diff options
| -rw-r--r-- | docs/tutorials/podman-go-bindings.md | 12 | ||||
| -rw-r--r-- | docs/tutorials/remote_client.md | 4 | ||||
| -rw-r--r-- | pkg/api/handlers/compat/resize.go | 15 | ||||
| -rw-r--r-- | pkg/api/server/register_containers.go | 2 | ||||
| -rw-r--r-- | pkg/bindings/containers/attach.go | 54 | ||||
| -rw-r--r-- | test/apiv2/python/rest_api/fixtures/api_testcase.py | 2 | ||||
| -rw-r--r-- | test/apiv2/python/rest_api/test_v2_0_0_container.py | 4 | ||||
| -rw-r--r-- | test/system/450-interactive.bats | 3 | ||||
| -rw-r--r-- | troubleshooting.md | 29 |
9 files changed, 79 insertions, 46 deletions
diff --git a/docs/tutorials/podman-go-bindings.md b/docs/tutorials/podman-go-bindings.md index a952f2dc0..2bbf4e5de 100644 --- a/docs/tutorials/podman-go-bindings.md +++ b/docs/tutorials/podman-go-bindings.md @@ -174,7 +174,7 @@ This binding takes three arguments: ```Go // Pull Busybox image (Sample 1) fmt.Println("Pulling Busybox image...") - _, err = images.Pull(connText, "docker.io/busybox", entities.ImagePullOptions{}) + _, err = images.Pull(connText, "docker.io/busybox", &images.PullOptions{}) if err != nil { fmt.Println(err) os.Exit(1) @@ -183,7 +183,7 @@ This binding takes three arguments: // Pull Fedora image (Sample 2) rawImage := "registry.fedoraproject.org/fedora:latest" fmt.Println("Pulling Fedora image...") - _, err = images.Pull(connText, rawImage, entities.ImagePullOptions{}) + _, err = images.Pull(connText, rawImage, &images.PullOptions{}) if err != nil { fmt.Println(err) os.Exit(1) @@ -229,7 +229,7 @@ This binding takes three arguments: ```Go // List images - imageSummary, err := images.List(connText, nil, nil) + imageSummary, err := images.List(connText, &images.ListOptions{}) if err != nil { fmt.Println(err) os.Exit(1) @@ -287,7 +287,7 @@ containers.Wait() takes three arguments: // Container create s := specgen.NewSpecGenerator(rawImage, false) s.Terminal = true - r, err := containers.CreateWithSpec(connText, s) + r, err := containers.CreateWithSpec(connText, s, nil) if err != nil { fmt.Println(err) os.Exit(1) @@ -302,7 +302,7 @@ containers.Wait() takes three arguments: } running := define.ContainerStateRunning - _, err = containers.Wait(connText, r.ID, &running) + _, err = containers.Wait(connText, r.ID, &containers.WaitOptions{Condition: []define.ContainerStatus{running}}) if err != nil { fmt.Println(err) os.Exit(1) @@ -346,7 +346,7 @@ containers.List() takes seven arguments: ```Go // Container list var latestContainers = 1 - containerLatestList, err := containers.List(connText, nil, nil, &latestContainers, nil, nil, nil) + containerLatestList, err := containers.List(connText, &containers.ListOptions{Last: &latestContainers}) if err != nil { fmt.Println(err) os.Exit(1) diff --git a/docs/tutorials/remote_client.md b/docs/tutorials/remote_client.md index e39d804a6..889947397 100644 --- a/docs/tutorials/remote_client.md +++ b/docs/tutorials/remote_client.md @@ -108,5 +108,9 @@ podman-remote system connection --help You can use the Podman remote clients to manage your containers running on a Linux server. The communication between client and server relies heavily on SSH connections and the use of SSH keys are encouraged. Once you have Podman installed on your remote client, you should set up a connection using `podman-remote system connection add` which will then be used by subsequent Podman commands. +# Troubleshooting + +See the [Troubleshooting](../../troubleshooting.md) document if you run into issues. + ## History Adapted from the [Mac and Windows tutorial](https://github.com/containers/podman/blob/master/docs/tutorials/mac_win_client.md) diff --git a/pkg/api/handlers/compat/resize.go b/pkg/api/handlers/compat/resize.go index 23ed33a22..f65e313fc 100644 --- a/pkg/api/handlers/compat/resize.go +++ b/pkg/api/handlers/compat/resize.go @@ -46,20 +46,13 @@ func ResizeTTY(w http.ResponseWriter, r *http.Request) { utils.ContainerNotFound(w, name, err) return } - if state, err := ctnr.State(); err != nil { - utils.InternalServerError(w, errors.Wrapf(err, "cannot obtain container state")) - return - } else if state != define.ContainerStateRunning && !query.IgnoreNotRunning { - utils.Error(w, "Container not running", http.StatusConflict, - fmt.Errorf("container %q in wrong state %q", name, state.String())) - return - } - // If container is not running, ignore since this can be a race condition, and is expected if err := ctnr.AttachResize(sz); err != nil { - if errors.Cause(err) != define.ErrCtrStateInvalid || !query.IgnoreNotRunning { + if errors.Cause(err) != define.ErrCtrStateInvalid { utils.InternalServerError(w, errors.Wrapf(err, "cannot resize container")) - return + } else { + utils.Error(w, "Container not running", http.StatusConflict, err) } + return } // This is not a 204, even though we write nothing, for compatibility // reasons. diff --git a/pkg/api/server/register_containers.go b/pkg/api/server/register_containers.go index aa999905e..88ebb4df5 100644 --- a/pkg/api/server/register_containers.go +++ b/pkg/api/server/register_containers.go @@ -1364,6 +1364,8 @@ func (s *APIServer) registerContainersHandlers(r *mux.Router) error { // $ref: "#/responses/ok" // 404: // $ref: "#/responses/NoSuchContainer" + // 409: + // $ref: "#/responses/ConflictError" // 500: // $ref: "#/responses/InternalError" r.HandleFunc(VersionedPath("/libpod/containers/{name}/resize"), s.APIHandler(compat.ResizeTTY)).Methods(http.MethodPost) diff --git a/pkg/bindings/containers/attach.go b/pkg/bindings/containers/attach.go index fd8a7011d..adef1e7c8 100644 --- a/pkg/bindings/containers/attach.go +++ b/pkg/bindings/containers/attach.go @@ -138,7 +138,7 @@ func Attach(ctx context.Context, nameOrID string, stdin io.Reader, stdout io.Wri winCtx, winCancel := context.WithCancel(ctx) defer winCancel() - go attachHandleResize(ctx, winCtx, winChange, false, nameOrID, file) + attachHandleResize(ctx, winCtx, winChange, false, nameOrID, file) } // If we are attaching around a start, we need to "signal" @@ -327,32 +327,38 @@ func (f *rawFormatter) Format(entry *logrus.Entry) ([]byte, error) { return append(buffer, '\r'), nil } -// This is intended to be run as a goroutine, handling resizing for a container -// or exec session. +// This is intended to not be run as a goroutine, handling resizing for a container +// or exec session. It will call resize once and then starts a goroutine which calls resize on winChange func attachHandleResize(ctx, winCtx context.Context, winChange chan os.Signal, isExec bool, id string, file *os.File) { - // Prime the pump, we need one reset to ensure everything is ready - winChange <- sig.SIGWINCH - for { - select { - case <-winCtx.Done(): - return - case <-winChange: - w, h, err := terminal.GetSize(int(file.Fd())) - if err != nil { - logrus.Warnf("failed to obtain TTY size: %v", err) - } + resize := func() { + w, h, err := terminal.GetSize(int(file.Fd())) + if err != nil { + logrus.Warnf("failed to obtain TTY size: %v", err) + } - var resizeErr error - if isExec { - resizeErr = ResizeExecTTY(ctx, id, new(ResizeExecTTYOptions).WithHeight(h).WithWidth(w)) - } else { - resizeErr = ResizeContainerTTY(ctx, id, new(ResizeTTYOptions).WithHeight(h).WithWidth(w)) - } - if resizeErr != nil { - logrus.Warnf("failed to resize TTY: %v", resizeErr) - } + var resizeErr error + if isExec { + resizeErr = ResizeExecTTY(ctx, id, new(ResizeExecTTYOptions).WithHeight(h).WithWidth(w)) + } else { + resizeErr = ResizeContainerTTY(ctx, id, new(ResizeTTYOptions).WithHeight(h).WithWidth(w)) + } + if resizeErr != nil { + logrus.Warnf("failed to resize TTY: %v", resizeErr) } } + + resize() + + go func() { + for { + select { + case <-winCtx.Done(): + return + case <-winChange: + resize() + } + } + }() } // Configure the given terminal for raw mode @@ -457,7 +463,7 @@ func ExecStartAndAttach(ctx context.Context, sessionID string, options *ExecStar winCtx, winCancel := context.WithCancel(ctx) defer winCancel() - go attachHandleResize(ctx, winCtx, winChange, true, sessionID, terminalFile) + attachHandleResize(ctx, winCtx, winChange, true, sessionID, terminalFile) } if options.GetAttachInput() { diff --git a/test/apiv2/python/rest_api/fixtures/api_testcase.py