diff options
| -rw-r--r-- | RELEASE_NOTES.md | 11 | ||||
| -rw-r--r-- | contrib/systemd/README.md | 78 | ||||
| -rw-r--r-- | contrib/systemd/system/podman.service | 2 | ||||
| -rw-r--r-- | libpod/runtime_pod_linux.go | 12 |
4 files changed, 18 insertions, 85 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index d961b713e..fc528d70f 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -2,7 +2,7 @@ ## 1.8.0 ### Features -- The `podman service` command has been added, providing a preview of Podman's new Docker-compatible API. This API is still very new, and not yet ready for production use, but is available for early testing +- The `podman system service` command has been added, providing a preview of Podman's new Docker-compatible API. This API is still very new, and not yet ready for production use, but is available for early testing - Rootless Podman now uses Rootlesskit for port forwarding, which should greatly improve performance and capabilities - The `podman untag` command has been added to remove tags from images without deleting them - The `podman inspect` command on images now displays previous names they used @@ -29,13 +29,20 @@ - Fixed a bug where `podman history` was not computing image sizes correctly ([#4916](https://github.com/containers/libpod/issues/4916)) - Fixed a bug where Podman would not error on invalid values to the `--sort` flag to `podman images` - Fixed a bug where providing a name for the image made by `podman commit` was mandatory, not optional as it should be ([#5027](https://github.com/containers/libpod/issues/5027)) +- Fixed a bug where the remote Podman client would append an extra `"` to `%PATH` ([#4335](https://github.com/containers/libpod/issues/4335)) +- Fixed a bug where the `podman build` command would sometimes ignore the `-f` option and build the wrong Containerfile +- Fixed a bug where the `podman ps --filter` command would only filter running containers, instead of all containers, if `--all` was not passed ([#5050](https://github.com/containers/libpod/issues/5050)) +- Fixed a bug where the `podman load` command on compressed images would leave an extra copy on disk +- Fixed a bug where the `podman restart` command would not properly clean up the network, causing it to function differently from `podman stop; podman start` ([#5051](https://github.com/containers/libpod/issues/5051)) +- Fixed a bug where setting the `--memory-swap` flag to `podman create` and `podman run` to `-1` (to indicate unlimited) was not supported ([#5091](https://github.com/containers/libpod/issues/5091)) ### Misc - Initial work on version 2 of the Podman remote API has been merged, but is still in an alpha state and not ready for use. Read more [here](https://podman.io/releases/2020/01/17/podman-new-api.html) - Many formatting corrections have been made to the manpages - The changes to address ([#5009](https://github.com/containers/libpod/issues/5009)) may cause anonymous volumes created by Podman versions 1.6.3 to 1.7.0 to not be removed when their container is removed - Updated vendored Buildah to v1.13.1 -- Updated vendored containers/storage to v1.15.7 +- Updated vendored containers/storage to v1.15.8 +- Updated vendored containers/image to v5.2.0 ## 1.7.0 ### Features diff --git a/contrib/systemd/README.md b/contrib/systemd/README.md index ff266c6a5..9f1d37792 100644 --- a/contrib/systemd/README.md +++ b/contrib/systemd/README.md @@ -2,11 +2,6 @@ ## system-wide (podman service run as root) -The following unit file examples assume: - 1. copied the `service` executable into `/usr/local/bin` - 1. `chcon system_u:object_r:container_runtime_exec_t:s0 /usr/local/bin/service` - -then: 1. copy the `podman.service` and `podman.socket` files into `/etc/systemd/system` 1. `systemctl daemon-reload` 1. `systemctl enable podman.socket` @@ -16,47 +11,12 @@ then: Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/podman/podman.sock` ### podman.service -```toml -[Unit] -Description=Podman API Service -Requires=podman.socket -After=podman.socket -Documentation=man:podman-api(1) -StartLimitIntervalSec=0 - -[Service] -Type=oneshot -Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf -ExecStart=/usr/local/bin/service -TimeoutStopSec=30 -KillMode=process - -[Install] -WantedBy=multi-user.target -Also=podman.socket -``` +You can refer to [this example](https://github.com/containers/libpod/blob/master/contrib/systemd/system/podman.service) for a sample podman.service file. ### podman.socket +You can refer to [this example](https://github.com/containers/libpod/blob/master/contrib/systemd/system/podman.socket) for a sample podman.socket file. -```toml -[Unit] -Description=Podman API Socket -Documentation=man:podman-api(1) - -[Socket] -ListenStream=%t/podman/podman.sock -SocketMode=0660 - -[Install] -WantedBy=sockets.target -``` ## user (podman service run as given user aka "rootless") -The following unit file examples assume: - 1. you have a created a directory `~/bin` - 1. copied the `service` executable into `~/bin` - 1. `chcon system_u:object_r:container_runtime_exec_t:s0 ~/bin/service` - -then: 1. `mkdir -p ~/.config/systemd/user` 1. copy the `podman.service` and `podman.socket` files into `~/.config/systemd/user` 1. `systemctl --user enable podman.socket` @@ -66,37 +26,7 @@ then: Assuming the status messages show no errors, the libpod service is ready to respond to the APIv2 on the unix domain socket `/run/user/$(id -u)/podman/podman.sock` ### podman.service +You can refer to [this example](https://github.com/containers/libpod/blob/master/contrib/systemd/user/podman.service) for a rootless podman.service file. -```toml -[Unit] -Description=Podman API Service -Requires=podman.socket -After=podman.socket -Documentation=man:podman-api(1) -StartLimitIntervalSec=0 - -[Service] -Type=oneshot -Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf -ExecStart=%h/bin/service -TimeoutStopSec=30 -KillMode=process - -[Install] -WantedBy=multi-user.target -Also=podman.socket -``` ### podman.socket - -```toml -[Unit] -Description=Podman API Socket -Documentation=man:podman-api(1) - -[Socket] -ListenStream=%t/podman/podman.sock -SocketMode=0660 - -[Install] -WantedBy=sockets.target -``` +You can refer to [this example](https://github.com/containers/libpod/blob/master/contrib/systemd/user/podman.socket) for a rootless podman.socket file. diff --git a/contrib/systemd/system/podman.service b/contrib/systemd/system/podman.service index 13d858627..eaa2ec437 100644 --- a/contrib/systemd/system/podman.service +++ b/contrib/systemd/system/podman.service @@ -8,7 +8,7 @@ StartLimitIntervalSec=0 [Service] Type=oneshot Environment=REGISTRIES_CONFIG_PATH=/etc/containers/registries.conf -ExecStart=/usr/local/bin/service +ExecStart=/usr/bin/podman system service TimeoutStopSec=30 KillMode=process diff --git a/libpod/runtime_pod_linux.go b/libpod/runtime_pod_linux.go index 5b0111b85..4afd5760a 100644 --- a/libpod/runtime_pod_linux.go +++ b/libpod/runtime_pod_linux.go @@ -193,8 +193,6 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) } } - var removalErr error - // We're going to be removing containers. // If we are CGroupfs cgroup driver, to avoid races, we need to hit // the pod and conmon CGroups with a PID limit to prevent them from @@ -205,7 +203,7 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) conmonCgroupPath := filepath.Join(p.state.CgroupPath, "conmon") conmonCgroup, err := cgroups.Load(conmonCgroupPath) if err != nil && err != cgroups.ErrCgroupDeleted && err != cgroups.ErrCgroupV1Rootless { - removalErr = errors.Wrapf(err, "error retrieving pod %s conmon cgroup %s", p.ID(), conmonCgroupPath) + logrus.Errorf("Error retrieving pod %s conmon cgroup %s: %v", p.ID(), conmonCgroupPath, err) } // New resource limits @@ -216,15 +214,13 @@ func (r *Runtime) removePod(ctx context.Context, p *Pod, removeCtrs, force bool) // Don't try if we failed to retrieve the cgroup if err == nil { if err := conmonCgroup.Update(resLimits); err != nil { - if removalErr == nil { - removalErr = errors.Wrapf(err, "error updating pod %s conmon group", p.ID()) - } else { - logrus.Errorf("Error updating pod %s conmon cgroup %s: %v", p.ID(), conmonCgroupPath, err) - } + logrus.Warnf("Error updating pod %s conmon cgroup %s PID limit: %v", p.ID(), conmonCgroupPath, err) } } } + var removalErr error + ctrNamedVolumes := make(map[string]*ContainerNamedVolume) // Second loop - all containers are good, so we should be clear to |