summaryrefslogtreecommitdiff
path: root/pkg/domain
diff options
context:
space:
mode:
Diffstat (limited to 'pkg/domain')
-rw-r--r--pkg/domain/entities/containers.go1
-rw-r--r--pkg/domain/entities/play.go2
-rw-r--r--pkg/domain/infra/abi/containers.go31
-rw-r--r--pkg/domain/infra/abi/system.go17
-rw-r--r--pkg/domain/infra/tunnel/containers.go6
-rw-r--r--pkg/domain/infra/tunnel/helpers.go14
-rw-r--r--pkg/domain/infra/tunnel/play.go5
7 files changed, 58 insertions, 18 deletions
diff --git a/pkg/domain/entities/containers.go b/pkg/domain/entities/containers.go
index 17408f12f..934a7cbdc 100644
--- a/pkg/domain/entities/containers.go
+++ b/pkg/domain/entities/containers.go
@@ -80,6 +80,7 @@ type PauseUnpauseReport struct {
}
type StopOptions struct {
+ Filters map[string][]string
All bool
Ignore bool
Latest bool
diff --git a/pkg/domain/entities/play.go b/pkg/domain/entities/play.go
index f1ba21650..35a5d8a4a 100644
--- a/pkg/domain/entities/play.go
+++ b/pkg/domain/entities/play.go
@@ -90,6 +90,8 @@ type PlayKubeReport struct {
PlayKubeTeardown
}
+type KubePlayReport = PlayKubeReport
+
// PlayKubeDownOptions are options for tearing down pods
type PlayKubeDownOptions struct{}
diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go
index 23a591604..04eb85504 100644
--- a/pkg/domain/infra/abi/containers.go
+++ b/pkg/domain/infra/abi/containers.go
@@ -37,12 +37,29 @@ import (
)
// getContainersAndInputByContext gets containers whether all, latest, or a slice of names/ids
-// is specified. It also returns a list of the corresponding input name used to look up each container.
-func getContainersAndInputByContext(all, latest bool, names []string, runtime *libpod.Runtime) (ctrs []*libpod.Container, rawInput []string, err error) {
+// is specified. It also returns a list of the corresponding input name used to lookup each container.
+func getContainersAndInputByContext(all, latest bool, names []string, filters map[string][]string, runtime *libpod.Runtime) (ctrs []*libpod.Container, rawInput []string, err error) {
var ctr *libpod.Container
ctrs = []*libpod.Container{}
+ filterFuncs := make([]libpod.ContainerFilter, 0, len(filters))
switch {
+ case len(filters) > 0:
+ for k, v := range filters {
+ generatedFunc, err := dfilters.GenerateContainerFilterFuncs(k, v, runtime)
+ if err != nil {
+ return nil, nil, err
+ }
+ filterFuncs = append(filterFuncs, generatedFunc)
+ }
+ ctrs, err = runtime.GetContainers(filterFuncs...)
+ if err != nil {
+ return nil, nil, err
+ }
+ rawInput = []string{}
+ for _, candidate := range ctrs {
+ rawInput = append(rawInput, candidate.ID())
+ }
case all:
ctrs, err = runtime.GetAllContainers()
case latest:
@@ -66,13 +83,13 @@ func getContainersAndInputByContext(all, latest bool, names []string, runtime *l
}
}
}
- return
+ return ctrs, rawInput, err
}
// getContainersByContext gets containers whether all, latest, or a slice of names/ids
// is specified.
