diff options
-rw-r--r-- | cmd/podman/networks/prune.go | 15 | ||||
-rw-r--r-- | cmd/podman/utils/utils.go | 8 | ||||
-rw-r--r-- | docs/source/markdown/podman-create.1.md | 9 | ||||
-rw-r--r-- | docs/source/markdown/podman-info.1.md | 72 | ||||
-rw-r--r-- | docs/source/markdown/podman-run.1.md | 16 | ||||
-rw-r--r-- | pkg/domain/entities/network.go | 3 | ||||
-rw-r--r-- | pkg/domain/entities/system.go | 2 | ||||
-rw-r--r-- | pkg/domain/infra/abi/system.go | 29 | ||||
-rw-r--r-- | pkg/domain/infra/tunnel/network.go | 2 | ||||
-rw-r--r-- | test/e2e/prune_test.go | 5 |
10 files changed, 101 insertions, 60 deletions
diff --git a/cmd/podman/networks/prune.go b/cmd/podman/networks/prune.go index fa621ebac..ee5389aa7 100644 --- a/cmd/podman/networks/prune.go +++ b/cmd/podman/networks/prune.go @@ -52,10 +52,7 @@ func init() { } func networkPrune(cmd *cobra.Command, _ []string) error { - var ( - errs utils.OutputErrors - err error - ) + var err error if !force { reader := bufio.NewReader(os.Stdin) fmt.Println("WARNING! This will remove all networks not used by at least one container.") @@ -77,13 +74,5 @@ func networkPrune(cmd *cobra.Command, _ []string) error { setExitCode(err) return err } - for _, r := range responses { - if r.Error == nil { - fmt.Println(r.Name) - } else { - setExitCode(r.Error) - errs = append(errs, r.Error) - } - } - return errs.PrintErrors() + return utils.PrintNetworkPruneResults(responses, false) } diff --git a/cmd/podman/utils/utils.go b/cmd/podman/utils/utils.go index 2ae123388..a265faf51 100644 --- a/cmd/podman/utils/utils.go +++ b/cmd/podman/utils/utils.go @@ -85,16 +85,16 @@ func PrintImagePruneResults(imagePruneReports []*reports.PruneReport, heading bo return nil } -func PrintNetworkPruneResults(networkPruneReport []*reports.PruneReport, heading bool) error { +func PrintNetworkPruneResults(networkPruneReport []*entities.NetworkPruneReport, heading bool) error { var errs OutputErrors if heading && len(networkPruneReport) > 0 { fmt.Println("Deleted Networks") } for _, r := range networkPruneReport { - if r.Err == nil { - fmt.Println(r.Id) + if r.Error == nil { + fmt.Println(r.Name) } else { - errs = append(errs, r.Err) + errs = append(errs, r.Error) } } return errs.PrintErrors() diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index de73071c9..09c7d99c1 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -368,9 +368,10 @@ on the host system. #### **--gidmap**=*container_gid:host_gid:amount* -GID map for the user namespace. Using this flag will run the container with user namespace enabled. It conflicts with the `--userns` and `--subgidname` flags. - -The following example maps uids 0-2000 in the container to the uids 30000-31999 on the host and gids 0-2000 in the container to the gids 30000-31999 on the host. `--gidmap=0:30000:2000` +Run the container in a new user namespace using the supplied GID mapping. This +option conflicts with the **--userns** and **--subgidname** options. This +option provides a way to map host GIDs to container GIDs in the same way as +__--uidmap__ maps host UIDs to container UIDs. For details see __--uidmap__. Note: the **--gidmap** flag cannot be called in conjunction with the **--pod** flag as a gidmap cannot be set on the container level when in a pod. @@ -1120,7 +1121,7 @@ Remote connections use local containers.conf for defaults #### **--uidmap**=*container_uid*:*from_uid*:*amount* -Run the container in a new user namespace using the supplied mapping. This +Run the container in a new user namespace using the supplied UID mapping. This option conflicts with the **--userns** and **--subuidname** options. This option provides a way to map host UIDs to container UIDs. It can be passed several times to map different ranges. diff --git a/docs/source/markdown/podman-info.1.md b/docs/source/markdown/podman-info.1.md index fc2d0fa60..28e4f3291 100644 --- a/docs/source/markdown/podman-info.1.md +++ b/docs/source/markdown/podman-info.1.md @@ -24,9 +24,10 @@ Show additional information Change output format to "json" or a Go template. -## EXAMPLE +## EXAMPLES + +Run `podman info` for a YAML formatted response: -Run podman info with plain text response: ``` $ podman info host: @@ -149,7 +150,9 @@ version: OsArch: linux/amd64 Version: 4.0.0 ``` -Run podman info with JSON formatted response: + +Run `podman info --format json` for a JSON formatted response: + ``` $ podman info --format json { @@ -289,11 +292,68 @@ $ podman info --format json } } ``` -Run podman info and only get the registries information. + +#### Extracting the list of container registries with a Go template + +If shell completion is enabled, type `podman info --format={{.