docs/kubernetes_support.md


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187

# Podman Kube Play Support

This document outlines the kube yaml fields that are currently supported by the **podman kube play** command.

Note: **N/A** means that the option cannot be supported in a single-node Podman environment.

## Pod Fields

| Field                                               | Support |
|-----------------------------------------------------|---------|
| containers                                          | ✅      |
| initContainers                                      | ✅      |
| imagePullSecrets                                    | no      |
| enableServiceLinks                                  | no      |
| os\.name                                            | no      |
| volumes                                             | ✅      |
| nodeSelector                                        | N/A     |
| nodeName                                            | N/A     |
| affinity\.nodeAffinity                              | N/A     |
| affinity\.podAffinity                               | N/A     |
| affinity\.podAntiAffinity                           | N/A     |
| tolerations\.key                                    | N/A     |
| tolerations\.operator                               | N/A     |
| tolerations\.effect                                 | N/A     |
| tolerations\.tolerationSeconds                      | N/A     |
| schedulerName                                       | N/A     |
| runtimeClassName                                    | no      |
| priorityClassName                                   | no      |
| priority                                            | no      |
| topologySpreadConstraints\.maxSkew                  | N/A     |
| topologySpreadConstraints\.topologyKey              | N/A     |
| topologySpreadConstraints\.whenUnsatisfiable        | N/A     |
| topologySpreadConstraints\.labelSelector            | N/A     |
| topologySpreadConstraints\.minDomains               | N/A     |
| restartPolicy                                       | ✅      |
| terminationGracePeriodSeconds                       | ✅      |
| activeDeadlineSeconds                               | no      |
| readinessGates\.conditionType                       | no      |
| hostname                                            | ✅      |
| setHostnameAsFQDN                                   | no      |
| subdomain                                           | no      |
| hostAliases\.hostnames                              | ✅      |
| hostAliases\.ip                                     | ✅      |
| dnsConfig\.nameservers                              | ✅      |
| dnsConfig\.options\.name                            | ✅      |
| dnsConfig\.options\.value                           | ✅      |
| dnsConfig\.searches                                 | ✅      |
| dnsPolicy                                           | no      |
| hostNetwork                                         | ✅      |
| hostPID                                             | ✅      |
| hostIPC                                             | ✅      |
| shareProcessNamespace                               | ✅      |
| serviceAccountName                                  | no      |
| automountServiceAccountToken                        | no      |
| securityContext\.runAsUser                          | ✅      |
| securityContext\.runAsNonRoot                       | no      |
| securityContext\.runAsGroup                         | ✅      |
| securityContext\.supplementalGroups                 | ✅      |
| securityContext\.fsGroup                            | no      |
| securityContext\.fsGroupChangePolicy                | no      |
| securityContext\.seccompProfile\.type               | no      |
| securityContext\.seccompProfile\.localhostProfile   | no      |
| securityContext\.seLinuxOptions\.level              | ✅      |
| securityContext\.seLinuxOptions\.role               | ✅      |
| securityContext\.seLinuxOptions\.type               | ✅      |
| securityContext\.seLinuxOptions\.user               | ✅      |
| securityContext\.sysctls\.name                      | ✅      |
| securityContext\.sysctls\.value                     | ✅      |
| securityContext\.windowsOptions\.gmsaCredentialSpec | no      |
| securityContext\.windowsOptions\.hostProcess        | no      |
| securityContext\.windowsOptions\.runAsUserName      | no      |

