7 files changed, 352 insertions, 27 deletions
diff --git a/pkg/adapter/checkpoint_restore.go b/pkg/adapter/checkpoint_restore.go
new file mode 100644
index 000000000..97ba5ecf7
--- /dev/null
+++ b/pkg/adapter/checkpoint_restore.go
@@ -0,0 +1,145 @@
+// +build !remoteclient
+
+package adapter
+
+import (
+	"context"
+	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/libpod/image"
+	"github.com/containers/storage/pkg/archive"
+	jsoniter "github.com/json-iterator/go"
+	spec "github.com/opencontainers/runtime-spec/specs-go"
+	"github.com/pkg/errors"
+	"io"
+	"io/ioutil"
+	"os"
+	"path/filepath"
+)
+
+// Prefixing the checkpoint/restore related functions with 'cr'
+
+// crImportFromJSON imports the JSON files stored in the exported
+// checkpoint tarball
+func crImportFromJSON(filePath string, v interface{}) error {
+	jsonFile, err := os.Open(filePath)
+	if err != nil {
+		return errors.Wrapf(err, "Failed to open container definition %s for restore", filePath)
+	}
+	defer jsonFile.Close()
+
+	content, err := ioutil.ReadAll(jsonFile)
+	if err != nil {
+		return errors.Wrapf(err, "Failed to read container definition %s for restore", filePath)
+	}
+	json := jsoniter.ConfigCompatibleWithStandardLibrary
+	if err = json.Unmarshal([]byte(content), v); err != nil {
+		return errors.Wrapf(err, "Failed to unmarshal container definition %s for restore", filePath)
+	}
+
+	return nil
+}
+
+// crImportCheckpoint it the function which imports the information
+// from checkpoint tarball and re-creates the container from that information
+func crImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, input string, name string) ([]*libpod.Container, error) {
+	// First get the container definition from the
+	// tarball to a temporary directory
+	archiveFile, err := os.Open(input)
+	if err != nil {
+		return nil, errors.Wrapf(err, "Failed to open checkpoint archive %s for import", input)
+	}
+	defer archiveFile.Close()
+	options := &archive.TarOptions{
+		// Here we only need the files config.dump and spec.dump
+		ExcludePatterns: []string{
+			"checkpoint",
+			"artifacts",
+			"ctr.log",
+			"network.status",
+		},
+	}
+	dir, err := ioutil.TempDir("", "checkpoint")
+	if err != nil {
+		return nil, err
+	}
+	defer os.RemoveAll(dir)
+	err = archive.Untar(archiveFile, dir, options)
+	if err != nil {
+		return nil, errors.Wrapf(err, "Unpacking of checkpoint archive %s failed", input)
+	}
+
+	// Load spec.dump from temporary directory
+	spec := new(spec.Spec)
+	if err := crImportFromJSON(filepath.Join(dir, "spec.dump"), spec); err != nil {
+		return nil, err
+	}
+
+	// Load config.dump from temporary directory
+	config := new(libpod.ContainerConfig)
+	if err = crImportFromJSON(filepath.Join(dir, "config.dump"), config); err != nil {
+		return nil, err
+	}
+
+	// This should not happen as checkpoints with these options are not exported.
+	if (len(config.Dependencies) > 0) || (len(config.NamedVolumes) > 0) {
+		return nil, errors.Errorf("Cannot import checkpoints of containers with named volumes or dependencies")
+	}
+
+	ctrID := config.ID
+	newName := false
+
+	// Check if the restored container gets a new name
+	if name != "" {
+		config.ID = ""
+		config.Name = name
+		newName = true
+	}
+
+	ctrName := config.Name
+
+	// The code to load the images is copied from create.go
+	var writer io.Writer
+	// In create.go this only set if '--quiet' does not exist.
+	writer = os.Stderr
+	rtc, err := runtime.GetConfig()
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = runtime.ImageRuntime().New(ctx, config.RootfsImageName, rtc.SignaturePolicyPath, "", writer, nil, image.SigningOptions{}, false, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	// Now create a new container from the just loaded information
+	container, err := runtime.RestoreContainer(ctx, spec, config)
+	if err != nil {
+		return nil, err
+	}
+
+	var containers []*libpod.Container
+	if container == nil {
+		return nil, nil
+	}
+
+	containerConfig := container.Config()
+	if containerConfig.Name != ctrName {
+		return nil, errors.Errorf("Name of restored container (%s) does not match requested name (%s)", containerConfig.Name, ctrName)
+	}
+
+	if newName == false {
+		// Only check ID for a restore with the same name.
+		// Using -n to request a new name for the restored container, will also create a new ID
+		if containerConfig.ID != ctrID {
+			return nil, errors.Errorf("ID of restored container (%s) does not match requested ID (%s)", containerConfig.ID, ctrID)
+		}
+	}
+
+	// Check if the ExitCommand points to the correct container ID
+	if containerConfig.ExitCommand[len(containerConfig.ExitCommand)-1] != containerConfig.ID {
+		return nil, errors.Errorf("'ExitCommandID' uses ID %s instead of container ID %s", containerConfig.ExitCommand[len(containerConfig.ExitCommand)-1], containerConfig.ID)
+	}
+
+	containers = append(containers, container)
+	return containers, nil
+}
diff --git a/pkg/adapter/client.go b/pkg/adapter/client.go
index 01914834f..69aa3220a 100644
--- a/pkg/adapter/client.go
+++ b/pkg/adapter/client.go
@@ -6,42 +6,52 @@ import (
 	"fmt"
 	"os"
 
