apt install packages for mieos as nFPM #259
Description
use nFPM to make a package to make an mieos command:
mieos should be very natural to a user of the aws command:
mieos CLI Specification
1. Overview
mieos is a command-line interface for managing MIE OS resources across multiple regions. It is designed to be familiar to users of the AWS CLI while targeting a platform that supports both direct container workloads and Kubernetes-based workloads.
1.1 Design goals
-
Preserve the AWS CLI mental model:
mieos [global options] <service> <operation> [parameters]
-
Support both direct container operations and Kubernetes operations under one CLI.
-
Provide consistent output, filtering, pagination, and identity/configuration behavior.
-
Be scriptable, machine-friendly, and predictable.
-
Expose the MIE OS REST API through stable command groups rather than raw endpoints.
1.2 Non-goals
mieosis not a replacement forkubectl; it is a platform CLI.mieosis not a low-level Docker clone.mieosdoes not expose raw REST resource paths as first-class UX unless through a debug mode.
2. Command shape
2.1 General syntax
mieos [global options] <service> <operation> [parameters]2.2 Examples
mieos containers list
mieos containers describe --container-id c-123
mieos kubernetes clusters list
mieos kubernetes workloads scale --cluster prod-us --namespace default --name api --replicas 4
mieos regions list
mieos sts get-caller-identity2.3 Naming conventions
- Services are plural nouns where appropriate:
containers,regions,images. - Operations are verbs or verb phrases:
list,describe,create,update,delete. - Use
describefor a single resource andlistfor collections. - Use long-form flag names with kebab-case.
- Resource identifiers should use explicit flags such as
--container-id,--cluster,--namespace,--name.
3. Global options
These options apply to all commands unless explicitly overridden.
--profile <name> Use a named profile from config.
--region <region> Override region for this command.
--output <format> Output format: json|text|table|yaml|yaml-stream.
--query <expression> JMESPath expression to filter output.
--endpoint-url <url> Override API base URL.
--page-size <n> Page size for paginated API calls.
--max-items <n> Maximum items to return.
--starting-token <token> Continue a paginated listing.
--no-paginate Disable automatic pagination.
--no-cli-pager Disable interactive paging.
--color <on|off|auto> Colorize output.
--debug Show request/response debug information.
--verbose Show extra operational details.
--timeout <seconds> Request timeout.
--retry-mode <standard|adaptive|legacy>
Retry strategy.
--ca-bundle <path> Custom CA certificate bundle.
--no-verify-ssl Disable TLS certificate verification.
--version Show CLI version.
--help Show help.
3.1 Environment variables
The following environment variables are supported:
MIEOS_PROFILE
MIEOS_REGION
MIEOS_OUTPUT
MIEOS_ENDPOINT_URL
MIEOS_ACCESS_KEY
MIEOS_SECRET_KEY
MIEOS_SESSION_TOKEN
MIEOS_CA_BUNDLE
MIEOS_PAGER
MIEOS_COLOR
MIEOS_DEBUG
Precedence order:
- Explicit command-line flag
- Environment variable
- Profile config
- Built-in default
4. Configuration and credentials
4.1 Config files
mieos uses AWS-like config locations:
~/.mieos/config
~/.mieos/credentials
4.2 Profile file format
~/.mieos/config
[default]
region = us-east-1
output = json
endpoint_url = https://manager.os.mieweb.org/api/
retry_mode = standard
[profile prod]
region = us-central-1
output = yaml
endpoint_url = https://manager.os.mieweb.org/api/~/.mieos/credentials
[default]
access_key = example-access-key
secret_key = example-secret-key
[prod]
access_key = prod-access-key
secret_key = prod-secret-key
session_token = prod-session-token4.3 Authentication sources
Supported auth methods, in priority order:
- Explicit CLI flags if ever enabled for compatibility or testing
- Environment variables
- Named profile credentials
- Token cache from
mieos login - Container or node identity provider if supported by platform
4.4 configure commands
mieos configure
mieos configure list
mieos configure get <key>
mieos configure set <key> <value>
mieos configure import --from-env
mieos configure ssoBehavior
configurestarts an interactive setup.configure listprints resolved config values and where they came from.configure getreturns a single resolved config value.configure setupdates the selected profile.configure import --from-envwrites current env settings into config.configure ssoconfigures interactive identity if the platform supports SSO.
5. Identity service (sts)
The sts group provides AWS-familiar identity introspection.
