From a4de0d8a543f15c4cecfc7d8f7d3b25c811c1f78 Mon Sep 17 00:00:00 2001 From: Philippe Martin Date: Fri, 10 Mar 2023 15:34:41 +0100 Subject: [PATCH 1/4] Document Podman limitations --- .../architecture/podman-limitations.md | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 docs/website/docs/development/architecture/podman-limitations.md diff --git a/docs/website/docs/development/architecture/podman-limitations.md b/docs/website/docs/development/architecture/podman-limitations.md new file mode 100644 index 00000000000..d8bfbec1a31 --- /dev/null +++ b/docs/website/docs/development/architecture/podman-limitations.md @@ -0,0 +1,27 @@ +--- +title: Podman limitations +sidebar_position: 40 +--- + +The `odo dev` command is able to work either on Podman or on a Kubernetes cluster. + +The motivation behind the support for the Podman platform is to lower the learning curve +for developers working on containerized applications. As a matter of fact, Podman is simpler +to apprehend, install and maintain than a Kubernetes cluster. + +Thanks to the support for the **Kubernetes Pod** abstraction by Podman, `odo`, and +the user, can work on both Podman and Kubernetes on top of this abstraction. + +Here are a list of limitations when `odo` is working on Podman: + +## Apply command are not supported + +A Devfile `Apply` command gives the possibility to "apply" any Kubernetes resource to the cluster. As Podman only supports a very limited number of Kubernetes resources, `Apply` commands are not executed by `odo` when running on Podman. + +## Component listening on localhost + +When working on a cluster, `odo dev` forwards the ports opened by the application to the developer's machine. This port forwarding works when the application is listening either on localhost or on `0.0.0.0` address. + +Podman is natively not able to forward ports bound to localhost. In this situation, you may have two solutions: +- you can change your application to listen on `0.0.0.0`. This will be necessary for the ports giving access to the application or, in Production, this port would not be available (this port will most probably be exposed through an Ingress or a Route in Production, and these methods need the port to be bound to `0.0.0.0`), +- you can keep the port bound to `localhost`. This is the best choice for the Debug port, to restrict access to this Debug port. In this case, you can use the flag `--forward-localhost` when running `odo dev` on Podman. This way, you keep the Debug port secure on cluster. From 3b322b9e379a14e3eda6311b6a47c6e89454cd23 Mon Sep 17 00:00:00 2001 From: Philippe Martin Date: Fri, 10 Mar 2023 16:08:36 +0100 Subject: [PATCH 2/4] More limitations + Tomas review --- .../architecture/podman-limitations.md | 27 -------- .../podman-support-limitations.md | 61 +++++++++++++++++++ 2 files changed, 61 insertions(+), 27 deletions(-) delete mode 100644 docs/website/docs/development/architecture/podman-limitations.md create mode 100644 docs/website/docs/development/architecture/podman-support-limitations.md diff --git a/docs/website/docs/development/architecture/podman-limitations.md b/docs/website/docs/development/architecture/podman-limitations.md deleted file mode 100644 index d8bfbec1a31..00000000000 --- a/docs/website/docs/development/architecture/podman-limitations.md +++ /dev/null @@ -1,27 +0,0 @@ ---- -title: Podman limitations -sidebar_position: 40 ---- - -The `odo dev` command is able to work either on Podman or on a Kubernetes cluster. - -The motivation behind the support for the Podman platform is to lower the learning curve -for developers working on containerized applications. As a matter of fact, Podman is simpler -to apprehend, install and maintain than a Kubernetes cluster. - -Thanks to the support for the **Kubernetes Pod** abstraction by Podman, `odo`, and -the user, can work on both Podman and Kubernetes on top of this abstraction. - -Here are a list of limitations when `odo` is working on Podman: - -## Apply command are not supported - -A Devfile `Apply` command gives the possibility to "apply" any Kubernetes resource to the cluster. As Podman only supports a very limited number of Kubernetes resources, `Apply` commands are not executed by `odo` when running on Podman. - -## Component listening on localhost - -When working on a cluster, `odo dev` forwards the ports opened by the application to the developer's machine. This port forwarding works when the application is listening either on localhost or on `0.0.0.0` address. - -Podman is natively not able to forward