summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.cirrus.yml45
-rw-r--r--cmd/podman/shared/container.go80
-rw-r--r--contrib/cirrus/lib.sh13
-rwxr-xr-xcontrib/cirrus/notice_master_failure.sh20
-rw-r--r--docs/podman-load.1.md2
-rw-r--r--docs/podman-run.1.md9
-rw-r--r--libpod/container_internal.go4
-rw-r--r--libpod/container_internal_linux.go17
-rw-r--r--libpod/container_internal_unsupported.go4
-rw-r--r--libpod/oci.go7
-rw-r--r--libpod/runtime_ctr.go2
-rw-r--r--test/e2e/ps_test.go14
12 files changed, 194 insertions, 23 deletions
diff --git a/.cirrus.yml b/.cirrus.yml
index 8e26ce72e..14ba3fc6e 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -140,6 +140,10 @@ gating_task:
- '/usr/local/bin/entrypoint.sh clean podman BUILDTAGS="exclude_graphdriver_devicemapper selinux seccomp"'
- '/usr/local/bin/entrypoint.sh clean podman-remote-darwin'
+ on_failure:
+ master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh'
+
+
build_each_commit_task:
depends_on:
@@ -160,9 +164,12 @@ build_each_commit_task:
timeout_in: 30m
script:
- - $SCRIPT_BASE/setup_environment.sh
- - git fetch --depth $CIRRUS_CLONE_DEPTH origin $CIRRUS_BASE_BRANCH
- - env GOPATH=/var/tmp/go/ make build-all-new-commits GIT_BASE_BRANCH=origin/$CIRRUS_BASE_BRANCH
+ - '$SCRIPT_BASE/setup_environment.sh'
+ - 'git fetch --depth $CIRRUS_CLONE_DEPTH origin $CIRRUS_BASE_BRANCH'
+ - 'env GOPATH=/var/tmp/go/ make build-all-new-commits GIT_BASE_BRANCH=origin/$CIRRUS_BASE_BRANCH'
+
+ on_failure:
+ master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh'
# Update metadata on VM images referenced by this repository state
@@ -186,7 +193,7 @@ meta_task:
GCPPROJECT: ENCRYPTED[7c80e728e046b1c76147afd156a32c1c57d4a1ac1eab93b7e68e718c61ca8564fc61fef815952b8ae0a64e7034b8fe4f]
CIRRUS_CLONE_DEPTH: 1 # source not used
- script: /usr/local/bin/entrypoint.sh
+ script: '/usr/local/bin/entrypoint.sh'
# This task does the unit and integration testing for every platform
@@ -219,14 +226,12 @@ testing_task:
# Every *_script runs in sequence, for each task. The name prefix is for
# WebUI reference. The values may be strings...
- setup_environment_script: $SCRIPT_BASE/setup_environment.sh
+ setup_environment_script: '$SCRIPT_BASE/setup_environment.sh'
+ unit_test_script: '$SCRIPT_BASE/unit_test.sh'
+ integration_test_script: '$SCRIPT_BASE/integration_test.sh'
- # ...or lists of strings
- unit_test_script:
- - go version
- - $SCRIPT_BASE/unit_test.sh
-
- integration_test_script: $SCRIPT_BASE/integration_test.sh
+ on_failure:
+ master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh'
# This task executes tests as a regular user on a system
@@ -252,12 +257,15 @@ rootless_testing_task:
timeout_in: 120m
- setup_environment_script: $SCRIPT_BASE/setup_environment.sh
+ setup_environment_script: '$SCRIPT_BASE/setup_environment.sh'
rootless_test_script: >-
ssh $ROOTLESS_USER@localhost
-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o CheckHostIP=no
$CIRRUS_WORKING_DIR/$SCRIPT_BASE/rootless_test.sh
+ on_failure:
+ master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh'
+
# Because system tests are stored within the repository, it is sometimes
# necessary to execute them within a PR to validate changes.
@@ -283,8 +291,8 @@ optional_testing_task:
timeout_in: 60m
- setup_environment_script: $SCRIPT_BASE/setup_environment.sh
- system_test_script: $SCRIPT_BASE/system_test.sh
+ setup_environment_script: '$SCRIPT_BASE/setup_environment.sh'
+ system_test_script: '$SCRIPT_BASE/system_test.sh'