5.1 Commands
mieos sts get-caller-identity
mieos sts get-session
mieos sts assume-role --role-name admin
mieos sts refresh-session5.2 get-caller-identity output
{
"UserId": "u-12345",
"AccountId": "acct-001",
"Arn": "mieos:iam::acct-001:user/alice",
"Region": "us-east-1",
"Profile": "default"
}5.3 Notes
assume-roleis optional and should only be included if the API exposes role delegation.refresh-sessionrenews expiring tokens without modifying profiles.
6. Regions service
6.1 Purpose
Lists and describes available regions in which workloads may run.
6.2 Commands
mieos regions list
mieos regions describe --region us-east-1
mieos regions get-current6.3 Example outputs
regions list
{
"Regions": [
{
"RegionName": "us-east-1",
"Status": "AVAILABLE",
"SupportsContainers": true,
"SupportsKubernetes": true,
"Default": true
}
]
}7. Output behavior
7.1 Supported formats
json(default)texttableyamlyaml-stream
7.2 Query support
--query accepts JMESPath expressions.
Examples:
mieos containers list --query 'Containers[].Name'
mieos regions list --query 'Regions[?SupportsKubernetes==`true`].RegionName'7.3 Pagination response shape
Paginated commands should expose:
{
"Items": [],
"NextToken": "opaque-token"
}CLI list commands should internally remap Items to resource-specific top-level keys where possible, such as Containers, Clusters, or Images.
8. Common resource conventions
8.1 Standard lifecycle verbs
These verbs should be used consistently across services when supported:
listdescribecreaterunupdatedeletestartstoprestartscaleexeclogsevents
8.2 Tagging
Where the API supports metadata tagging:
--tags Key=Environment,Value=prod Key=Owner,Value=team-a
Tag commands:
mieos <service> tag-resource --resource-id <id> --tags Key=Env,Value=prod
mieos <service> untag-resource --resource-id <id> --tag-keys Env Owner
mieos <service> list-tags-for-resource --resource-id <id>8.3 Waiters
If implemented, support AWS-style waiters:
mieos containers wait running --container-id c-123
mieos containers wait stopped --container-id c-123
mieos kubernetes clusters wait active --cluster prod-us9. Containers service
The containers service manages direct container workloads not mediated through Kubernetes.
9.1 Commands
mieos containers list
mieos containers describe --container-id <id>
mieos containers run
mieos containers update --container-id <id>
mieos containers start --container-id <id>
mieos containers stop --container-id <id>
mieos containers restart --container-id <id>
mieos containers delete --container-id <id>
mieos containers exec --container-id <id> --command <cmd>
mieos containers logs --container-id <id>
mieos containers stats --container-id <id>
mieos containers events --container-id <id>
mieos containers wait <state> --container-id <id>9.2 containers list
Syntax
mieos containers list [--status <status>] [--name-prefix <prefix>] [--image <image>] [--all]Filters
--status <PENDING|RUNNING|STOPPED|FAILED>
--name-prefix <prefix>
--image <image>
--all
--created-before <timestamp>
--created-after <timestamp>
--label <key=value>
9.3 containers describe
Syntax
mieos containers describe --container-id c-123Example output
{
"Container": {
"ContainerId": "c-123",
"Name": "api",
"Image": "ghcr.io/acme/api:latest",
"Region": "us-east-1",
"Status": "RUNNING",
"Cpu": 1000,
"Memory": 2048,
"Command": ["node", "server.js"],
"Ports": [
{
"ContainerPort": 8080,
"HostPort": 8080,
"Protocol": "tcp"
}
],
"Environment": [
{"Name": "NODE_ENV", "Value": "production"}
],
"Volumes": [
{
"Name": "data",
"MountPath": "/data",
"ReadOnly": false
}
],
"CreatedAt": "2026-03-28T12:30:00Z"
}
}9.4 containers run
Syntax
mieos containers run \
--name <name> \
--image <image> \
[--command <command>] \
[--arg <value> ...] \
[--cpu <millicores>] \
[--memory <mb>] \
[--port <host:container[/protocol]> ...] \
[--env <KEY=VALUE> ...] \
[--env-file <file>] \
[--volume <source:target[:ro|rw]> ...] \
[--restart-policy <Never|OnFailure|Always>] \
[--network <name>] \
[--service-account <name>] \
[--detach] \
[--wait]Required flags
--name--image
Notes
--cpuis expressed in millicores or an agreed integer unit.--memoryis in MB for CLI simplicity.--detachreturns immediately after submission.--waitblocks until the container reaches a stable state.
