diff options
Diffstat (limited to 'pkg')
-rw-r--r-- | pkg/api/handlers/compat/images_build.go | 9 | ||||
-rw-r--r-- | pkg/api/handlers/libpod/generate.go | 3 | ||||
-rw-r--r-- | pkg/api/server/register_generate.go | 9 | ||||
-rw-r--r-- | pkg/api/server/register_images.go | 7 | ||||
-rw-r--r-- | pkg/bindings/generate/types.go | 2 | ||||
-rw-r--r-- | pkg/bindings/generate/types_systemd_options.go | 15 | ||||
-rw-r--r-- | pkg/checkpoint/checkpoint_restore.go | 26 | ||||
-rw-r--r-- | pkg/checkpoint/crutils/checkpoint_restore_utils.go | 55 | ||||
-rw-r--r-- | pkg/domain/entities/generate.go | 2 | ||||
-rw-r--r-- | pkg/domain/infra/abi/generate.go | 8 | ||||
-rw-r--r-- | pkg/domain/infra/runtime_libpod.go | 5 | ||||
-rw-r--r-- | pkg/domain/infra/tunnel/generate.go | 14 | ||||
-rw-r--r-- | pkg/specgen/generate/ports.go | 36 | ||||
-rw-r--r-- | pkg/specgenutil/specgen.go | 2 | ||||
-rw-r--r-- | pkg/specgenutil/util.go | 5 | ||||
-rw-r--r-- | pkg/systemd/generate/containers.go | 17 | ||||
-rw-r--r-- | pkg/systemd/generate/pods.go | 6 |
17 files changed, 154 insertions, 67 deletions
diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index 6152f1c02..7bbc4b99c 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -134,6 +134,15 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { return } + // if layers field not set assume its not from a valid podman-client + // could be a docker client, set `layers=true` since that is the default + // expected behviour + if !utils.IsLibpodRequest(r) { + if _, found := r.URL.Query()["layers"]; !found { + query.Layers = true + } + } + // convert addcaps formats var addCaps = []string{} if _, found := r.URL.Query()["addcaps"]; found { diff --git a/pkg/api/handlers/libpod/generate.go b/pkg/api/handlers/libpod/generate.go index 5205d875d..1411c680e 100644 --- a/pkg/api/handlers/libpod/generate.go +++ b/pkg/api/handlers/libpod/generate.go @@ -23,10 +23,12 @@ func GenerateSystemd(w http.ResponseWriter, r *http.Request) { TemplateUnitFile bool `schema:"templateUnitFile"` RestartPolicy *string `schema:"restartPolicy"` StopTimeout uint `schema:"stopTimeout"` + StartTimeout uint `schema:"startTimeout"` ContainerPrefix string `schema:"containerPrefix"` PodPrefix string `schema:"podPrefix"` Separator string `schema:"separator"` }{ + StartTimeout: 0, StopTimeout: util.DefaultContainerConfig().Engine.StopTimeout, ContainerPrefix: "container", PodPrefix: "pod", @@ -46,6 +48,7 @@ func GenerateSystemd(w http.ResponseWriter, r *http.Request) { NoHeader: query.NoHeader, TemplateUnitFile: query.TemplateUnitFile, RestartPolicy: query.RestartPolicy, + StartTimeout: &query.StartTimeout, StopTimeout: &query.StopTimeout, ContainerPrefix: query.ContainerPrefix, PodPrefix: query.PodPrefix, diff --git a/pkg/api/server/register_generate.go b/pkg/api/server/register_generate.go index e10c7029c..0e36394cf 100644 --- a/pkg/api/server/register_generate.go +++ b/pkg/api/server/register_generate.go @@ -37,10 +37,15 @@ func (s *APIServer) registerGenerateHandlers(r *mux.Router) error { // default: false // description: Do not generate the header including the Podman version and the timestamp. // - in: query - // name: time + // name: startTimeout + // type: integer + // default: 0 + // description: Start timeout in seconds. + // - in: query + // name: stopTimeout // type: integer // default: 10 - // description: Stop timeout override. + // description: Stop timeout in seconds. // - in: query // name: restartPolicy // default: on-failure diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go index 38ceea271..bf8eeef40 100644 --- a/pkg/api/server/register_images.go +++ b/pkg/api/server/register_images.go @@ -1523,6 +1523,13 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error { // JSON map of key, value pairs to set as labels on the new image // (As of version 1.xx) // - in: query + // name: layers + // type: boolean + // default: true + // description: | + // Cache intermediate layers during build. + // (As of version 1.xx) + // - in: query // name: networkmode // type: string // default: bridge diff --git a/pkg/bindings/generate/types.go b/pkg/bindings/generate/types.go index 6f2594604..092474e4a 100644 --- a/pkg/bindings/generate/types.go +++ b/pkg/bindings/generate/types.go @@ -20,6 +20,8 @@ type SystemdOptions struct { TemplateUnitFile *bool // RestartPolicy - systemd restart policy. RestartPolicy *string + // StartTimeout - time when starting the container. + StartTimeout *uint // StopTimeout - time when stopping the container. StopTimeout *uint // ContainerPrefix - systemd unit name prefix for containers diff --git a/pkg/bindings/generate/types_systemd_options.go b/pkg/bindings/generate/types_systemd_options.go index b26aa7fc2..d60f1d70e 100644 --- a/pkg/bindings/generate/types_systemd_options.go +++ b/pkg/bindings/generate/types_systemd_options.go @@ -92,6 +92,21 @@ func (o *SystemdOptions) GetRestartPolicy() string { return *o.RestartPolicy } +// WithStartTimeout set field StartTimeout to given value +func (o *SystemdOptions) WithStartTimeout(value uint) *SystemdOptions { + o.StartTimeout = &value + return o +} + +// GetStartTimeout returns value of field StartTimeout +func (o *SystemdOptions) GetStartTimeout() uint { + if o.StartTimeout == nil { + var z uint + return z + } + return *o.StartTimeout +} + // WithStopTimeout set field StopTimeout to given value func (o *SystemdOptions) WithStopTimeout(value uint) *SystemdOptions { o.StopTimeout = &value diff --git a/pkg/checkpoint/checkpoint_restore.go b/pkg/checkpoint/checkpoint_restore.go index 85fe6a77e..c371adf5b 100644 --- a/pkg/checkpoint/checkpoint_restore.go +++ b/pkg/checkpoint/checkpoint_restore.go @@ -6,7 +6,6 @@ import ( "os" metadata "github.com/checkpoint-restore/checkpointctl/lib" - "github.com/checkpoint-restore/go-criu/v5/stats" "github.com/containers/common/libimage" "github.com/containers/common/pkg/config" "github.com/containers/podman/v3/libpod" @@ -14,10 +13,8 @@ import ( "github.com/containers/podman/v3/pkg/checkpoint/crutils" "github.com/containers/podman/v3/pkg/criu" "github.com/containers/podman/v3/pkg/domain/entities" - "github.com/containers/podman/v3/pkg/errorhandling" "github.com/containers/podman/v3/pkg/specgen/generate" "github.com/containers/podman/v3/pkg/specgenutil" - "github.com/containers/storage/pkg/archive" spec "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -30,24 +27,6 @@ import ( func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOptions entities.RestoreOptions) ([]*libpod.Container, error) { // First get the container definition from the // tarball to a temporary directory - archiveFile, err := os.Open(restoreOptions.Import) - if err != nil { - return nil, errors.Wrap(err, "failed to open checkpoint archive for import") - } - defer errorhandling.CloseQuiet(archiveFile) - options := &archive.TarOptions{ - // Here we only need the files config.dump and spec.dump - ExcludePatterns: []string{ - "volumes", - "ctr.log", - "artifacts", - stats.StatsDump, - metadata.RootFsDiffTar, - metadata.DeletedFilesFile, - metadata.NetworkStatusFile, - metadata.CheckpointDirectory, - }, - } dir, err := ioutil.TempDir("", "checkpoint") if err != nil { return nil, err @@ -57,9 +36,8 @@ func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOpt logrus.Errorf("Could not