summaryrefslogtreecommitdiff
path: root/libpod
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-09-16 15:05:28 -0400
committerGitHub <noreply@github.com>2021-09-16 15:05:28 -0400
commit2a30b60666001b7039aaf5318ffeaa0374433f27 (patch)
tree421afa18f2bdb6c03d2be3872b6135efdf8282da /libpod
parentfcb22e82b518bd8de31bc152b78d2cbc6ab09964 (diff)
parent29edeaa892df2f533f997adb0736f09a6f8e0965 (diff)
downloadpodman-2a30b60666001b7039aaf5318ffeaa0374433f27.tar.gz
podman-2a30b60666001b7039aaf5318ffeaa0374433f27.tar.bz2
podman-2a30b60666001b7039aaf5318ffeaa0374433f27.zip
Merge pull request #11598 from mheon/34_backportsreleasenotes
Backports and release notes for v3.4.0-RC1
Diffstat (limited to 'libpod')
-rw-r--r--libpod/container_internal.go9
-rw-r--r--libpod/container_internal_linux.go13
-rw-r--r--libpod/define/info.go2
-rw-r--r--libpod/define/pod_inspect.go12
-rw-r--r--libpod/info.go6
-rw-r--r--libpod/networking_linux.go1
-rw-r--r--libpod/oci_conmon_linux.go1
-rw-r--r--libpod/oci_util.go13
-rw-r--r--libpod/pod.go89
-rw-r--r--libpod/pod_api.go6
10 files changed, 37 insertions, 115 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 4d1a25541..18b80475b 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -293,6 +293,15 @@ func (c *Container) handleRestartPolicy(ctx context.Context) (_ bool, retErr err
}
}
+ // setup rootlesskit port forwarder again since it dies when conmon exits
+ // we use rootlesskit port forwarder only as rootless and when bridge network is used
+ if rootless.IsRootless() && c.config.NetMode.IsBridge() && len(c.config.PortMappings) > 0 {
+ err := c.runtime.setupRootlessPortMappingViaRLK(c, c.state.NetNS.Path())
+ if err != nil {
+ return false, err
+ }
+ }
+
if c.state.State == define.ContainerStateStopped {
// Reinitialize the container if we need to
if err := c.reinit(ctx, true); err != nil {
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index eabe8efd2..4194a0d93 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -2489,15 +2489,7 @@ func (c *Container) getOCICgroupPath() (string, error) {
switch {
case c.config.NoCgroups:
return "", nil
- case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)):
- if !isRootlessCgroupSet(c.config.CgroupParent) {
- return "", nil
- }
- return c.config.CgroupParent, nil
case c.config.CgroupsMode == cgroupSplit:
- if c.config.CgroupParent != "" {
- return c.config.CgroupParent, nil
- }
selfCgroup, err := utils.GetOwnCgroup()
if err != nil {
return "", err
@@ -2510,6 +2502,11 @@ func (c *Container) getOCICgroupPath() (string, error) {
systemdCgroups := fmt.Sprintf("%s:libpod:%s", path.Base(c.config.CgroupParent), c.ID())
logrus.Debugf("Setting CGroups for container %s to %s", c.ID(), systemdCgroups)
return systemdCgroups, nil
+ case (rootless.IsRootless() && (cgroupManager == config.CgroupfsCgroupsManager || !unified)):
+ if c.config.CgroupParent == "" || !isRootlessCgroupSet(c.config.CgroupParent) {
+ return "", nil
+ }
+ fallthrough
case cgroupManager == config.CgroupfsCgroupsManager:
cgroupPath := filepath.Join(c.config.CgroupParent, fmt.Sprintf("libpod-%s", c.ID()))
logrus.Debugf("Setting CGroup path for container %s to %s", c.ID(), cgroupPath)
diff --git a/libpod/define/info.go b/libpod/define/info.go
index 73df80087..f4aa0031c 100644
--- a/libpod/define/info.go
+++ b/libpod/define/info.go
@@ -78,7 +78,9 @@ type IDMappings struct {
// for libpod
type DistributionInfo struct {
Distribution string `json:"distribution"`
+ Variant string `json:"variant,omitempty"`
Version string `json:"version"`
+ Codename string `json:"codename,omitempty"`
}
// ConmonInfo describes the conmon executable being used
diff --git a/libpod/define/pod_inspect.go b/libpod/define/pod_inspect.go
index f91fd198d..b88d4f279 100644
--- a/libpod/define/pod_inspect.go
+++ b/libpod/define/pod_inspect.go
@@ -51,12 +51,6 @@ type InspectPodData struct {
// Containers gives a brief summary of all containers in the pod and
// their current status.