9.5 containers update
Mutable fields
--cpu
--memory
--env
--env-file
--image
--restart-policy
--label
Behavior should be explicit:
- If the update requires recreation, the CLI should say so clearly.
--force-recreatemay be used to permit destructive replacement.
9.6 containers exec
Syntax
mieos containers exec --container-id c-123 --command "/bin/sh"Optional flags
--interactive
--tty
--user <user>
--workdir <path>
--env <KEY=VALUE>
9.7 containers logs
Syntax
mieos containers logs --container-id c-123Optional flags
--follow
--since <duration|timestamp>
--tail <n>
--timestamps
--stream <stdout|stderr|all>
9.8 containers stats
Returns current or recent usage metrics.
Output fields
- CPU percentage or usage units
- Memory current and limit
- Network rx/tx
- Disk read/write if available
- Uptime
10. Kubernetes service
The kubernetes service manages cluster-level and workload-level resources while preserving the AWS CLI shape.
10.1 Subgroups
kubernetes clusters
kubernetes namespaces
kubernetes workloads
kubernetes pods
kubernetes services
kubernetes nodes
kubernetes config
11. Kubernetes clusters
11.1 Commands
mieos kubernetes clusters list
mieos kubernetes clusters describe --cluster <name>
mieos kubernetes clusters create
mieos kubernetes clusters update --cluster <name>
mieos kubernetes clusters delete --cluster <name>
mieos kubernetes clusters kubeconfig --cluster <name>
mieos kubernetes clusters events --cluster <name>
mieos kubernetes clusters wait <state> --cluster <name>11.2 clusters create
Syntax
mieos kubernetes clusters create \
--name prod-us \
--version 1.31 \
--node-count 3 \
--node-size medium \
[--network default] \
[--service-cidr 10.96.0.0/12] \
[--pod-cidr 10.244.0.0/16] \
[--tags Key=Env,Value=prod]11.3 clusters kubeconfig
Syntax
mieos kubernetes clusters kubeconfig --cluster prod-usOptional flags
--write-to <path>
--merge
--context-name <name>
Default behavior:
- Print kubeconfig to stdout unless
--write-tois provided. - If
--mergeis set, merge into the default kubeconfig file.
12. Kubernetes namespaces
12.1 Commands
mieos kubernetes namespaces list --cluster <name>
mieos kubernetes namespaces describe --cluster <name> --namespace <ns>
mieos kubernetes namespaces create --cluster <name> --namespace <ns>
mieos kubernetes namespaces delete --cluster <name> --namespace <ns>13. Kubernetes workloads
workloads is an abstraction layer over deployable resources, likely covering Deployments, StatefulSets, DaemonSets, Jobs, and CronJobs where supported.
13.1 Commands
mieos kubernetes workloads list --cluster <name> [--namespace <ns>]
mieos kubernetes workloads describe --cluster <name> --namespace <ns> --name <name>
mieos kubernetes workloads apply --cluster <name> --file <path>
mieos kubernetes workloads restart --cluster <name> --namespace <ns> --name <name>
mieos kubernetes workloads scale --cluster <name> --namespace <ns> --name <name> --replicas <n>
mieos kubernetes workloads delete --cluster <name> --namespace <ns> --name <name>
mieos kubernetes workloads logs --cluster <name> --namespace <ns> --name <name>
mieos kubernetes workloads events --cluster <name> --namespace <ns> --name <name>13.2 Workload type selection
If multiple underlying workload types may share the same name, add:
--type <deployment|statefulset|daemonset|job|cronjob>
13.3 workloads apply
Syntax
mieos kubernetes workloads apply --cluster prod-us --file deployment.yamlOptional flags
--namespace <ns>
--validate
--dry-run
--wait
13.4 workloads scale
Syntax
mieos kubernetes workloads scale \
--cluster prod-us \
--namespace default \
--name api \
--replicas 514. Kubernetes pods
14.1 Commands
mieos kubernetes pods list --cluster <name> [--namespace <ns>]
mieos kubernetes pods describe --cluster <name> --namespace <ns> --pod <pod>
mieos kubernetes pods logs --cluster <name> --namespace <ns> --pod <pod>
mieos kubernetes pods exec --cluster <name> --namespace <ns> --pod <pod> --command <cmd>
mieos kubernetes pods delete --cluster <name> --namespace <ns> --pod <pod>14.2 pods logs
Optional flags
--container <name>
--follow
--since <duration|timestamp>
--tail <n>
--timestamps
--previous
14.3 pods exec
Optional flags
--container <name>
--interactive
--tty
--user <user>
--workdir <path>
15. Kubernetes services
15.1 Commands
mieos kubernetes services list --cluster <name> [--namespace <ns>]
mieos kubernetes services describe --cluster <name> --namespace <ns> --name <name>
mieos kubernetes services delete --cluster <name> --namespace <ns> --name <name>Optional later commands if API supports them:
mieos kubernetes services create
mieos kubernetes services expose16. Kubernetes nodes
16.1 Commands
mieos kubernetes nodes list --cluster <name>
mieos kubernetes nodes describe --cluster <name> --node <name>
mieos kubernetes nodes cordon --cluster <name> --node <name>
mieos kubernetes nodes uncordon --cluster <name> --node <name>
mieos kubernetes nodes drain --cluster <name> --node <name>These should only exist if the control plane exposes node lifecycle operations.
