diff options
| -rw-r--r-- | cmd/podman/shared/create.go | 4 | ||||
| -rw-r--r-- | cmd/podman/shared/create_cli.go | 14 | ||||
| -rw-r--r-- | libpod/container.go | 4 | ||||
| -rw-r--r-- | libpod/container_inspect.go | 5 | ||||
| -rw-r--r-- | libpod/options.go | 12 | ||||
| -rw-r--r-- | libpod/runtime_ctr.go | 2 | ||||
| -rw-r--r-- | libpod/runtime_pod_linux.go | 30 | ||||
| -rw-r--r-- | test/e2e/inspect_test.go | 12 |
8 files changed, 66 insertions, 17 deletions
diff --git a/cmd/podman/shared/create.go b/cmd/podman/shared/create.go index bb4e9cd12..c1c5db7cb 100644 --- a/cmd/podman/shared/create.go +++ b/cmd/podman/shared/create.go @@ -804,6 +804,10 @@ func CreateContainerFromCreateConfig(r *libpod.Runtime, createConfig *cc.CreateC return nil, err } + // Set the CreateCommand explicitly. Some (future) consumers of libpod + // might not want to set it. + options = append(options, libpod.WithCreateCommand()) + ctr, err := r.NewContainer(ctx, runtimeSpec, options...) if err != nil { return nil, err diff --git a/cmd/podman/shared/create_cli.go b/cmd/podman/shared/create_cli.go index 08a40b206..00b83906d 100644 --- a/cmd/podman/shared/create_cli.go +++ b/cmd/podman/shared/create_cli.go @@ -12,11 +12,6 @@ import ( "github.com/sirupsen/logrus" ) -const ( - // It's not kernel limit, we want this 4M limit to supply a reasonable functional container - linuxMinMemory = 4194304 -) - // GetAllLabels ... func GetAllLabels(labelFile, inputLabels []string) (map[string]string, error) { labels := make(map[string]string) @@ -86,9 +81,6 @@ func verifyContainerResources(config *cc.CreateConfig, update bool) ([]string, e sysInfo := sysinfo.New(true) // memory subsystem checks and adjustments - if config.Resources.Memory != 0 && config.Resources.Memory < linuxMinMemory { - return warnings, fmt.Errorf("minimum memory limit allowed is 4MB") - } if config.Resources.Memory > 0 && !sysInfo.MemoryLimit { warnings = addWarning(warnings, "Your kernel does not support memory limit capabilities or the cgroup is not mounted. Limitation discarded.") config.Resources.Memory = 0 @@ -120,9 +112,6 @@ func verifyContainerResources(config *cc.CreateConfig, update bool) ([]string, e warnings = addWarning(warnings, "Your kernel does not support memory soft limit capabilities or the cgroup is not mounted. Limitation discarded.") config.Resources.MemoryReservation = 0 } - if config.Resources.MemoryReservation > 0 && config.Resources.MemoryReservation < linuxMinMemory { - return warnings, fmt.Errorf("minimum memory reservation allowed is 4MB") - } if config.Resources.Memory > 0 && config.Resources.MemoryReservation > 0 && config.Resources.Memory < config.Resources.MemoryReservation { return warnings, fmt.Errorf("minimum memory limit cannot be less than memory reservation limit, see usage") } @@ -130,9 +119,6 @@ func verifyContainerResources(config *cc.CreateConfig, update bool) ([]string, e warnings = addWarning(warnings, "Your kernel does not support kernel memory limit capabilities or the cgroup is not mounted. Limitation discarded.") config.Resources.KernelMemory = 0 } - if config.Resources.KernelMemory > 0 && config.Resources.KernelMemory < linuxMinMemory { - return warnings, fmt.Errorf("minimum kernel memory limit allowed is 4MB") - } if config.Resources.DisableOomKiller && !sysInfo.OomKillDisable { // only produce warnings if the setting wasn't to *disable* the OOM Kill; no point // warning the caller if they already wanted the feature to be off diff --git a/libpod/container.go b/libpod/container.go index dcec3ee50..2693190b5 100644 --- a/libpod/container.go +++ b/libpod/container.go @@ -232,6 +232,10 @@ type ContainerConfig struct { // ID of this container's lock LockID uint32 `json:"lockID"` + // CreateCommand is the full command plus arguments of the process the + // container has been created with. + CreateCommand []string `json:"CreateCommand,omitempty"` + // TODO consider breaking these subsections up into smaller structs // UID/GID mappings used by the storage diff --git a/libpod/container_inspect.go b/libpod/container_inspect.go index 66aca23ed..22afc61cc 100644 --- a/libpod/container_inspect.go +++ b/libpod/container_inspect.go @@ -174,6 +174,9 @@ type InspectContainerConfig struct { StopSignal uint `json:"StopSignal"` // Configured