Containers []InspectPodContainerInfo `json:"Containers,omitempty"`
- // CPUPeriod contains the CPU period of the pod
- CPUPeriod uint64 `json:"cpu_period,omitempty"`
- // CPUQuota contains the CPU quota of the pod
- CPUQuota int64 `json:"cpu_quota,omitempty"`
- // CPUSetCPUs contains linux specific CPU data for the pod
- CPUSetCPUs string `json:"cpuset_cpus,omitempty"`
}
// InspectPodInfraConfig contains the configuration of the pod's infra
@@ -97,12 +91,6 @@ type InspectPodInfraConfig struct {
Networks []string
// NetworkOptions are additional options for each network
NetworkOptions map[string][]string
- // CPUPeriod contains the CPU period of the pod
- CPUPeriod uint64 `json:"cpu_period,omitempty"`
- // CPUQuota contains the CPU quota of the pod
- CPUQuota int64 `json:"cpu_quota,omitempty"`
- // CPUSetCPUs contains linux specific CPU data for the container
- CPUSetCPUs string `json:"cpuset_cpus,omitempty"`
// Pid is the PID namespace mode of the pod's infra container
PidNS string `json:"pid_ns,omitempty"`
// UserNS is the usernamespace that all the containers in the pod will join.
diff --git a/libpod/info.go b/libpod/info.go
index 31ec9cdc1..2eba4bbff 100644
--- a/libpod/info.go
+++ b/libpod/info.go
@@ -370,9 +370,15 @@ func (r *Runtime) GetHostDistributionInfo() define.DistributionInfo {
if strings.HasPrefix(l.Text(), "ID=") {
dist.Distribution = strings.TrimPrefix(l.Text(), "ID=")
}
+ if strings.HasPrefix(l.Text(), "VARIANT_ID=") {
+ dist.Variant = strings.Trim(strings.TrimPrefix(l.Text(), "VARIANT_ID="), "\"")
+ }
if strings.HasPrefix(l.Text(), "VERSION_ID=") {
dist.Version = strings.Trim(strings.TrimPrefix(l.Text(), "VERSION_ID="), "\"")
}
+ if strings.HasPrefix(l.Text(), "VERSION_CODENAME=") {
+ dist.Codename = strings.Trim(strings.TrimPrefix(l.Text(), "VERSION_CODENAME="), "\"")
+ }
}
return dist
}
diff --git a/libpod/networking_linux.go b/libpod/networking_linux.go
index 9aa6cab15..b0d4e0b2d 100644
--- a/libpod/networking_linux.go
+++ b/libpod/networking_linux.go
@@ -718,6 +718,7 @@ func (r *Runtime) setupRootlessNetNS(ctr *Container) error {
// set up port forwarder for CNI-in-slirp4netns
netnsPath := ctr.state.NetNS.Path()
// TODO: support slirp4netns port forwarder as well
+ // make sure to fix this container.handleRestartPolicy() as well
return r.setupRootlessPortMappingViaRLK(ctr, netnsPath)
}
return nil
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go
index 924df2310..8a823e4fc 100644
--- a/libpod/oci_conmon_linux.go
+++ b/libpod/oci_conmon_linux.go
@@ -1138,6 +1138,7 @@ func (r *ConmonOCIRuntime) createOCIContainer(ctr *Container, restoreOptions *Co
if err != nil {
return err
}
+ filesToClose = append(filesToClose, ports...)
