containers.podman.podman_play – Play kubernetes YAML file using podman

Note

This plugin is part of the containers.podman collection (version 1.10.1).

To install it use: ansible-galaxy collection install containers.podman.

To use it in a playbook, specify: containers.podman.podman_play.

Synopsis

  • The module reads in a structured file of Kubernetes YAML. It will then recreate the pod and containers described in the YAML.

Requirements

The below requirements are needed on the host that executes this module.

  • Podman installed on host

Parameters

Parameter Choices/Defaults Comments
authfile
path
Path of the authentication file. Default is ${XDG_RUNTIME_DIR}/containers/auth.json, which is set using podman login. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using docker login. Note - You can also override the default path of the authentication file by setting the REGISTRY_AUTH_FILE environment variable. export REGISTRY_AUTH_FILE=path
cert_dir
path
Use certificates at path (*.crt, *.cert, *.key) to connect to the registry. Default certificates directory is /etc/containers/certs.d. (This option is not available with the remote Podman client)
configmap
list / elements=path
Use Kubernetes configmap YAML at path to provide a source for environment variable values within the containers of the pod. Note - The configmap option can be used multiple times to pass multiple Kubernetes configmap YAMLs
debug
boolean
    Choices:
  • no
  • yes
Enable debug for the module.
executable
string
Default:
"podman"
Name of executable to run, by default 'podman'
kube_file
path / required
Path to file with YAML configuration for a Pod.
log_driver
string
Set logging driver for all created containers.
log_level
string
    Choices:
  • debug
  • info
  • warn
  • error
  • fatal
  • panic
Set logging level for podman calls. Log messages above specified level ("debug"|"info"|"warn"|"error"|"fatal"|"panic") (default "error")
network
list / elements=string
List of the names of CNI networks the pod should join.
password
string
The username and password to use to authenticate with the registry if required.
quiet
boolean
    Choices:
  • no
  • yes
Hide image pulls logs from output.
recreate
boolean
    Choices:
  • no
  • yes
If pod already exists, delete it and run the new one.
seccomp_profile_root
path
Directory path for seccomp profiles (default is "/var/lib/kubelet/seccomp"). This option is not available with the remote Podman client
state
string / required
    Choices:
  • created
  • started
  • absent
Start the pod after creating it, or to leave it created only.
tls_verify
boolean
    Choices:
  • no
  • yes
Require HTTPS and verify certificates when contacting registries (default is true). If explicitly set to true, then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified, TLS verification will be used unless the target registry is listed as an insecure registry in registries.conf.
username
string
The username and password to use to authenticate with the registry if required.

Examples

- name: Play kube file
  containers.podman.podman_play:
    kube_file: ~/kube.yaml
    state: started

Authors

  • Sagi Shnaidman (@sshnaidm)