17. Images service
The images service handles image registry interactions and image metadata.
17.1 Commands
mieos images list
mieos images describe --image <ref>
mieos images pull --image <ref>
mieos images push --image <ref>
mieos images delete --image <ref>
mieos images scan --image <ref>17.2 Example
mieos images describe --image ghcr.io/acme/api:latest17.3 Output fields
- Image reference
- Digest
- Size
- Architecture
- Creation time
- Vulnerability summary if available
18. Volumes service
The volumes service manages persistent volumes for both containers and Kubernetes integrations where the platform abstracts storage.
18.1 Commands
mieos volumes list
mieos volumes describe --volume-id <id>
mieos volumes create --name <name> --size <gb>
mieos volumes update --volume-id <id>
mieos volumes delete --volume-id <id>
mieos volumes attach --volume-id <id> --container-id <id>
mieos volumes detach --volume-id <id> --container-id <id>18.2 Common flags
--size <gb>
--class <standard|fast|premium>
--zone <zone>
--read-only
19. Networks service
The networks service manages logical network constructs exposed by the platform.
19.1 Commands
mieos networks list
mieos networks describe --network-id <id>
mieos networks create --name <name>
mieos networks update --network-id <id>
mieos networks delete --network-id <id>19.2 Optional subresources
If supported:
mieos networks endpoints list --network-id <id>
mieos networks policies list --network-id <id>20. Logs service
The logs service is a cross-resource logging API.
20.1 Commands
mieos logs get
mieos logs tail20.2 Shared syntax
mieos logs get --resource-type <type> --resource-id <id>
mieos logs tail --resource-type <type> --resource-id <id>20.3 Supported resource types
container
cluster
workload
pod
service
node
20.4 Flags
--cluster <name>
--namespace <ns>
--container <name>
--since <duration|timestamp>
--tail <n>
--timestamps
--stream <stdout|stderr|all>
21. Events service
The events service returns lifecycle and platform events.
21.1 Commands
mieos events list
mieos events describe --event-id <id>21.2 Common filters
--resource-type <type>
--resource-id <id>
--severity <info|warning|error>
--since <duration|timestamp>
--until <duration|timestamp>
--status <open|resolved|all>
22. IAM service
If MIE OS supports identities, service accounts, roles, or API keys, present them under iam.
22.1 Commands
mieos iam users list
mieos iam users describe --user <name>
mieos iam roles list
mieos iam roles describe --role <name>
mieos iam service-accounts list
mieos iam service-accounts describe --name <name>
mieos iam api-keys list
mieos iam api-keys create --name <name>
mieos iam api-keys delete --key-id <id>22.2 Notes
- Only expose these if they map to actual platform concepts.
- Prefer AWS-like role and policy terminology only if the permissions model is truly similar.
23. Quotas service
23.1 Commands
mieos quotas list
mieos quotas describe --region <region>23.2 Example output
{
"Quotas": [
{
"Name": "RunningContainers",
"Limit": 500,
"Used": 134,
"Unit": "count"
},
{
"Name": "TotalMemory",
"Limit": 1048576,
"Used": 524288,
"Unit": "MB"
}
]
}24. Error model
Errors should feel consistent and script-friendly.