// Leak the port we bound in the conmon process. These fd's won't be used
// by the container and conmon will keep the ports busy so that another
diff --git a/libpod/oci_util.go b/libpod/oci_util.go
index 1cafd5863..f2843b09b 100644
--- a/libpod/oci_util.go
+++ b/libpod/oci_util.go
@@ -68,6 +68,12 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) {
return nil, errors.Wrapf(err, "cannot get file for UDP socket")
}
files = append(files, f)
+ // close the listener
+ // note that this does not affect the fd, see the godoc for server.File()
+ err = server.Close()
+ if err != nil {
+ logrus.Warnf("failed to close connection: %v", err)
+ }
case "tcp":
var (
@@ -96,6 +102,13 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) {
return nil, errors.Wrapf(err, "cannot get file for TCP socket")
}
files = append(files, f)
+ // close the listener
+ // note that this does not affect the fd, see the godoc for server.File()
+ err = server.Close()
+ if err != nil {
+ logrus.Warnf("failed to close connection: %v", err)
+ }
+
case "sctp":
if !notifySCTP {
notifySCTP = true
diff --git a/libpod/pod.go b/libpod/pod.go
index e4516b354..0d5d629cd 100644
--- a/libpod/pod.go
+++ b/libpod/pod.go
@@ -1,7 +1,6 @@
package libpod
import (
- "context"
"fmt"
"sort"
"time"
@@ -99,65 +98,6 @@ func (p *Pod) Namespace() string {
return p.config.Namespace
}
-// ResourceLim returns the cpuset resource limits for the pod
-func (p *Pod) ResourceLim() *specs.LinuxResources {
- resCopy := &specs.LinuxResources{}
- empty := &specs.LinuxResources{
- CPU: &specs.LinuxCPU{},
- }
- infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
- if err != nil {
- return empty
- }
- conf := infra.config.Spec
- if err != nil {
- return empty
- }
- if conf.Linux == nil || conf.Linux.Resources == nil {
- return empty
- }
- if err = JSONDeepCopy(conf.Linux.Resources, resCopy); err != nil {
- return nil
- }
- if resCopy.CPU != nil {
- return resCopy
- }
-
- return empty
-}
-
-// CPUPeriod returns the pod CPU period
-func (p *Pod) CPUPeriod() uint64 {
- if p.state.InfraContainerID == "" {
- return 0
- }
- infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
- if err != nil {
- return 0
- }
- conf := infra.config.Spec
- if conf != nil && conf.Linux != nil && conf.Linux.Resources != nil && conf.Linux.Resources.CPU != nil && conf.Linux.Resources.CPU.Period != nil {
- return *conf.Linux.Resources.CPU.Period
- }
- return 0
-}
-
-// CPUQuota returns the pod CPU quota
-func (p *Pod) CPUQuota() int64 {
- if p.state.InfraContainerID == "" {
- return 0
- }
- infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
- if err != nil {
- return 0
- }
- conf := infra.config.Spec
- if conf != nil && conf.Linux != nil && conf.Linux.Resources != nil && conf.Linux.Resources.CPU != nil && conf.Linux.Resources.CPU.Quota != nil {
- return *conf.Linux.Resources.CPU.Quota
- }
- return 0
-}
-
// PidMode returns the PID mode given by the user ex: pod, private...
func (p *Pod) PidMode() string {
infra, err := p.runtime.GetContainer(p.state.InfraContainerID)
@@ -282,35 +222,6 @@ func (p *Pod) CgroupPath() (string, error) {
if err := p.updatePod(); err != nil {
return "", err
}
- if p.state.CgroupPath != "" {
- return p.state.CgroupPath, nil
- }
- if p.state.InfraContainerID == "" {
- return "", errors.Wrap(define.ErrNoSuchCtr, "pod has no infra container")
- }
-
- id, err := p.infraContainerID()
- if err != nil {
- return "", err
- }
-
- if id != "" {
- ctr, err := p.infraContainer()
- if err != nil {
- return "", errors.Wrapf(err, "could not get infra")
- }
- if ctr != nil {
- ctr.Start(context.Background(), true)
- cgroupPath, err := ctr.CGroupPath()
- fmt.Println(cgroupPath)
- if err != nil {
- return "", errors.Wrapf(err, "could not get container cgroup")
- }
- p.state.CgroupPath = cgroupPath
- p.save()
- return cgroupPath, nil
- }
- }
return p.state.CgroupPath, nil
}
diff --git a/libpod/pod_api.go b/libpod/pod_api.go
index 5f4d983b9..4c3b1b0b7 100644
--- a/libpod/pod_api.go
+++ b/libpod/pod_api.go
@@ -592,9 +592,6 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
infraConfig.StaticIP = infra.Config().ContainerNetworkConfig.StaticIP
infraConfig.NoManageResolvConf = infra.Config().UseImageResolvConf
infraConfig.NoManageHosts = infra.Config().UseImageHosts
- infraConfig.CPUPeriod = p.CPUPeriod()
- infraConfig.CPUQuota = p.CPUQuota()
- infraConfig.CPUSetCPUs = p.ResourceLim().CPU.Cpus
infraConfig.PidNS = p.PidMode()
infraConfig.UserNS = p.UserNSMode()
@@ -642,9 +639,6 @@ func (p *Pod) Inspect() (*define.InspectPodData, error) {
SharedNamespaces: sharesNS,
NumContainers: uint(len(containers)),
Containers: ctrs,
- CPUSetCPUs: p.ResourceLim().CPU.Cpus,
- CPUPeriod: p.CPUPeriod(),
- CPUQuota: p.CPUQuota(),
}
return &inspectData, nil