+	"github.com/containers/libpod/cmd/podman/remoteclientconfig"
 	"github.com/pkg/errors"
+	"github.com/sirupsen/logrus"
 	"github.com/varlink/go/varlink"
 )
 
 var remoteEndpoint *Endpoint
 
 func (r RemoteRuntime) RemoteEndpoint() (remoteEndpoint *Endpoint, err error) {
-	if remoteEndpoint == nil {
-		remoteEndpoint = &Endpoint{Unknown, ""}
-	} else {
-		return remoteEndpoint, nil
-	}
+	remoteConfigConnections, _ := remoteclientconfig.ReadRemoteConfig(r.config)
 
-	// I'm leaving this here for now as a document of the birdge format.  It can be removed later once the bridge
-	// function is more flushed out.
-	// bridge := `ssh -T root@192.168.122.1 "/usr/bin/varlink -A '/usr/bin/podman varlink \$VARLINK_ADDRESS' bridge"`
-	if len(r.cmd.RemoteHost) > 0 {
-		// The user has provided a remote host endpoint
+	// If the user defines an env variable for podman_varlink_bridge
+	// we use that as passed.
+	if bridge := os.Getenv("PODMAN_VARLINK_BRIDGE"); bridge != "" {
+		logrus.Debug("creating a varlink bridge based on env variable")
+		remoteEndpoint, err = newBridgeConnection(bridge, nil, r.cmd.LogLevel)
+		// if an environment variable for podman_varlink_address is defined,
+		// we used that as passed
+	} else if address := os.Getenv("PODMAN_VARLINK_ADDRESS"); address != "" {
+		logrus.Debug("creating a varlink address based on env variable: %s", address)
+		remoteEndpoint, err = newSocketConnection(address)
+		//	if the user provides a remote host, we use it to configure a bridge connection
+	} else if len(r.cmd.RemoteHost) > 0 {
+		logrus.Debug("creating a varlink bridge based on user input")
 		if len(r.cmd.RemoteUserName) < 1 {
 			return nil, errors.New("you must provide a username when providing a remote host name")
 		}
-		remoteEndpoint.Type = BridgeConnection
-		remoteEndpoint.Connection = fmt.Sprintf(
-			`ssh -T %s@%s /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`,
-			r.cmd.RemoteUserName, r.cmd.RemoteHost, r.cmd.LogLevel)
-
-	} else if bridge := os.Getenv("PODMAN_VARLINK_BRIDGE"); bridge != "" {
-		remoteEndpoint.Type = BridgeConnection
-		remoteEndpoint.Connection = bridge
-	} else {
-		address := os.Getenv("PODMAN_VARLINK_ADDRESS")
-		if address == "" {
-			address = DefaultAddress
+		rc := remoteclientconfig.RemoteConnection{r.cmd.RemoteHost, r.cmd.RemoteUserName, false}
+		remoteEndpoint, err = newBridgeConnection("", &rc, r.cmd.LogLevel)
+		//  if the user has a config file with connections in it
+	} else if len(remoteConfigConnections.Connections) > 0 {
+		logrus.Debug("creating a varlink bridge based configuration file")
+		var rc *remoteclientconfig.RemoteConnection
+		if len(r.cmd.ConnectionName) > 0 {
+			rc, err = remoteConfigConnections.GetRemoteConnection(r.cmd.ConnectionName)
+		} else {
+			rc, err = remoteConfigConnections.GetDefault()
+		}
+		if err != nil {
+			return nil, err
 		}
-		remoteEndpoint.Type = DirectConnection