# Build new cache-images for future PR testing, but only after a PR merge.
@@ -317,8 +325,8 @@ cache_images_task:
scopes:
- compute
- devstorage.full_control
- environment_script: $SCRIPT_BASE/setup_environment.sh
- build_vm_images_script: $SCRIPT_BASE/build_vm_images.sh
+ environment_script: '$SCRIPT_BASE/setup_environment.sh'
+ build_vm_images_script: '$SCRIPT_BASE/build_vm_images.sh'
# TODO,Continuous Delivery: Automatically open a libpod PR after using 'sed' to replace
# the image_names with the new (just build) images. That will
@@ -331,6 +339,9 @@ cache_images_task:
# - modify_cirrus_yaml_image_names.sh
# - commit_and_create_upstream_pr.sh
+ on_failure:
+ master_script: '$CIRRUS_WORKING_DIR/$SCRIPT_BASE/notice_master_failure.sh'
+
# Post message to IRC if everything passed
success_task:
@@ -350,4 +361,4 @@ success_task:
cpu: 1
memory: 1
- success_script: $SCRIPT_BASE/success.sh
+ success_script: '$SCRIPT_BASE/success.sh'
diff --git a/cmd/podman/shared/container.go b/cmd/podman/shared/container.go
index 41950928e..6826191c5 100644
--- a/cmd/podman/shared/container.go
+++ b/cmd/podman/shared/container.go
@@ -3,11 +3,11 @@ package shared
import (
"context"
"fmt"
- "github.com/google/shlex"
"io"
"os"
"path/filepath"
"regexp"
+ "sort"
"strconv"
"strings"
"sync"
@@ -21,6 +21,7 @@ import (
"github.com/containers/libpod/pkg/util"
"github.com/cri-o/ocicni/pkg/ocicni"
"github.com/docker/go-units"
+ "github.com/google/shlex"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -583,18 +584,93 @@ func getCgroup(spec *specs.Spec) string {
return cgroup
}
+func comparePorts(i, j ocicni.PortMapping) bool {
+ if i.ContainerPort != j.ContainerPort {
+ return i.ContainerPort < j.ContainerPort
+ }
+
+ if i.HostIP != j.HostIP {
+ return i.HostIP < j.HostIP
+ }
+
+ if i.HostPort != j.HostPort {
+ return i.HostPort < j.HostPort
+ }
+
+ return i.Protocol < j.Protocol
+}
+
+// returns the group as <IP:startPort:lastPort->startPort:lastPort/Proto>
+// e.g 0.0.0.0:1000-1006->1000-1006/tcp
+func formatGroup(key string, start, last int32) string {
+ parts := strings.Split(key, "/")
+ groupType := parts[0]
+ var ip string
+ if len(parts) > 1 {
+ ip = parts[0]
+ groupType = parts[1]
+ }
+ group := strconv.Itoa(int(start))
+ if start != last {
+ group = fmt.Sprintf("%s-%d", group, last)
+ }
+ if ip != "" {
+ group = fmt.Sprintf("%s:%s->%s", ip, group, group)
+ }
+ return fmt.Sprintf("%s/%s", group, groupType)
+}
+
// portsToString converts the ports used to a string of the from "port1, port2"
+// also groups continuous list of ports in readable format.
func portsToString(ports []ocicni.PortMapping) string {
+ type portGroup struct {
+ first int32
+ last int32
+ }
var portDisplay []string
if len(ports) == 0 {
return ""
}
+ //Sort the ports, so grouping continuous ports become easy.
+ sort.Slice(ports, func(i, j int) bool {
+ return comparePorts(ports[i], ports[j])
+ })
+
+ // portGroupMap is used for grouping continuous ports
+ portGroupMap := make(map[string]*portGroup)
+ var groupKeyList []string
+
for _, v := range ports {
+
hostIP := v.HostIP
if hostIP == "" {
hostIP = "0.0.0.0"
}
- portDisplay = append(portDisplay, fmt.Sprintf("%s:%d->%d/%s", hostIP, v.HostPort, v.ContainerPort, v.Protocol))
+ // if hostPort and containerPort are not same, consider as individual port.
