diff options
-rw-r--r-- | RELEASE_NOTES.md | 9 | ||||
-rw-r--r-- | cmd/podman/common/specgen.go | 2 | ||||
-rw-r--r-- | cmd/podman/containers/create.go | 48 | ||||
-rw-r--r-- | cmd/podman/containers/run.go | 9 | ||||
-rw-r--r-- | cmd/podman/registry/config_tunnel.go | 7 | ||||
-rw-r--r-- | pkg/api/handlers/compat/exec.go | 3 | ||||
-rw-r--r-- | pkg/ps/ps.go | 8 | ||||
-rw-r--r-- | pkg/specgen/generate/container_create.go | 3 | ||||
-rw-r--r-- | pkg/specgen/specgen.go | 2 | ||||
-rw-r--r-- | pkg/systemd/generate/containers.go | 2 | ||||
-rw-r--r-- | pkg/systemd/generate/containers_test.go | 2 | ||||
-rw-r--r-- | test/e2e/ps_test.go | 17 | ||||
-rw-r--r-- | test/system/030-run.bats | 41 |
13 files changed, 117 insertions, 36 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index be9861518..44b64f977 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -5,6 +5,7 @@ - The `podman system connection` command was mistakenly omitted from the 2.0 release, and has been included here. - The `podman ps --format=json` command once again includes container's creation time in a human-readable format in the `CreatedAt` key. - The `podman inspect` commands on containers now displays forwarded ports in a format compatible with `docker inspect`. +- The `--log-level=debug` flag to `podman run` and `podman exec` will enable syslog for exit commands, ensuring that debug logs are collected for these otherwise-unlogged commands. ### Bugfixes - Fixed a bug where `podman build` did not properly handle the `--http-proxy` and `--cgroup-manager` flags. @@ -18,11 +19,19 @@ - Fixed a bug where SSH agent authentication support was not properly working in the `podman-remote` and `podman --remote` commands. - Fixed a bug where the `podman untag` command was not erroring when no matching image was found. - Fixed a bug where stop signal for containers was not being set properly if not explicitly provided. +- Fixed a bug where the `podman ps` command was not showing port mappings for containers which share a network namespace with another container (e.g. are part of a pod). +- Fixed a bug where the `--remote` flag could unintentionally be forwarded into containers when using `podman-remote`. +- Fixed a bug where unit files generated for pods by `podman generate systemd` would not allow individual containers to be restarted ([#6770](https://github.com/containers/libpod/issues/6770)). +- Fixed a bug where the `podman run` and `podman create` commands did not support all transports that `podman pull` does ([#6744](https://github.com/containers/libpod/issues/6744)). +- Fixed a bug where the `label` option to `--security-opt` would only be shown once in `podman inspect`, even if provided multiple times. ### API - Fixed a bug where network endpoint URLs in the compatability API were mistakenly suffixed with `/json`. - Fixed a bug where the Libpod volume creation endpoint returned 200 instead of 201 on success. +### Misc +- Updated containers/common to v0.14.3 + ## 2.0.0 ### Features - The REST API and `podman system service` are no longer experimental, and ready for use! diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go index 26d18faf0..8c3b10a7c 100644 --- a/cmd/podman/common/specgen.go +++ b/cmd/podman/common/specgen.go @@ -520,7 +520,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string case "label": // TODO selinux opts and label opts are the same thing s.ContainerSecurityConfig.SelinuxOpts = append(s.ContainerSecurityConfig.SelinuxOpts, con[1]) - s.Annotations[define.InspectAnnotationLabel] = con[1] + s.Annotations[define.InspectAnnotationLabel] = strings.Join(s.ContainerSecurityConfig.SelinuxOpts, ",label=") case "apparmor": s.ContainerSecurityConfig.ApparmorProfile = con[1] s.Annotations[define.InspectAnnotationApparmor] = con[1] diff --git a/cmd/podman/containers/create.go b/cmd/podman/containers/create.go index 45ce00c86..c48a739ff 100644 --- a/cmd/podman/containers/create.go +++ b/cmd/podman/containers/create.go @@ -6,11 +6,12 @@ import ( "os" "strings" - "github.com/containers/libpod/libpod/define" - "github.com/containers/common/pkg/config" + "github.com/containers/image/v5/storage" + "github.com/containers/image/v5/transports/alltransports" "github.com/containers/libpod/cmd/podman/common" "github.com/containers/libpod/cmd/podman/registry" + "github.com/containers/libpod/libpod/define" "github.com/containers/libpod/pkg/domain/entities" "github.com/containers/libpod/pkg/errorhandling" "github.com/containers/libpod/pkg/specgen" @@ -108,12 +109,15 @@ func create(cmd *cobra.Command, args []string) error { return err } + imageName := args[0] if !cliVals.RootFS { - if err := pullImage(args[0]); err != nil { + name, err := pullImage(args[0]) + if err != nil { return err } + imageName = name } - s := specgen.NewSpecGenerator(args[0], cliVals.RootFS) + s := specgen.NewSpecGenerator(imageName, cliVals.RootFS) if err := common.FillOutSpecGen(s, &cliVals, args); err != nil { return err } @@ -211,30 +215,44 @@ func createInit(c *cobra.Command) error { return nil } -func pullImage(imageName string) error { - br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName) - if err != nil { - return err - } +func pullImage(imageName string) (string, error) { pullPolicy, err := config.ValidatePullPolicy(cliVals.Pull) if err != nil { - return err + return "", err } - if !br.Value || pullPolicy == config.PullImageAlways { + + // Check if the image is missing and hence if we need to pull it. + imageMissing := true + imageRef, err := alltransports.ParseImageName(imageName) + switch { + case err != nil: + // Assume we specified a local image withouth the explicit storage transport. + fallthrough + + case imageRef.Transport().Name() == storage.Transport.Name(): + br, err := registry.ImageEngine().Exists(registry.GetContext(), imageName) + if err != nil { + return "", err + } + imageMissing = !br.Value + } + + if imageMissing || pullPolicy == config.PullImageAlways { if pullPolicy == config.PullImageNever { - return errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName) + return "", errors.Wrapf(define.ErrNoSuchImage, "unable to find a name and tag match for %s in repotags", imageName) } - _, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{ + pullReport, pullErr := registry.ImageEngine().Pull(registry.GetContext(), imageName, entities.ImagePullOptions{ Authfile: cliVals.Authfile, Quiet: cliVals.Quiet, OverrideArch: cliVals.OverrideArch, OverrideOS: cliVals.OverrideOS, }) if pullErr != nil { - return pullErr + return "", pullErr } + imageName = pullReport.Images[0] } - return nil + return imageName, nil } func openCidFile(cidfile string) (*os.File, error) { diff --git a/cmd/podman/containers/run.go b/cmd/podman/containers/run.go index b9c196b64..a16c2f89d 100644 --- a/cmd/podman/containers/run.go +++ b/cmd/podman/containers/run.go @@ -123,10 +123,13 @@ func run(cmd *cobra.Command, args []string) error { return err } + imageName := args[0] if !cliVals.RootFS { - if err := pullImage(args[0]); err != nil { + name, err := pullImage(args[0]) + if err != nil { return err } + imageName = name } if cliVals.Replace { @@ -163,7 +166,7 @@ func run(cmd *cobra.Command, args []string) error { } runOpts.Detach = cliVals.Detach runOpts.DetachKeys = cliVals.DetachKeys - s := specgen.NewSpecGenerator(args[0], cliVals.RootFS) + s := specgen.NewSpecGenerator(imageName, cliVals.RootFS) if err := common.FillOutSpecGen(s, &cliVals, args); err != nil { return err } @@ -193,7 +196,7 @@ func run(cmd *cobra.Command, args []string) error { return nil } if runRmi { - _, rmErrors := registry.ImageEngine().Remove(registry.GetContext(), []string{args[0]}, entities.ImageRemoveOptions{}) + _, rmErrors := registry.ImageEngine().Remove(registry.GetContext(), []string{imageName}, entities.ImageRemoveOptions{}) if len(rmErrors) > 0 { logrus.Errorf("%s", errors.Wrapf(errorhandling.JoinErrors(rmErrors), "failed removing image")) } diff --git a/cmd/podman/registry/config_tunnel.go b/cmd/podman/registry/config_tunnel.go index 4f9f51163..bb3da947e 100644 --- a/cmd/podman/registry/config_tunnel.go +++ b/cmd/podman/registry/config_tunnel.go @@ -2,13 +2,6 @@ package registry -import ( - "os" -) - func init() { abiSupport = false - - // Enforce that podman-remote == podman --remote - os.Args = append(os.Args, "--remote") } diff --git a/pkg/api/handlers/compat/exec.go b/pkg/api/handlers/compat/exec.go index 8f7016903..dae76c061 100644 --- a/pkg/api/handlers/compat/exec.go +++ b/pkg/api/handlers/compat/exec.go @@ -62,7 +62,8 @@ func ExecCreateHandler(w http.ResponseWriter, r *http.Request) { utils.InternalServerError(w, err) return } - exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, false, true, true) + // Automatically log to syslog if the server has log-level=debug set + exitCommandArgs, err := generate.CreateExitCommandArgs(storageConfig, runtimeConfig, logrus.IsLevelEnabled(logrus.DebugLevel), true, true) if err != nil { utils.InternalServerError(w, err) return diff --git a/pkg/ps/ps.go b/pkg/ps/ps.go index b07eb7f9a..cbac2cb06 100644 --- a/pkg/ps/ps.go +++ b/pkg/ps/ps.go @@ -145,11 +145,15 @@ func ListContainerBatch(rt *libpod.Runtime, ctr *libpod.Container, opts entities } return nil }) - if batchErr != nil { return entities.ListContainer{}, batchErr } + portMappings, err := ctr.PortMappings() + if err != nil { + return entities.ListContainer{}, err + } + ps := entities.ListContainer{ Command: conConfig.Command, Created: conConfig.CreatedTime.Unix(), @@ -165,7 +169,7 @@ func ListContainerBatch(rt *libpod.Runtime, ctr *libpod.Container, opts entities Names: []string{conConfig.Name}, Pid: pid, Pod: conConfig.Pod, - Ports: conConfig.PortMappings, + Ports: portMappings, Size: size, StartedAt: startedTime.Unix(), State: conState.String(), diff --git a/pkg/specgen/generate/container_create.go b/pkg/specgen/generate/container_create.go index 2f7100e7e..59414e668 100644 --- a/pkg/specgen/generate/container_create.go +++ b/pkg/specgen/generate/container_create.go @@ -110,8 +110,7 @@ func MakeContainer(ctx context.Context, rt *libpod.Runtime, s *specgen.SpecGener } options = append(options, opts...) - // TODO: Enable syslog support - we'll need to put this in SpecGen. - exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, false, s.Remove, false) + exitCommandArgs, err := CreateExitCommandArgs(rt.StorageConfig(), rtc, logrus.IsLevelEnabled(logrus.DebugLevel), s.Remove, false) if err != nil { return nil, err } diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go index 77b1353c4..03e840ab4 100644 --- a/pkg/specgen/specgen.go +++ b/pkg/specgen/specgen.go @@ -129,7 +129,7 @@ type ContainerBasicConfig struct { Sysctl map[string]string `json:"sysctl,omitempty"` // Remove indicates if the container should be removed once it has been started // and exits - Remove bool `json:"remove"` + Remove bool `json:"remove,omitempty"` } // ContainerStorageConfig contains information on the storage configuration of a diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go index bf6cb81b8..333f8ef88 100644 --- a/pkg/systemd/generate/containers.go +++ b/pkg/systemd/generate/containers.go @@ -69,8 +69,6 @@ type containerInfo struct { const containerTemplate = headerTemplate + ` {{- if .BoundToServices}} -RefuseManualStart=yes -RefuseManualStop=yes BindsTo={{- range $index, $value := .BoundToServices -}}{{if $index}} {{end}}{{ $value }}.service{{end}} After={{- range $index, $value := .BoundToServices -}}{{if $index}} {{end}}{{ $value }}.service{{end}} {{- end}} diff --git a/pkg/systemd/generate/containers_test.go b/pkg/systemd/generate/containers_test.go index 80f0996a1..e108251ea 100644 --- a/pkg/systemd/generate/containers_test.go +++ b/pkg/systemd/generate/containers_test.go @@ -88,8 +88,6 @@ Description=Podman container-foobar.service Documentation=man:podman-generate-systemd(1) Wants=network.target After=network-online.target -RefuseManualStart=yes -RefuseManualStop=yes BindsTo=a.service b.service c.service pod.service After=a.service b.service c.service pod.service diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go index 0dc8e01af..cfc0a415e 100644 --- a/test/e2e/ps_test.go +++ b/test/e2e/ps_test.go @@ -449,4 +449,21 @@ var _ = Describe("Podman ps", func() { Expect(len(output)).To(Equal(1)) Expect(output[0]).To(Equal(ctrName)) }) + + It("podman ps test with port shared with pod", func() { + podName := "testPod" + pod := podmanTest.Podman([]string{"pod", "create", "-p", "8080:80", "--name", podName}) + pod.WaitWithDefaultTimeout() + Expect(pod.ExitCode()).To(Equal(0)) + + ctrName := "testCtr" + session := podmanTest.Podman([]string{"run", "--name", ctrName, "-dt", "--pod", podName, ALPINE, "top"}) + session.WaitWithDefaultTimeout() + Expect(session.ExitCode()).To(Equal(0)) + + ps := podmanTest.Podman([]string{"ps", "--filter", fmt.Sprintf("name=%s", ctrName), "--format", "{{.Ports}}"}) + ps.WaitWithDefaultTimeout() + Expect(ps.ExitCode()).To(Equal(0)) + Expect(ps.OutputToString()).To(ContainSubstring("0.0.0.0:8080->80/tcp")) + }) }) diff --git a/test/system/030-run.bats b/test/system/030-run.bats index aa9ace332..c7a9bf191 100644 --- a/test/system/030-run.bats +++ b/test/system/030-run.bats @@ -189,4 +189,45 @@ echo $rand | 0 | $rand "podman will not overwrite existing cidfile" } +@test "podman run docker-archive" { + # Create an image that, when run, outputs a random magic string + expect=$(random_string 20) + run_podman run --name myc --entrypoint="[\"/bin/echo\",\"$expect\"]" $IMAGE + is "$output" "$expect" "podman run --entrypoint echo-randomstring" + + # Save it as a tar archive + run_podman commit myc myi + archive=$PODMAN_TMPDIR/archive.tar + run_podman save myi -o $archive + is "$output" "" "podman save" + + # Clean up image and container from container storage... + run_podman rmi myi + run_podman rm myc + + # ... then confirm we can run from archive. This re-imports the image + # and runs it, producing our random string as the last line. + run_podman run docker-archive:$archive + is "${lines[0]}" "Getting image source signatures" "podman run docker-archive, first line of output" + is "$output" ".*Copying blob" "podman run docker-archive" + is "$output" ".*Copying config" "podman run docker-archive" + is "$output" ".*Writing manifest" "podman run docker-archive" + is "${lines[-1]}" "$expect" "podman run docker-archive: expected random string output" + + # Clean up container as well as re-imported image + run_podman rm -a + run_podman rmi myi + + # Repeat the above, with podman-create and podman-start. + run_podman create docker-archive:$archive + cid=${lines[-1]} + + run_podman start --attach $cid + is "$output" "$expect" "'podman run' of 'podman-create docker-archive'" + + # Clean up. + run_podman rm $cid + run_podman rmi myi +} + # vim: filetype=sh |