-		remoteEndpoint.Connection = address
+		remoteEndpoint, err = newBridgeConnection("", rc, r.cmd.LogLevel)
+		//	last resort is to make a socket connection with the default varlink address for root user
+	} else {
+		logrus.Debug("creating a varlink address based default root address")
+		remoteEndpoint, err = newSocketConnection(DefaultAddress)
 	}
 	return
 }
@@ -72,3 +82,12 @@ func (r RemoteRuntime) RefreshConnection() error {
 	r.Conn = newConn
 	return nil
 }
+
+// newSocketConnection returns an endpoint for a uds based connection
+func newSocketConnection(address string) (*Endpoint, error) {
+	endpoint := Endpoint{
+		Type:       DirectConnection,
+		Connection: address,
+	}
+	return &endpoint, nil
+}
diff --git a/pkg/adapter/client_unix.go b/pkg/adapter/client_unix.go
new file mode 100644
index 000000000..e0406567c
--- /dev/null
+++ b/pkg/adapter/client_unix.go
@@ -0,0 +1,30 @@
+// +build linux darwin
+// +build remoteclient
+
+package adapter
+
+import (
+	"fmt"
+
+	"github.com/containers/libpod/cmd/podman/remoteclientconfig"
+	"github.com/pkg/errors"
+)
+
+// newBridgeConnection creates a bridge type endpoint with username, destination, and log-level
+func newBridgeConnection(formattedBridge string, remoteConn *remoteclientconfig.RemoteConnection, logLevel string) (*Endpoint, error) {
+	endpoint := Endpoint{
+		Type: BridgeConnection,
+	}
+
+	if len(formattedBridge) < 1 && remoteConn == nil {
+		return nil, errors.New("bridge connections must either be created by string or remoteconnection")
+	}
+	if len(formattedBridge) > 0 {
+		endpoint.Connection = formattedBridge
+		return &endpoint, nil
+	}
+	endpoint.Connection = fmt.Sprintf(
+		`ssh -T %s@%s -- /usr/bin/varlink -A \'/usr/bin/podman --log-level=%s varlink \\\$VARLINK_ADDRESS\' bridge`,
+		remoteConn.Username, remoteConn.Destination, logLevel)
+	return &endpoint, nil
+}
diff --git a/pkg/adapter/client_windows.go b/pkg/adapter/client_windows.go
new file mode 100644
index 000000000..088550667
--- /dev/null
+++ b/pkg/adapter/client_windows.go
@@ -0,0 +1,15 @@
+// +build remoteclient
+
+package adapter
+
+import (
+	"github.com/containers/libpod/cmd/podman/remoteclientconfig"
+	"github.com/containers/libpod/libpod"
+)
+
+func newBridgeConnection(formattedBridge string, remoteConn *remoteclientconfig.RemoteConnection, logLevel string) (*Endpoint, error) {
+	// TODO
+	// Unix and Windows appear to quote their ssh implementations differently therefore once we figure out what
+	// windows ssh is doing here, we can then get the format correct.
+	return nil, libpod.ErrNotImplemented
+}
diff --git a/pkg/adapter/containers.go b/pkg/adapter/containers.go
index ff7b6377a..29297fbd5 100644
--- a/pkg/adapter/containers.go
+++ b/pkg/adapter/containers.go
@@ -6,6 +6,7 @@ import (
 	"bufio"
 	"context"
 	"fmt"
+	"io"
 	"io/ioutil"
 	"os"
 	"path/filepath"
@@ -15,9 +16,12 @@ import (
 	"syscall"
 	"time"
 