+ if v.ContainerPort != v.HostPort {
+ portDisplay = append(portDisplay, fmt.Sprintf("%s:%d->%d/%s", hostIP, v.HostPort, v.ContainerPort, v.Protocol))
+ continue
+ }
+
+ portMapKey := fmt.Sprintf("%s/%s", hostIP, v.Protocol)
+
+ portgroup, ok := portGroupMap[portMapKey]
+ if !ok {
+ portGroupMap[portMapKey] = &portGroup{first: v.ContainerPort, last: v.ContainerPort}
+ // this list is required to travese portGroupMap
+ groupKeyList = append(groupKeyList, portMapKey)
+ continue
+ }
+
+ if portgroup.last == (v.ContainerPort - 1) {
+ portgroup.last = v.ContainerPort
+ continue
+ }
+ }
+ // for each portMapKey, format group list and appned to output string
+ for _, portKey := range groupKeyList {
+ group := portGroupMap[portKey]
+ portDisplay = append(portDisplay, formatGroup(portKey, group.first, group.last))
}
return strings.Join(portDisplay, ", ")
}
diff --git a/contrib/cirrus/lib.sh b/contrib/cirrus/lib.sh
index 9419dad05..773f4f484 100644
--- a/contrib/cirrus/lib.sh
+++ b/contrib/cirrus/lib.sh
@@ -103,6 +103,15 @@ clean_env() {
unset -v UNSET_ENV_VARS $UNSET_ENV_VARS || true # don't fail on read-only
}
+die() {
+ req_env_var "
+ 1 $1
+ 2 $2
+ "
+ echo "$2"
+ exit $1
+}
+
# Return a GCE image-name compatible string representation of distribution name
os_release_id() {
eval "$(egrep -m 1 '^ID=' /etc/os-release | tr -d \' | tr -d \")"
@@ -136,14 +145,14 @@ stub() {
ircmsg() {
req_env_var "
CIRRUS_TASK_ID $CIRRUS_TASK_ID
- 1 $1
+ @ $@
"
# Sometimes setup_environment.sh didn't run
SCRIPT="$(dirname $0)/podbot.py"
NICK="podbot_$CIRRUS_TASK_ID"
NICK="${NICK:0:15}" # Any longer will break things
set +e
- $SCRIPT $NICK $1
+ $SCRIPT $NICK $@
echo "Ignoring exit($?)"
set -e
}
diff --git a/contrib/cirrus/notice_master_failure.sh b/contrib/cirrus/notice_master_failure.sh
new file mode 100755
index 000000000..e18460a54
--- /dev/null
+++ b/contrib/cirrus/notice_master_failure.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+
+set -e
+
+source $(dirname $0)/lib.sh
+
+# mIRC "escape" codes are the most standard, for a non-standard client-side interpretation.
+ETX="$(echo -n -e '\x03')"
+RED="${ETX}4"
+NOR="$(echo -n -e '\x0f')"
+
+if [[ "$CIRRUS_BRANCH" =~ "master" ]]
+then
+ BURL="https://cirrus-ci.com/build/$CIRRUS_BUILD_ID"
+ echo "Monitoring execution of $CIRRUS_TASK_NAME and notifying on failure"
+ MSG="${RED}[Action Recommended]: ${NOR}Post-merge testing ${RED}$CIRRUS_BRANCH failed${NOR} in $CIRRUS_TASK_NAME on $(os_release_id)-$(os_release_ver): $BURL. Please investigate, and re-run if appropriate."
+fi
+
+# This script assumed to be executed on failure
+die 1 "Testing Failed"
diff --git a/docs/podman-load.1.md b/docs/podman-load.1.md
index 8b6501a5c..5363f3f1e 100644
--- a/docs/podman-load.1.md
+++ b/docs/podman-load.1.md
@@ -4,7 +4,7 @@
podman\-load - Load an image from docker archive
## SYNOPSIS
-**podman load** *name*[:*tag*|@*digest*]
+**podman load** [ARCHIVE]
## DESCRIPTION
**podman load** copies an image from either **docker-archive** or **oci-archive** stored
diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md
index fe98e43ca..cf385717e 100644
--- a/docs/podman-run.1.md
+++ b/docs/podman-run.1.md
@@ -1129,6 +1129,15 @@ KillMode=process
WantedBy=multi-user.target
```
+### Configuring Storage Options from the command line
+
+Podman allows for the configuration of storage by changing the values
+in the /etc/container/storage.conf or by using global options. This
+shows how to setup and use fuse-overlayfs for a one time run of busybox
+using global options.