` and then press `[TAB]` twice. + +``` +$ podman info --format={{. +{{.Host. {{.Plugins. {{.Registries}} {{.Store. {{.Version. +``` + +Press `R` `[TAB]` `[ENTER]` to print the registries information. + +``` +$ podman info -f {{.Registries}} +map[search:[registry.fedoraproject.org registry.access.redhat.com docker.io quay.io]] +$ +``` + +The output still contains a map and an array. The map value can be extracted with + +``` +$ podman info -f '{{index .Registries "search"}}' +[registry.fedoraproject.org registry.access.redhat.com docker.io quay.io] +``` + +The array can be printed as one entry per line + +``` +$ podman info -f '{{range index .Registries "search"}}{{.}}\n{{end}}' +registry.fedoraproject.org +registry.access.redhat.com +docker.io +quay.io + ``` -$ podman info --format={{".Registries"}} -map[registries:[docker.io quay.io registry.fedoraproject.org registry.access.redhat.com]] + +#### Extracting the list of container registries from JSON with jq + +The command-line JSON processor [__jq__](https://stedolan.github.io/jq/) can be used to extract the list +of container registries. + ``` +$ podman info -f json | jq '.registries["search"]' +[ + "registry.fedoraproject.org", + "registry.access.redhat.com", + "docker.io", + "quay.io" +] +``` + +The array can be printed as one entry per line + +``` +$ podman info -f json | jq -r '.registries["search"] | .[]' +registry.fedoraproject.org +registry.access.redhat.com +docker.io +quay.io +``` + +Note, the Go template struct fields start with upper case. When running `podman info` or `podman info --format=json`, the same names start with lower case. ## SEE ALSO **[podman(1)](podman.1.md)**, **[containers-registries.conf(5)](https://github.com/containers/image/blob/main/docs/containers-registries.conf.5.md)**, **[containers-storage.conf(5)](https://github.com/containers/storage/blob/main/docs/containers-storage.conf.5.md)** diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index 84e93efbe..e628a806a 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -404,16 +404,10 @@ on the host system. #### **--gidmap**=*container_gid*:*host_gid*:*amount* -Run the container in a new user namespace using the supplied mapping. This option conflicts with the **--userns** and **--subgidname** flags. -This option can be passed several times to map different ranges. If calling **podman run** as an unprivileged user, the user needs to have the right to use the mapping. See **subuid**(5). -The example maps gids **0-1999** in the container to the gids **30000-31999** on the host: **--gidmap=0:30000:2000**. - -**Important note:** The new user namespace mapping based on **--gidmap** is based on the initial mapping made in the _/etc/subgid_ file. -Assuming there is a _/etc/subgid_ mapping **groupname:100000:65536**, then **groupname** is initially mapped to a namespace starting with -gid **100000** for **65536** ids. From here the **--gidmap** mapping to the new namespace starts from **0** again, but is based on the initial mapping. -Meaning **groupname** is initially mapped to gid **100000** which is referenced as **0** in the following **--gidmap** mapping. In terms of the example -above: The group **groupname** is mapped to group **100000** of the initial namespace then the -**30000**st id of this namespace (which is gid 130000 in this namespace) is mapped to container namespace group id **0**. (groupname -> 100000 / 30000 -> 0) +Run the container in a new user namespace using the supplied GID mapping. This +option conflicts with the **--userns** and **--subgidname** options. This +option provides a way to map host GIDs to container GIDs in the same way as +__--uidmap__ maps host UIDs to container UIDs. For details see __--uidmap__. Note: the **--gidmap** flag cannot be called in conjunction with the **--pod** flag as a gidmap cannot be set on the container level when in a pod. @@ -1188,7 +1182,7 @@ Remote connections use local containers.conf for defaults #### **--uidmap**=*container_uid*:*from_uid*:*amount* -Run the container in a new user namespace using the supplied mapping. This +Run the container in a new user namespace using the supplied UID mapping. This option conflicts with the **--userns** and **--subuidname** options. This option provides a way to map host UIDs to container UIDs. It can be passed several times to map different ranges. diff --git a/pkg/domain/entities/network.go b/pkg/domain/entities/network.go index d375c2e20..9e59953c6 100644 --- a/pkg/domain/entities/network.go +++ b/pkg/domain/entities/network.go @@ -81,8 +81,7 @@ type NetworkPruneReport struct { Error error } -// NetworkPruneOptions describes options for pruning -// unused cni networks +// NetworkPruneOptions describes options for pruning unused