healthcheck for the container Healthcheck *manifest.Schema2HealthConfig `json:"Healthcheck,omitempty"` + // CreateCommand is the full command plus arguments of the process the + // container has been created with. + CreateCommand []string `json:"CreateCommand,omitempty"` } // InspectContainerHostConfig holds information used when the container was @@ -947,6 +950,8 @@ func (c *Container) generateInspectContainerConfig(spec *spec.Spec) (*InspectCon // leak. ctrConfig.Healthcheck = c.config.HealthCheckConfig + ctrConfig.CreateCommand = c.config.CreateCommand + return ctrConfig, nil } diff --git a/libpod/options.go b/libpod/options.go index a9b775dc3..ebde4eecc 100644 --- a/libpod/options.go +++ b/libpod/options.go @@ -1413,6 +1413,18 @@ func WithHealthCheck(healthCheck *manifest.Schema2HealthConfig) CtrCreateOption } } +// WithCreateCommand adds the full command plus arguments of the current +// process to the container config. +func WithCreateCommand() CtrCreateOption { + return func(ctr *Container) error { + if ctr.valid { + return define.ErrCtrFinalized + } + ctr.config.CreateCommand = os.Args + return nil + } +} + // Volume Creation Options // WithVolumeName sets the name of the volume. diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go index 6a10849ab..3cf70f417 100644 --- a/libpod/runtime_ctr.go +++ b/libpod/runtime_ctr.go @@ -573,7 +573,7 @@ func (r *Runtime) removeContainer(ctx context.Context, c *Container, force bool, if !volume.IsCtrSpecific() { continue } - if err := runtime.removeVolume(ctx, volume, false); err != nil && err != define.ErrNoSuchVolume && err != define.ErrVolumeBeingUsed { + if err := runtime.removeVolume(ctx, volume, false); err != nil && errors.Cause(err) != define.ErrNoSuchVolume { logrus.Errorf("cleanup volume (%s): %v", v, err) } } diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 704aaf9d0..563d9728a 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -225,11 +225,20 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) } } + ctrNamedVolumes := make(map[string]*ContainerNamedVolume) + // Second loop - all containers are good, so we should be clear to // remove. for _, ctr := range ctrs { - // Remove the container - if err := r.removeContainer(ctx, ctr, force, true, true); err != nil { + // Remove the container. + // Do NOT remove named volumes. Instead, we're going to build a + // list of them to be removed at the end, once the containers + // have been removed by RemovePodContainers. + for _, vol := range ctr.config.NamedVolumes { + ctrNamedVolumes[vol.Name] = vol + } + + if err := r.removeContainer(ctx, ctr, force, false, true); err != nil { if removalErr != nil { removalErr = err } else { @@ -246,6 +255,23 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) return err } + for volName := range ctrNamedVolumes { + volume, err := r.state.Volume(volName) + if err != nil && errors.Cause(err) != define.ErrNoSuchVolume { + logrus.Errorf("Error retrieving volume %s: %v", volName, err) + continue + } + if !volume.IsCtrSpecific() { + continue + } + if err := r.removeVolume(ctx, volume, false); err != nil { + if errors.Cause(err) == define.ErrNoSuchVolume || errors.Cause(err) == define.ErrVolumeRemoved { + continue + } + logrus.Errorf("Error removing volume %s: %v", volName, err) + } + } + // Remove pod cgroup, if present if p.state.CgroupPath != "" { logrus.Debugf("Removing pod cgroup %s", p.state.CgroupPath) diff --git a/test/e2e/inspect_test.go b/test/e2e/inspect_test.go index 7d029c52f..2d81ef0d8 100644 --- a/test/e2e/inspect_test.go +++ b/test/e2e/inspect_test.go @@ -117,6 +117,18 @@ var _ = Describe("Podman inspect", func() { Expect(len(result.OutputToStringArray())).To(Equal(1)) }) + It("podman inspect container and filter for CreateCommand", func() { + SkipIfRemote() + ls, ec, _ := podmanTest.RunLsContainer("") + Expect(ec).To(Equal(0)) + cid := ls.OutputToString() + + result := podmanTest.Podman([]string{"inspect", "--format={{.Config.CreateCommand}}", cid}) + result.WaitWithDefaultTimeout() + Expect(result.ExitCode()).To(Equal(0)) + Expect(len(result.OutputToStringArray())).To(Equal(1)) + }) + It("podman inspect -l with additional input should fail", func() { SkipIfRemote() result := podmanTest.Podman([]string{"inspect", "-l", "1234foobar"}) |