+	"github.com/containers/buildah"
+	"github.com/containers/image/manifest"
 	"github.com/containers/libpod/cmd/podman/cliconfig"
 	"github.com/containers/libpod/cmd/podman/shared"
 	"github.com/containers/libpod/libpod"
+	"github.com/containers/libpod/libpod/image"
 	"github.com/containers/libpod/pkg/adapter/shortcuts"
 	"github.com/containers/libpod/pkg/systemdgen"
 	"github.com/containers/psgo"
@@ -522,7 +526,7 @@ func (r *LocalRuntime) Checkpoint(c *cliconfig.CheckpointValues, options libpod.
 }
 
 // Restore one or more containers
-func (r *LocalRuntime) Restore(c *cliconfig.RestoreValues, options libpod.ContainerCheckpointOptions) error {
+func (r *LocalRuntime) Restore(ctx context.Context, c *cliconfig.RestoreValues, options libpod.ContainerCheckpointOptions) error {
 	var (
 		containers     []*libpod.Container
 		err, lastError error
@@ -534,7 +538,9 @@ func (r *LocalRuntime) Restore(c *cliconfig.RestoreValues, options libpod.Contai
 		return state == libpod.ContainerStateExited
 	})
 
-	if c.All {
+	if c.Import != "" {
+		containers, err = crImportCheckpoint(ctx, r.Runtime, c.Import, c.Name)
+	} else if c.All {
 		containers, err = r.GetContainers(filterFuncs...)
 	} else {
 		containers, err = shortcuts.GetContainersByContext(false, c.Latest, c.InputArgs, r.Runtime)
@@ -1030,3 +1036,55 @@ func (r *LocalRuntime) GenerateSystemd(c *cliconfig.GenerateSystemdValues) (stri
 func (r *LocalRuntime) GetNamespaces(container shared.PsContainerOutput) *shared.Namespace {
 	return shared.GetNamespaces(container.Pid)
 }
+
+// Commit creates a local image from a container
+func (r *LocalRuntime) Commit(ctx context.Context, c *cliconfig.CommitValues, container, imageName string) (string, error) {
+	var (
+		writer   io.Writer
+		mimeType string
+	)
+	switch c.Format {
+	case "oci":
+		mimeType = buildah.OCIv1ImageManifest
+		if c.Flag("message").Changed {
+			return "", errors.Errorf("messages are only compatible with the docker image format (-f docker)")
+		}
+	case "docker":
+		mimeType = manifest.DockerV2Schema2MediaType
+	default:
+		return "", errors.Errorf("unrecognized image format %q", c.Format)
+	}
+	if !c.Quiet {
+		writer = os.Stderr
+	}
+	ctr, err := r.Runtime.LookupContainer(container)
+	if err != nil {
+		return "", errors.Wrapf(err, "error looking up container %q", container)
+	}
+
+	rtc, err := r.Runtime.GetConfig()
+	if err != nil {
+		return "", err
+	}
+
+	sc := image.GetSystemContext(rtc.SignaturePolicyPath, "", false)
+	coptions := buildah.CommitOptions{
+		SignaturePolicyPath:   rtc.SignaturePolicyPath,
+		ReportWriter:          writer,
+		SystemContext:         sc,
+		PreferredManifestType: mimeType,
+	}
+	options := libpod.ContainerCommitOptions{
+		CommitOptions:  coptions,
+		Pause:          c.Pause,
+		IncludeVolumes: c.IncludeVolumes,
+		Message:        c.Message,
+		Changes:        c.Change,
+		Author:         c.Author,
+	}
+	newImage, err := ctr.Commit(ctx, imageName, options)
+	if err != nil {
+		return "", err
+	}
+	return newImage.ID(), nil
+}
diff --git a/pkg/adapter/containers_remote.go b/pkg/adapter/containers_remote.go
index ce4b96370..cf0b90b3a 100644
--- a/pkg/adapter/containers_remote.go
+++ b/pkg/adapter/containers_remote.go
@@ -663,6 +663,10 @@ func (r *LocalRuntime) Attach(ctx context.Context, c *cliconfig.AttachValues) er
 