func getContainersByContext(all, latest bool, names []string, runtime *libpod.Runtime) (ctrs []*libpod.Container, err error) {
- ctrs, _, err = getContainersAndInputByContext(all, latest, names, runtime)
+ ctrs, _, err = getContainersAndInputByContext(all, latest, names, nil, runtime)
return
}
@@ -150,7 +167,7 @@ func (ic *ContainerEngine) ContainerUnpause(ctx context.Context, namesOrIds []st
}
func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []string, options entities.StopOptions) ([]*entities.StopReport, error) {
names := namesOrIds
- ctrs, rawInputs, err := getContainersAndInputByContext(options.All, options.Latest, names, ic.Libpod)
+ ctrs, rawInputs, err := getContainersAndInputByContext(options.All, options.Latest, names, options.Filters, ic.Libpod)
if err != nil && !(options.Ignore && errors.Is(err, define.ErrNoSuchCtr)) {
return nil, err
}
@@ -228,7 +245,7 @@ func (ic *ContainerEngine) ContainerKill(ctx context.Context, namesOrIds []strin
if err != nil {
return nil, err
}
- ctrs, rawInputs, err := getContainersAndInputByContext(options.All, options.Latest, namesOrIds, ic.Libpod)
+ ctrs, rawInputs, err := getContainersAndInputByContext(options.All, options.Latest, namesOrIds, nil, ic.Libpod)
if err != nil {
return nil, err
}
@@ -874,7 +891,7 @@ func (ic *ContainerEngine) ContainerStart(ctx context.Context, namesOrIds []stri
}
}
}
- ctrs, rawInputs, err := getContainersAndInputByContext(all, options.Latest, containersNamesOrIds, ic.Libpod)
+ ctrs, rawInputs, err := getContainersAndInputByContext(all, options.Latest, containersNamesOrIds, options.Filters, ic.Libpod)
if err != nil {
return nil, err
}
diff --git a/pkg/domain/infra/abi/system.go b/pkg/domain/infra/abi/system.go
index 0faae01c8..3389abd88 100644
--- a/pkg/domain/infra/abi/system.go
+++ b/pkg/domain/infra/abi/system.go
@@ -67,6 +67,22 @@ func (ic *ContainerEngine) Info(ctx context.Context) (*define.Info, error) {
}
func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool) error {
+ runsUnderSystemd := utils.RunsOnSystemd()
+ if !runsUnderSystemd {
+ isPid1 := os.Getpid() == 1
+ if _, found := os.LookupEnv("container"); isPid1 || found {
+ if err := utils.MaybeMoveToSubCgroup(); err != nil {
+ // it is a best effort operation, so just print the
+ // error for debugging purposes.
+ logrus.Debugf("Could not move to subcgroup: %v", err)
+ }
+ }
+ }
+
+ if !rootless.IsRootless() {
+ return nil
+ }
+
// do it only after podman has already re-execed and running with uid==0.
hasCapSysAdmin, err := unshare.HasCapSysAdmin()
if err != nil {
@@ -82,7 +98,6 @@ func (ic *ContainerEngine) SetupRootless(_ context.Context, noMoveProcess bool)
if err != nil {
return err
}
- runsUnderSystemd := utils.RunsOnSystemd()
unitName := fmt.Sprintf("podman-%d.scope", os.Getpid())
if runsUnderSystemd || conf.Engine.CgroupManager == config.SystemdCgroupsManager {
if err := utils.RunUnderSystemdScope(os.Getpid(), "user.slice", unitName); err != nil {
diff --git a/pkg/domain/infra/tunnel/containers.go b/pkg/domain/infra/tunnel/containers.go
index 5568ccde8..fcabff7c4 100644
--- a/pkg/domain/infra/tunnel/containers.go
+++ b/pkg/domain/infra/tunnel/containers.go
@@ -91,8 +91,7 @@ func (ic *ContainerEngine) ContainerUnpause(ctx context.Context, namesOrIds []st
}
func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []string, opts entities.StopOptions) ([]*entities.StopReport, error) {
- reports := []*entities.StopReport{}
- ctrs, rawInputs, err := getContainersAndInputByContext(ic.ClientCtx, opts.All, opts.Ignore, namesOrIds)
+ ctrs, rawInputs, err := getContainersAndInputByContext(ic.ClientCtx, opts.All, opts.Ignore, namesOrIds, opts.Filters)
if err != nil {
return nil, err
}
@@ -104,6 +103,7 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin
if to := opts.Timeout; to != nil {
options.WithTimeout(*to)
}
+ reports := []*entities.StopReport{}
for _, c := range ctrs {
report := entities.StopReport{
Id: c.ID,
@@ -134,7 +134,7 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin
}
func (ic *ContainerEngine) ContainerKill(ctx context.Context, namesOrIds []string, opts entities.KillOptions) ([]*entities.KillReport, error) {
- ctrs, rawInputs, err := getContainersAndInputByContext(ic.ClientCtx, opts.All, false, namesOrIds)
+ ctrs, rawInputs, err := getContainersAndInputByContext(ic.ClientCtx, opts.All, false, namesOrIds, nil)
if err != nil {
return nil, err
}
diff --git a/pkg/domain/infra/tunnel/helpers.go b/pkg/domain/infra/tunnel/helpers.go
index 24b2b619d..9ff1641f0 100644
--- a/pkg/domain/infra/tunnel/helpers.go
+++ b/pkg/domain/infra/tunnel/helpers.go
@@ -15,25 +15,29 @@ import (
// FIXME: the `ignore` parameter is very likely wrong here as it should rather
// be used on *errors* from operations such as remove.
