds registry to list of unqualified-search-registries. By default, for any
image that does not include the registry in the image name, Vyos will use
docker.io as the container registry.
.. cfgcmd:: set container name <name> image .. cfgcmd:: set container name <name> image
Sets the image name in the hub registry Sets the image name in the hub registry
@ -52,11 +37,23 @@ Configuration
.. note:: **allow-host-networks** cannot be used with **network** .. note:: **allow-host-networks** cannot be used with **network**
.. cfgcmd:: set container name <name> network <networkname>
Attaches user-defined network to a container.
Only one network must be specified and must already exist.
.. cfgcmd:: set container name <name> network <networkname> address <address>
Optionally set a specific static IPv4 or IPv6 address for the container.
This address must be within the named network prefix.
.. note:: The first IP in the container network is reserved by the engine and cannot be used
.. cfgcmd:: set container name <name> description <text> .. cfgcmd:: set container name <name> description <text>
Sets the container description Set a container description
.. cfgcmd:: set container name <name> environment '<key>' value '<value>' .. cfgcmd:: set container name <name> environment <key> value <value>
Add custom environment variables. Add custom environment variables.
Multiple environment variables are allowed. Multiple environment variables are allowed.
@ -65,35 +62,25 @@ Configuration
.. code-block:: none .. code-block:: none
set container name mysql-server environment 'MYSQL_DATABASE' value 'zabbix' set container name mysql-server environment MYSQL_DATABASE value 'zabbix'
set container name mysql-server environment 'MYSQL_USER' value 'zabbix' set container name mysql-server environment MYSQL_USER value 'zabbix'
set container name mysql-server environment 'MYSQL_PASSWORD' value 'zabbix_pwd' set container name mysql-server environment MYSQL_PASSWORD value 'zabbix_pwd'
set container name mysql-server environment 'MYSQL_ROOT_PASSWORD' value 'root_pwd' set container name mysql-server environment MYSQL_ROOT_PASSWORD value 'root_pwd'
.. cfgcmd:: set container name <name> network <networkname> .. cfgcmd:: set container name <name> port <portname> source <portnumber>
.. cfgcmd:: set container name <name> port <portname> destination <portnumber>
.. cfgcmd:: set container name <name> port <portname> protocol <tcp | udp>
Attaches user-defined network to a container. Publish a port for the container.
Only one network must be specified and must already exist.
Optionally a specific static IPv4 or IPv6 address can be set for
the container. This address must be within the named network.
.. code-block:: none
set container <name> network <networkname> address <address>
.. note:: The first IP in the container network is reserved by the engine and cannot be used
.. cfgcmd:: set container name <name> port <portname> [source | destination ] <portnumber>
Publishes a port for the container
.. code-block:: none .. code-block:: none
set container name zabbix-web-nginx-mysql port http source 80 set container name zabbix-web-nginx-mysql port http source 80
set container name zabbix-web-nginx-mysql port http destination 8080 set container name zabbix-web-nginx-mysql port http destination 8080
set container name zabbix-web-nginx-mysql port http protocol tcp
.. cfgcmd:: set container name <name> volume <volumename> [source | destination ] <path> .. cfgcmd:: set container name <name> volume <volumename> source <path>
.. cfgcmd:: set container name <name> volume <volumename> destination <path>
Mount a volume into the container Mount a volume into the container
@ -102,6 +89,85 @@ Configuration
set container name coredns volume 'corefile' source /config/coredns/Corefile set container name coredns volume 'corefile' source /config/coredns/Corefile
set container name coredns volume 'corefile' destination /etc/Corefile set container name coredns volume 'corefile' destination /etc/Corefile
.. cfgcmd:: set container name <name> restart [no | on-failure | always]
Set the restart behavior of the container.
- **no**: Do not restart containers on exit
- **on-failure**: Restart containers when they exit with a non-zero exit code, retrying indefinitely (default)
- **always**: Restart containers when they exit, regardless of status, retrying indefinitely
.. cfgcmd:: set container name <name> memory <MB>
Constrain the memory available to the container.
Default is 512 MB. Use 0 MB for unlimited memory.
.. cfgcmd:: set container name <name> device <devicename> source <path>
.. cfgcmd:: set container name <name> device <devicename> destination <path>
Add a host device to the container.
.. cfgcmd:: container name <name> cap-add <text>
Set container capabilities or permissions.
- **net-admin**: Network operations (interface, firewall, routing tables)
- **net-bind-service**: Bind a socket to privileged ports (port numbers less than 1024)
- **net-raw**: Permission to create raw network sockets
- **setpcap**: Capability sets (from bounded or inherited set)
- **sys-admin**: Administation operations (quotactl, mount, sethostname, setdomainame)
- **sys-time**: Permission to set system clock
.. cfgcmd:: set container name <name> disable
Disable a container.
.. cfgcmd:: set container network <networkname>
Creates a named container network
.. cfgcmd:: set container registry <name>
Adds registry to list of unqualified-search-registries. By default, for any
image that does not include the registry in the image name, Vyos will use
docker.io as the container registry.
******************
Operation Commands
******************
.. opcmd:: add container image <containername>
Pull a new image for container
.. opcmd:: show container
Show the list of all active containers.
.. opcmd:: show container image
Show the local container images.
.. opcmd:: show container log <containername>
Show logs from a given container
.. opcmd:: show container network
Show a list available container networks
.. opcmd:: restart container <containername>
Restart a given container
.. opcmd:: update container image <containername>
Update container image
********************* *********************
Example Configuration Example Configuration
********************* *********************