## Container Fields

| Field                                               | Support |
|-----------------------------------------------------|---------|
| name                                                | ✅      |
| image                                               | ✅      |
| imagePullPolicy                                     | ✅      |
| command                                             | ✅      |
| args                                                | ✅      |
| workingDir                                          | ✅      |
| ports\.containerPort                                | ✅      |
| ports\.hostIP                                       | ✅      |
| ports\.hostPort                                     | ✅      |
| ports\.name                                         | ✅      |
| ports\.protocol                                     | ✅      |
| env\.name                                           | ✅      |
| env\.value                                          | ✅      |
| env\.valueFrom\.configMapKeyRef\.key                | ✅      |
| env\.valueFrom\.configMapKeyRef\.name               | ✅      |
| env\.valueFrom\.configMapKeyRef\.optional           | ✅      |
| env\.valueFrom\.fieldRef                            | ✅      |
| env\.valueFrom\.resourceFieldRef                    | ✅      |
| env\.valueFrom\.secretKeyRef\.key                   | ✅      |
| env\.valueFrom\.secretKeyRef\.name                  | ✅      |
| env\.valueFrom\.secretKeyRef\.optional              | ✅      |
| envFrom\.configMapRef\.name                         | ✅      |
| envFrom\.configMapRef\.optional                     | ✅      |
| envFrom\.prefix                                     | no      |
| envFrom\.secretRef\.name                            | ✅      |
| envFrom\.secretRef\.optional                        | ✅      |
| volumeMounts\.mountPath                             | ✅      |
| volumeMounts\.name                                  | ✅      |
| volumeMounts\.mountPropagation                      | no      |
| volumeMounts\.readOnly                              | ✅      |
| volumeMounts\.subPath                               | no      |
| volumeMounts\.subPathExpr                           | no      |
| volumeDevices\.devicePath                           | no      |
| volumeDevices\.name                                 | no      |
| resources\.limits                                   | ✅      |
| resources\.requests                                 | ✅      |
| lifecycle\.postStart                                | no      |
| lifecycle\.preStop                                  | no      |
| terminationMessagePath                              | no      |
| terminationMessagePolicy                            | no      |
| livenessProbe                                       | ✅      |
| readinessProbe                                      | no      |
| startupProbe                                        | no      |
| securityContext\.runAsUser                          | ✅      |
| securityContext\.runAsNonRoot                       | no      |
| securityContext\.runAsGroup                         | ✅      |
| securityContext\.readOnlyRootFilesystem             | ✅      |
| securityContext\.procMount                          | ✅      |
| securityContext\.privileged                         | ✅      |
| securityContext\.allowPrivilegeEscalation           | ✅      |
| securityContext\.capabilities\.add                  | ✅      |
| securityContext\.capabilities\.drop                 | ✅      |
| securityContext\.seccompProfile\.type               | no      |
| securityContext\.seccompProfile\.localhostProfile   | no      |
| securityContext\.seLinuxOptions\.level              | ✅      |
| securityContext\.seLinuxOptions\.role               | ✅      |
| securityContext\.seLinuxOptions\.type               | ✅      |
| securityContext\.seLinuxOptions\.user               | ✅      |
| securityContext\.windowsOptions\.gmsaCredentialSpec | no      |
| securityContext\.windowsOptions\.hostProcess        | no      |
| securityContext\.windowsOptions\.runAsUserName      | no      |
| stdin                                               | no      |
| stdinOnce                                           | no      |
| tty                                                 | no      |

## PersistentVolumeClaim Fields

| Field               | Support |
|---------------------|---------|
| volumeName          | no      |
| storageClassName    | ✅      |
| volumeMode          | no      |
| accessModes         | ✅      |
| selector            | no      |
| resources\.limits   | no      |
| resources\.requests | ✅      |

## ConfigMap Fields

| Field      | Support |
|------------|---------|
| binaryData | ✅      |
| data       | ✅      |
| immutable  | no      |

## Deployment Fields

| Field                                   | Support                                               |
|-----------------------------------------|-------------------------------------------------------|
| replicas                                | ✅ (the actual replica count is ignored and set to 1) |
| selector                                | ✅                                                    |
| template                                | ✅                                                    |
| minReadySeconds                         | no                                                    |
| strategy\.type                          | no                                                    |
| strategy\.rollingUpdate\.maxSurge       | no                                                    |
| strategy\.rollingUpdate\.maxUnavailable | no                                                    |
| revisionHistoryLimit                    | no                                                    |
| progressDeadlineSeconds                 | no                                                    |
| paused                                  | no                                                    |

## DaemonSet Fields

| Field                                   | Support                                               |
|-----------------------------------------|-------------------------------------------------------|
| selector                                | ✅                                                    |
| template                                | ✅                                                    |
| minReadySeconds                         | no                                                    |
| strategy\.type                          | no                                                    |
| strategy\.rollingUpdate\.maxSurge       | no                                                    |
| strategy\.rollingUpdate\.maxUnavailable | no                                                    |
| revisionHistoryLimit                    | no                                                    |