ports bound to localhost. In this situation, you may have two solutions: -- you can change your application to listen on `0.0.0.0`. This will be necessary for the ports giving access to the application or, in Production, this port would not be available (this port will most probably be exposed through an Ingress or a Route in Production, and these methods need the port to be bound to `0.0.0.0`), -- you can keep the port bound to `localhost`. This is the best choice for the Debug port, to restrict access to this Debug port. In this case, you can use the flag `--forward-localhost` when running `odo dev` on Podman. This way, you keep the Debug port secure on cluster. diff --git a/docs/website/docs/development/architecture/podman-support-limitations.md b/docs/website/docs/development/architecture/podman-support-limitations.md new file mode 100644 index 00000000000..1f06e3e1066 --- /dev/null +++ b/docs/website/docs/development/architecture/podman-support-limitations.md @@ -0,0 +1,61 @@ +--- +title: Podman Support limitations +sidebar_position: 40 +--- + +The `odo dev` command is able to work either on Podman or on a Kubernetes cluster. + +The motivation behind the support for the Podman platform is to lower the learning curve +for developers working on containerized applications, and to limit the physical resources +necessary for development. + +As a matter of fact, Podman is simpler to apprehend, install and maintain than a Kubernetes cluster, and can run with a minimal overhead on the developer machine. + +Thanks to the support for the **Kubernetes Pod** abstraction by Podman, `odo`, and +the user, can work on both Podman and Kubernetes on top of this abstraction. + +Here are a list of limitations when `odo` is working on Podman: + +## Commands working on Podman + +- `odo dev --platform podman` + + This command will run the component in development mode on Podman. If you omit to use the `--platform` flag, `odo dev` works on cluster. + +- `odo logs --platform podman` + + This command will display the component's logs from Podman. If you omit to use the `--platform` flag, `odo logs` get the logs from cluster. + +- `odo list component [--platform podman]` + + This command without the `--platform` flag will list components from both the cluster and Podman. You can use the `--platform` flag to limit the search from a specific platform, either `cluster` or `podman`. + +- `odo describe component [--platform podman]` + + This command without the `--platform` flag will describe a component from both the cluster and Podman. You can use the `--platform` flag to limit the search from a specific platform, either `cluster` or `podman`. + +- `odo delete component [--platform podman]` + + This command without the `--platform` flag will delete components from both the cluster and Podman. You can use the `--platform` flag to limit the deletion from a specific platform, either `cluster` or `podman`. + + +## Apply command are not supported + +A Devfile `Apply` command gives the possibility to "apply" any Kubernetes resource to the cluster. As Podman only supports a limited number of Kubernetes resources, `Apply` commands are not executed by `odo` when running on Podman. + +## Component listening on localhost not forwarded + +When working on a cluster, `odo dev` forwards the ports opened by the application to the developer's machine. This port forwarding works when the application is listening either on localhost or on `0.0.0.0` address. + +Podman is natively not able to forward ports bound to localhost. In this situation, you may have two solutions: +- you can change your application to listen on `0.0.0.0`. This will be necessary for the ports giving access to the application or, in Production, this port would not be available (this port will most probably be exposed through an Ingress or a Route in Production, and these methods need the port to be bound to `0.0.0.0`), +- you can keep the port bound to `localhost`. This is the best choice for the Debug port, to restrict access to this Debug port. In this case, you can use the flag `--forward-localhost` when running `odo dev` on Podman. This way, you keep the Debug port secure on cluster. + +## Pod not updated when Devfile changes + +When running `odo dev` on cluster, if you make changes to the Devfile affecting the definition of the deployed Pod (for example the memory or CPU requests or limits), the Pod will be recreated with its new definition. This behaviour is not supported yet for Podman. + +## Pre-Stop events not supported + +Pre-Stop events defined in the Devfile are not triggered when running `odo dev` on Podman. + From 8ee1d4259bd9e4a8375c6452ed93f0f3ec1e6506 Mon Sep 17 00:00:00 2001 From: Philippe Martin Date: Fri, 10 Mar 2023 16:14:33 +0100 Subject: [PATCH 3/4] Review --- .../development/architecture/podman-support-limitations.