+
+podman --log-level=debug --storage-driver overlay --storage-opt "overlay.mount_program=/usr/bin/fuse-overlayfs" run busybox /bin/sh
+
### Rootless Containers
Podman runs as a non root user on most systems. This feature requires that a new enough version of shadow-utils
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 872802016..ac2d65342 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -1429,5 +1429,9 @@ func (c *Container) copyWithTarFromImage(src, dest string) error {
}
a := archive.NewDefaultArchiver()
source := filepath.Join(mountpoint, src)
+
+ if err = c.copyOwnerAndPerms(source, dest); err != nil {
+ return err
+ }
return a.CopyWithTar(source, dest)
}
diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index a7b4aed9f..2a7808bdf 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -982,3 +982,20 @@ func (c *Container) generatePasswd() (string, error) {
}
return passwdFile, nil
}
+
+func (c *Container) copyOwnerAndPerms(source, dest string) error {
+ info, err := os.Stat(source)
+ if err != nil {
+ if os.IsNotExist(err) {
+ return nil
+ }
+ return errors.Wrapf(err, "cannot stat `%s`", dest)
+ }
+ if err := os.Chmod(dest, info.Mode()); err != nil {
+ return errors.Wrapf(err, "cannot chmod `%s`", dest)
+ }
+ if err := os.Chown(dest, int(info.Sys().(*syscall.Stat_t).Uid), int(info.Sys().(*syscall.Stat_t).Gid)); err != nil {
+ return errors.Wrapf(err, "cannot chown `%s`", dest)
+ }
+ return nil
+}
diff --git a/libpod/container_internal_unsupported.go b/libpod/container_internal_unsupported.go
index 4af0cd56c..f707b350c 100644
--- a/libpod/container_internal_unsupported.go
+++ b/libpod/container_internal_unsupported.go
@@ -35,3 +35,7 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO
func (c *Container) restore(ctx context.Context, options ContainerCheckpointOptions) error {
return ErrNotImplemented
}
+
+func (c *Container) copyOwnerAndPerms(source, dest string) error {
+ return nil
+}
diff --git a/libpod/oci.go b/libpod/oci.go
index 30360d289..69cff6d3c 100644
--- a/libpod/oci.go
+++ b/libpod/oci.go
@@ -183,6 +183,7 @@ func waitPidsStop(pids []int, timeout time.Duration) error {
func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) {
var files []*os.File
+ notifySCTP := false
for _, i := range ports {
switch i.Protocol {
case "udp":
@@ -218,6 +219,12 @@ func bindPorts(ports []ocicni.PortMapping) ([]*os.File, error) {
}
files = append(files, f)
break
+ case "sctp":
+ if !notifySCTP {
+ notifySCTP = true
+ logrus.Warnf("port reservation for SCTP is not supported")
+ }
+ break
default:
return nil, fmt.Errorf("unknown protocol %s", i.Protocol)
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index c6f119913..3b74a65dd 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -171,7 +171,7 @@ func (r *Runtime) newContainer(ctx context.Context, rSpec *spec.Spec, options ..
}()
if rootless.IsRootless() && ctr.config.ConmonPidFile == "" {
- ctr.config.ConmonPidFile = filepath.Join(ctr.state.RunDir, "conmon.pid")
+ ctr.config.ConmonPidFile = filepath.Join(ctr.config.StaticDir, "conmon.pid")
}
// Go through the volume mounts and check for named volumes
diff --git a/test/e2e/ps_test.go b/test/e2e/ps_test.go
index 58697acde..92ca538f0 100644
--- a/test/e2e/ps_test.go
+++ b/test/e2e/ps_test.go
@@ -303,4 +303,18 @@ var _ = Describe("Podman ps", func() {
Expect(session.OutputToString()).To(ContainSubstring(podid))
})
+
+ It("podman ps test with port range", func() {
+ session := podmanTest.RunTopContainer("")
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ session = podmanTest.Podman([]string{"run", "-dt", "-p", "1000-1006:1000-1006", ALPINE, "top"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.ExitCode()).To(Equal(0))
+
+ session = podmanTest.Podman([]string{"ps", "--format", "{{.Ports}}"})
+ session.WaitWithDefaultTimeout()
+ Expect(session.OutputToString()).To(ContainSubstring("0.0.0.0:1000-1006"))
+ })
})