24.1 Exit codes
0 Success
1 General error
2 Invalid usage or argument parsing error
3 Authentication failure
4 Authorization failure
5 Not found
6 Conflict or resource already exists
7 Validation failure
8 Timeout
9 API transport failure
10 Rate limited
24.2 Error output shape
Default human-readable stderr:
An error occurred (ResourceNotFound) when calling the DescribeContainer operation:
Container c-123 was not found in region us-east-1.
Optional structured output with --output json:
{
"Error": {
"Code": "ResourceNotFound",
"Message": "Container c-123 was not found in region us-east-1.",
"RequestId": "req-abc123",
"StatusCode": 404
}
}24.3 Validation behavior
- Missing required flags should fail before making any API call.
- Mutually exclusive flags should be explicitly documented.
- Destructive commands should support
--forcewhere warranted.
25. Help system
Help should match AWS expectations.
25.1 Commands
mieos help
mieos containers help
mieos containers run help25.2 Help content standard
Each help page should include:
- Name
- Synopsis
- Description
- Options
- Examples
- Output
- Related commands
26. Aliases
Support a limited, documented alias set.
ct -> containers
k8s -> kubernetes
reg -> regions
img -> images
vol -> volumes
net -> networks
Examples:
mieos ct list
mieos k8s clusters list
mieos reg listAliases should be convenience only, never the sole documented form.
27. Dry-run and confirmation semantics
27.1 Dry-run
Where supported for mutating commands:
--dry-run
Behavior:
- Validate request
- Show the intended API action
- Do not persist changes
27.2 Force and confirmation
Destructive commands may support:
--force
Without --force, destructive commands may prompt only in interactive terminals. In non-interactive use they should fail unless --force is passed.
28. API mapping model
Each CLI command should map cleanly to a REST action while preserving CLI stability.
28.1 General pattern
list->GETcollection endpointdescribe->GETresource endpointcreate/run->POSTupdate->PATCHorPUTdelete->DELETElogs/events->GETsubordinate collectionexec->POSTaction endpoint
28.2 Stability rule
The CLI contract should not expose raw REST path details in normal usage. If backend paths change, the CLI command names and flags should remain stable.
29. Examples by workflow
29.1 First-time setup
mieos configure
mieos sts get-caller-identity
mieos regions list29.2 Run a container
mieos containers run \
--name web \
--image nginx:latest \
--cpu 500 \
--memory 1024 \
--port 80:80 \
--detach29.3 Inspect and follow logs
mieos containers describe --container-id c-123
mieos containers logs --container-id c-123 --follow --tail 10029.4 Scale a Kubernetes workload
mieos kubernetes workloads scale \
--cluster prod-us \
--namespace default \
--name api \
--replicas 629.5 Fetch kubeconfig and inspect pods
mieos kubernetes clusters kubeconfig --cluster prod-us --merge
mieos kubernetes pods list --cluster prod-us --namespace payments29.6 Region-aware scripting
mieos containers list --region us-east-1 --query 'Containers[].ContainerId'
mieos kubernetes clusters list --region eu-west-1 --output table30. Recommended implementation notes
30.1 Suggested parser structure
A nested command parser such as Cobra, Click, Typer, or Commander is suitable.
30.2 UX rules
- Every collection command should support pagination.
- Every list command should support
--queryand--output. - Every resource should expose
list,describe, anddeletewhere meaningful. - Cross-resource operations like logs and events should be consistent.
- Kubernetes operations should not attempt full
kubectlparity.
30.3 Future-compatible extensions
Potential future groups:
secrets
registry
autoscaling
monitoring
backups
certificates
domains
31. Minimum viable command set
If shipping an MVP, prioritize these commands first:
mieos configure
mieos sts get-caller-identity
mieos regions list
mieos containers list
mieos containers describe
mieos containers run
mieos containers stop
mieos containers delete
mieos containers logs
mieos kubernetes clusters list
mieos kubernetes clusters describe
mieos kubernetes clusters kubeconfig
mieos kubernetes workloads list
mieos kubernetes workloads scale
mieos kubernetes pods list
mieos kubernetes pods logs32. Summary
The mieos CLI should preserve the strongest aspects of the AWS CLI user experience:
- service-oriented command structure
- consistent verbs
- predictable global options
- stable output and query behavior
- strong region/profile model
- clear identity introspection
At the same time, it should remain true to the MIE OS platform by separating direct containers from Kubernetes resources and exposing platform-native concepts without forcing users to learn raw REST endpoints.