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/website/docs/development/architecture/podman-support-limitations.md b/docs/website/docs/development/architecture/podman-support-limitations.md index 1f06e3e1066..cc2566fb58f 100644 --- a/docs/website/docs/development/architecture/podman-support-limitations.md +++ b/docs/website/docs/development/architecture/podman-support-limitations.md @@ -39,9 +39,9 @@ Here are a list of limitations when `odo` is working on Podman: This command without the `--platform` flag will delete components from both the cluster and Podman. You can use the `--platform` flag to limit the deletion from a specific platform, either `cluster` or `podman`. -## Apply command are not supported +## Apply commands referencing Kubernetes or OpenShift Components are not supported -A Devfile `Apply` command gives the possibility to "apply" any Kubernetes resource to the cluster. As Podman only supports a limited number of Kubernetes resources, `Apply` commands are not executed by `odo` when running on Podman. +A Devfile `Apply` command gives the possibility to "apply" any Kubernetes or OpenShift resource to the cluster. As Podman only supports a limited number of Kubernetes resources, `Apply` commands are not executed by `odo` when running on Podman. ## Component listening on localhost not forwarded From c49150df1c12e45f74c7657091d5edca759ca9d8 Mon Sep 17 00:00:00 2001 From: Philippe Martin Date: Mon, 20 Mar 2023 08:25:30 +0100 Subject: [PATCH 4/4] review --- .../architecture/podman-support-limitations.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/website/docs/development/architecture/podman-support-limitations.md b/docs/website/docs/development/architecture/podman-support-limitations.md index cc2566fb58f..160286d2868 100644 --- a/docs/website/docs/development/architecture/podman-support-limitations.md +++ b/docs/website/docs/development/architecture/podman-support-limitations.md @@ -14,9 +14,7 @@ As a matter of fact, Podman is simpler to apprehend, install and maintain than a Thanks to the support for the **Kubernetes Pod** abstraction by Podman, `odo`, and the user, can work on both Podman and Kubernetes on top of this abstraction. -Here are a list of limitations when `odo` is working on Podman: - -## Commands working on Podman +The commands working on Podman are: - `odo dev --platform podman` @@ -38,6 +36,7 @@ Here are a list of limitations when `odo` is working on Podman: This command without the `--platform` flag will delete components from both the cluster and Podman. You can use the `--platform` flag to limit the deletion from a specific platform, either `cluster` or `podman`. +Following is a list of limitations when `odo` is working on Podman. ## Apply commands referencing Kubernetes or OpenShift Components are not supported @@ -45,9 +44,9 @@ A Devfile `Apply` command gives the possibility to "apply" any Kubernetes or Ope ## Component listening on localhost not forwarded -When working on a cluster, `odo dev` forwards the ports opened by the application to the developer's machine. This port forwarding works when the application is listening either on localhost or on `0.0.0.0` address. +When working on a cluster, `odo dev` forwards ports from the developer's machine to the ports opened by the application. This port forwarding works when the application is listening either on localhost or on `0.0.0.0` address. -Podman is natively not able to forward ports bound to localhost. In this situation, you may have two solutions: +Podman is natively not able to port-forward to programs listening on localhost. In this situation, you may have two solutions: - you can change your application to listen on `0.0.0.0`. This will be necessary for the ports giving access to the application or, in Production, this port would not be available (this port will most probably be exposed through an Ingress or a Route in Production, and these methods need the port to be bound to `0.0.0.0`), - you can keep the port bound to `localhost`. This is the best choice for the Debug port, to restrict access to this Debug port. In this case, you can use the flag `--forward-localhost` when running `odo dev` on Podman. This way, you keep the Debug port secure on cluster.