func getContainersByContext(contextWithConnection context.Context, all, ignore bool, namesOrIDs []string) ([]entities.ListContainer, error) {
- ctrs, _, err := getContainersAndInputByContext(contextWithConnection, all, ignore, namesOrIDs)
+ ctrs, _, err := getContainersAndInputByContext(contextWithConnection, all, ignore, namesOrIDs, nil)
return ctrs, err
}
-func getContainersAndInputByContext(contextWithConnection context.Context, all, ignore bool, namesOrIDs []string) ([]entities.ListContainer, []string, error) {
+func getContainersAndInputByContext(contextWithConnection context.Context, all, ignore bool, namesOrIDs []string, filters map[string][]string) ([]entities.ListContainer, []string, error) {
if all && len(namesOrIDs) > 0 {
return nil, nil, errors.New("cannot look up containers and all")
}
- options := new(containers.ListOptions).WithAll(true).WithSync(true)
+ options := new(containers.ListOptions).WithAll(true).WithSync(true).WithFilters(filters)
allContainers, err := containers.List(contextWithConnection, options)
if err != nil {
return nil, nil, err
}
rawInputs := []string{}
- if all {
+ switch {
+ case len(filters) > 0:
+ for i := range allContainers {
+ namesOrIDs = append(namesOrIDs, allContainers[i].ID)
+ }
+ case all:
for i := range allContainers {
rawInputs = append(rawInputs, allContainers[i].ID)
}
-
return allContainers, rawInputs, err
}
diff --git a/pkg/domain/infra/tunnel/play.go b/pkg/domain/infra/tunnel/play.go
index d731a1d6c..ee9195681 100644
--- a/pkg/domain/infra/tunnel/play.go
+++ b/pkg/domain/infra/tunnel/play.go
@@ -5,12 +5,13 @@ import (
"io"
"github.com/containers/image/v5/types"
+ "github.com/containers/podman/v4/pkg/bindings/kube"
"github.com/containers/podman/v4/pkg/bindings/play"
"github.com/containers/podman/v4/pkg/domain/entities"
)
func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, opts entities.PlayKubeOptions) (*entities.PlayKubeReport, error) {
- options := new(play.KubeOptions).WithAuthfile(opts.Authfile).WithUsername(opts.Username).WithPassword(opts.Password)
+ options := new(kube.PlayOptions).WithAuthfile(opts.Authfile).WithUsername(opts.Username).WithPassword(opts.Password)
options.WithCertDir(opts.CertDir).WithQuiet(opts.Quiet).WithSignaturePolicy(opts.SignaturePolicy).WithConfigMaps(opts.ConfigMaps)
options.WithLogDriver(opts.LogDriver).WithNetwork(opts.Networks).WithSeccompProfileRoot(opts.SeccompProfileRoot)
options.WithStaticIPs(opts.StaticIPs).WithStaticMACs(opts.StaticMACs)
@@ -31,5 +32,5 @@ func (ic *ContainerEngine) PlayKube(ctx context.Context, body io.Reader, opts en
}
func (ic *ContainerEngine) PlayKubeDown(ctx context.Context, body io.Reader, _ entities.PlayKubeDownOptions) (*entities.PlayKubeReport, error) {
- return play.KubeDownWithBody(ic.ClientCtx, body)
+ return play.DownWithBody(ic.ClientCtx, body)
}
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-12-28 07:09:50 +0000