networks type NetworkPruneOptions struct { Filters map[string][]string } diff --git a/pkg/domain/entities/system.go b/pkg/domain/entities/system.go index 331d2bcdc..8dd0a61be 100644 --- a/pkg/domain/entities/system.go +++ b/pkg/domain/entities/system.go @@ -28,7 +28,7 @@ type SystemPruneReport struct { PodPruneReport []*PodPruneReport ContainerPruneReports []*reports.PruneReport ImagePruneReports []*reports.PruneReport - NetworkPruneReports []*reports.PruneReport + NetworkPruneReports []*NetworkPruneReport VolumePruneReports []*reports.PruneReport ReclaimedSpace uint64 } diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go index 96690afef..0faae01c8 100644 --- a/pkg/domain/infra/abi/system.go +++ b/pkg/domain/infra/abi/system.go @@ -157,15 +157,15 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys // TODO: Figure out cleaner way to handle all of the different PruneOptions // Remove all unused pods. - podPruneReport, err := ic.prunePodHelper(ctx) + podPruneReports, err := ic.prunePodHelper(ctx) if err != nil { return nil, err } - if len(podPruneReport) > 0 { + if len(podPruneReports) > 0 { found = true } - systemPruneReport.PodPruneReport = append(systemPruneReport.PodPruneReport, podPruneReport...) + systemPruneReport.PodPruneReport = append(systemPruneReport.PodPruneReport, podPruneReports...) // Remove all unused containers. containerPruneOptions := entities.ContainerPruneOptions{} @@ -201,38 +201,35 @@ func (ic *ContainerEngine) SystemPrune(ctx context.Context, options entities.Sys networkPruneOptions := entities.NetworkPruneOptions{} networkPruneOptions.Filters = options.Filters - networkPruneReport, err := ic.NetworkPrune(ctx, networkPruneOptions) + networkPruneReports, err := ic.NetworkPrune(ctx, networkPruneOptions) if err != nil { return nil, err } - if len(networkPruneReport) > 0 { + if len(networkPruneReports) > 0 { found = true } - for _, net := range networkPruneReport { - systemPruneReport.NetworkPruneReports = append(systemPruneReport.NetworkPruneReports, &reports.PruneReport{ - Id: net.Name, - Err: net.Error, - Size: 0, - }) - } + + // Networks reclaimedSpace are always '0'. + systemPruneReport.NetworkPruneReports = append(systemPruneReport.NetworkPruneReports, networkPruneReports...) // Remove unused volume data. if options.Volume { volumePruneOptions := entities.VolumePruneOptions{} volumePruneOptions.Filters = (url.Values)(options.Filters) - volumePruneReport, err := ic.VolumePrune(ctx, volumePruneOptions) + volumePruneReports, err := ic.VolumePrune(ctx, volumePruneOptions) if err != nil { return nil, err } - if len(volumePruneReport) > 0 { + if len(volumePruneReports) > 0 { found = true } - reclaimedSpace += reports.PruneReportsSize(volumePruneReport) - systemPruneReport.VolumePruneReports = append(systemPruneReport.VolumePruneReports, volumePruneReport...) + reclaimedSpace += reports.PruneReportsSize(volumePruneReports) + systemPruneReport.VolumePruneReports = append(systemPruneReport.VolumePruneReports, volumePruneReports...) } } + systemPruneReport.ReclaimedSpace = reclaimedSpace return systemPruneReport, nil } diff --git a/pkg/domain/infra/tunnel/network.go b/pkg/domain/infra/tunnel/network.go index ffdcbab1e..6e27b8e56 100644 --- a/pkg/domain/infra/tunnel/network.go +++ b/pkg/domain/infra/tunnel/network.go @@ -96,7 +96,7 @@ func (ic *ContainerEngine) NetworkExists(ctx context.Context, networkname string }, nil } -// Network prune removes unused cni networks +// Network prune removes unused networks func (ic *ContainerEngine) NetworkPrune(ctx context.Context, options entities.NetworkPruneOptions) ([]*entities.NetworkPruneReport, error) { opts := new(network.PruneOptions).WithFilters(options.Filters) return network.Prune(ic.ClientCtx, opts) diff --git a/test/e2e/prune_test.go b/test/e2e/prune_test.go index 119c8d41e..89cc65540 100644 --- a/test/e2e/prune_test.go +++ b/test/e2e/prune_test.go @@ -259,11 +259,12 @@ var _ = Describe("Podman prune", func() { }) It("podman system prune networks", func() { - // About netavark network backend test. + // Create new network. session := podmanTest.Podman([]string{"network", "create", "test"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) + // Remove all unused networks. session = podmanTest.Podman([]string{"system", "prune", "-f"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) @@ -274,7 +275,7 @@ var _ = Describe("Podman prune", func() { Expect(session).Should(Exit(0)) Expect(session.OutputToStringArray()).To(HaveLen(1)) - // Remove all unused networks. + // Unused networks removed. session = podmanTest.Podman([]string{"network", "ls", "-q", "--filter", "name=^test$"}) session.WaitWithDefaultTimeout() Expect(session).Should(Exit(0)) |