 // Checkpoint one or more containers
 func (r *LocalRuntime) Checkpoint(c *cliconfig.CheckpointValues, options libpod.ContainerCheckpointOptions) error {
+	if c.Export != "" {
+		return errors.New("the remote client does not support exporting checkpoints")
+	}
+
 	var lastError error
 	ids, err := iopodman.GetContainersByContext().Call(r.Conn, c.All, c.Latest, c.InputArgs)
 	if err != nil {
@@ -698,7 +702,11 @@ func (r *LocalRuntime) Checkpoint(c *cliconfig.CheckpointValues, options libpod.
 }
 
 // Restore one or more containers
-func (r *LocalRuntime) Restore(c *cliconfig.RestoreValues, options libpod.ContainerCheckpointOptions) error {
+func (r *LocalRuntime) Restore(ctx context.Context, c *cliconfig.RestoreValues, options libpod.ContainerCheckpointOptions) error {
+	if c.Import != "" {
+		return errors.New("the remote client does not support importing checkpoints")
+	}
+
 	var lastError error
 	ids, err := iopodman.GetContainersByContext().Call(r.Conn, c.All, c.Latest, c.InputArgs)
 	if err != nil {
@@ -993,3 +1001,26 @@ func (r *LocalRuntime) GetNamespaces(container shared.PsContainerOutput) *shared
 	}
 	return &ns
 }
+
+// Commit creates a local image from a container
+func (r *LocalRuntime) Commit(ctx context.Context, c *cliconfig.CommitValues, container, imageName string) (string, error) {
+	var iid string
+	reply, err := iopodman.Commit().Send(r.Conn, varlink.More, container, imageName, c.Change, c.Author, c.Message, c.Pause, c.Format)
+	if err != nil {
+		return "", err
+	}
+	for {
+		responses, flags, err := reply()
+		if err != nil {
+			return "", err
+		}
+		for _, line := range responses.Logs {
+			fmt.Fprintln(os.Stderr, line)
+		}
+		iid = responses.Id
+		if flags&varlink.Continues == 0 {
+			break
+		}
+	}
+	return iid, nil
+}
diff --git a/pkg/adapter/runtime_remote.go b/pkg/adapter/runtime_remote.go
index e0c0898bd..a1d358f68 100644
--- a/pkg/adapter/runtime_remote.go
+++ b/pkg/adapter/runtime_remote.go
@@ -20,6 +20,7 @@ import (
 	"github.com/containers/image/docker/reference"
 	"github.com/containers/image/types"
 	"github.com/containers/libpod/cmd/podman/cliconfig"
+	"github.com/containers/libpod/cmd/podman/remoteclientconfig"
 	"github.com/containers/libpod/cmd/podman/varlink"
 	"github.com/containers/libpod/libpod"
 	"github.com/containers/libpod/libpod/events"
@@ -40,6 +41,7 @@ type RemoteRuntime struct {
 	Conn   *varlink.Connection
 	Remote bool
 	cmd    cliconfig.MainFlags
+	config io.Reader
 }
 
 // LocalRuntime describes a typical libpod runtime
@@ -49,10 +51,35 @@ type LocalRuntime struct {
 
 // GetRuntime returns a LocalRuntime struct with the actual runtime embedded in it
 func GetRuntime(ctx context.Context, c *cliconfig.PodmanCommand) (*LocalRuntime, error) {
+	var (
+		customConfig bool
+		err          error
+		f            *os.File
+	)
 	runtime := RemoteRuntime{
 		Remote: true,
 		cmd:    c.GlobalFlags,
 	}
+	configPath := remoteclientconfig.GetConfigFilePath()
+	if len(c.GlobalFlags.RemoteConfigFilePath) > 0 {
+		configPath = c.GlobalFlags.RemoteConfigFilePath
+		customConfig = true
+	}
+
+	f, err = os.Open(configPath)
+	if err != nil {
+		// If user does not explicitly provide a configuration file path and we cannot
+		// find a default, no error should occur.
+		if os.IsNotExist(err) && !customConfig {
+			logrus.Debugf("unable to load configuration file at %s", configPath)
+			runtime.config = nil
+		} else {
+			return nil, errors.Wrapf(err, "unable to load configuration file at %s", configPath)
+		}
+	} else {
+		// create the io reader for the remote client
+		runtime.config = bufio.NewReader(f)
+	}
 	conn, err := runtime.Connect()
 	if err != nil {
 		return nil, err