b/test/apiv2/python/rest_api/fixtures/api_testcase.py index 8b771774b..155e93928 100644 --- a/test/apiv2/python/rest_api/fixtures/api_testcase.py +++ b/test/apiv2/python/rest_api/fixtures/api_testcase.py @@ -49,7 +49,7 @@ class APITestCase(unittest.TestCase): def setUp(self): super().setUp() - APITestCase.podman.run("run", "alpine", "/bin/ls", check=True) + APITestCase.podman.run("run", "-d", "alpine", "top", check=True) def tearDown(self) -> None: APITestCase.podman.run("pod", "rm", "--all", "--force", check=True) diff --git a/test/apiv2/python/rest_api/test_v2_0_0_container.py b/test/apiv2/python/rest_api/test_v2_0_0_container.py index f67013117..b4b3af2df 100644 --- a/test/apiv2/python/rest_api/test_v2_0_0_container.py +++ b/test/apiv2/python/rest_api/test_v2_0_0_container.py @@ -12,7 +12,7 @@ class ContainerTestCase(APITestCase): r = requests.get(self.uri("/containers/json"), timeout=5) self.assertEqual(r.status_code, 200, r.text) obj = r.json() - self.assertEqual(len(obj), 0) + self.assertEqual(len(obj), 1) def test_list_all(self): r = requests.get(self.uri("/containers/json?all=true")) @@ -36,7 +36,7 @@ class ContainerTestCase(APITestCase): self.assertId(r.content) def test_delete(self): - r = requests.delete(self.uri(self.resolve_container("/containers/{}"))) + r = requests.delete(self.uri(self.resolve_container("/containers/{}?force=true"))) self.assertEqual(r.status_code, 204, r.text) def test_stop(self): diff --git a/test/system/450-interactive.bats b/test/system/450-interactive.bats index a9bf52ee8..a2db39492 100644 --- a/test/system/450-interactive.bats +++ b/test/system/450-interactive.bats @@ -56,8 +56,7 @@ function teardown() { stty rows $rows cols $cols <$PODMAN_TEST_PTY # ...and make sure stty under podman reads that. - # FIXME: 'sleep 1' is needed for podman-remote; without it, there's - run_podman run -it --name mystty $IMAGE sh -c 'sleep 1;stty size' <$PODMAN_TEST_PTY + run_podman run -it --name mystty $IMAGE stty size <$PODMAN_TEST_PTY is "$output" "$rows $cols" "stty under podman reads the correct dimensions" } diff --git a/troubleshooting.md b/troubleshooting.md index e320f20e7..ab9fffeb3 100644 --- a/troubleshooting.md +++ b/troubleshooting.md @@ -697,3 +697,32 @@ limits. This can happen when running a container from an image for another architecture than the one you are running on. For example, if a remote repository only has, and thus send you, a `linux/arm64` _OS/ARCH_ but you run on `linux/amd64` (as happened in https://github.com/openMF/community-app/issues/3323 due to https://github.com/timbru31/docker-ruby-node/issues/564). + +### 27) `Error: failed to create sshClient: Connection to bastion host (ssh://user@host:22/run/user/.../podman/podman.sock) failed.: ssh: handshake failed: ssh: unable to authenticate, attempted methods [none publickey], no supported methods remain` + +In some situations where the client is not on the same machine as where the podman daemon is running the client key could be using a cipher not supported by the host. This indicates an issue with one's SSH config. Until remedied using podman over ssh +with a pre-shared key will be impossible. + +#### Symptom + +The accepted ciphers per `/etc/crypto-policies/back-ends/openssh.config` are not one that was used to create the public/private key pair that was transferred over to the host for ssh authentication. + +You can confirm this is the case by attempting to connect to the host via `podman-remote info` from the client and simultaneously on the host running `journalctl -f` and watching for the error `userauth_pubkey: key type ssh-rsa not in PubkeyAcceptedAlgorithms [preauth]`. + +#### Solution + +Create a new key using a supported algorithm e.g. ecdsa: + +`ssh-keygen -t ecdsa -f ~/.ssh/podman` + +Then copy the new id over: + +`ssh-copy-id -i ~/.ssh/podman.pub user@host` + +And then re-add the connection (removing the old one if necessary): + +`podman-remote system connection add myuser --identity ~/.ssh/podman ssh://user@host/run/user/1000/podman/podman.sock` + +And now this should work: + +`podman-remote info` |