recursively remove %s: %q", dir, err) } }() - err = archive.Untar(archiveFile, dir, options) - if err != nil { - return nil, errors.Wrapf(err, "Unpacking of checkpoint archive %s failed", restoreOptions.Import) + if err := crutils.CRImportCheckpointConfigOnly(dir, restoreOptions.Import); err != nil { + return nil, err } // Load spec.dump from temporary directory diff --git a/pkg/checkpoint/crutils/checkpoint_restore_utils.go b/pkg/checkpoint/crutils/checkpoint_restore_utils.go index 3b77368bb..2765d18e8 100644 --- a/pkg/checkpoint/crutils/checkpoint_restore_utils.go +++ b/pkg/checkpoint/crutils/checkpoint_restore_utils.go @@ -3,11 +3,13 @@ package crutils import ( "bytes" "io" + "io/ioutil" "os" "os/exec" "path/filepath" metadata "github.com/checkpoint-restore/checkpointctl/lib" + "github.com/checkpoint-restore/go-criu/v5/stats" "github.com/containers/storage/pkg/archive" "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" @@ -39,6 +41,36 @@ func CRImportCheckpointWithoutConfig(destination, input string) error { return nil } +// CRImportCheckpointConfigOnly only imports the checkpoint configuration +// from the checkpoint archive (input) into the directory destination. +// Only the files "config.dump" and "spec.dump" are extracted. +func CRImportCheckpointConfigOnly(destination, input string) error { + archiveFile, err := os.Open(input) + if err != nil { + return errors.Wrapf(err, "Failed to open checkpoint archive %s for import", input) + } + + defer archiveFile.Close() + options := &archive.TarOptions{ + // Here we only need the files config.dump and spec.dump + ExcludePatterns: []string{ + "volumes", + "ctr.log", + "artifacts", + stats.StatsDump, + metadata.RootFsDiffTar, + metadata.DeletedFilesFile, + metadata.NetworkStatusFile, + metadata.CheckpointDirectory, + }, + } + if err = archive.Untar(archiveFile, destination, options); err != nil { + return errors.Wrapf(err, "Unpacking of checkpoint archive %s failed", input) + } + + return nil +} + // CRRemoveDeletedFiles loads the list of deleted files and if // it exists deletes all files listed. func CRRemoveDeletedFiles(id, baseDirectory, containerRootDirectory string) error { @@ -200,3 +232,26 @@ func CRRuntimeSupportsPodCheckpointRestore(runtimePath string) bool { out, _ := cmd.CombinedOutput() return bytes.Contains(out, []byte("flag needs an argument")) } + +// CRGetRuntimeFromArchive extracts the checkpoint metadata from the +// given checkpoint archive and returns the runtime used to create +// the given checkpoint archive. +func CRGetRuntimeFromArchive(input string) (*string, error) { + dir, err := ioutil.TempDir("", "checkpoint") + if err != nil { + return nil, err + } + defer os.RemoveAll(dir) + + if err := CRImportCheckpointConfigOnly(dir, input); err != nil { + return nil, err + } + + // Load config.dump from temporary directory + ctrConfig := new(metadata.ContainerConfig) + if _, err = metadata.ReadJSONFile(ctrConfig, dir, metadata.ConfigDumpFile); err != nil { + return nil, err + } + + return &ctrConfig.OCIRuntime, nil +} diff --git a/pkg/domain/entities/generate.go b/pkg/domain/entities/generate.go index dfb5bfc6c..7e80e5d2d 100644 --- a/pkg/domain/entities/generate.go +++ b/pkg/domain/entities/generate.go @@ -10,6 +10,8 @@ type GenerateSystemdOptions struct { New bool // RestartPolicy - systemd restart policy. RestartPolicy *string + // StartTimeout - time when starting the container. + StartTimeout *uint // StopTimeout - time when stopping the container. StopTimeout *uint // ContainerPrefix - systemd unit name prefix for containers diff --git a/pkg/domain/infra/abi/generate.go b/pkg/domain/infra/abi/generate.go index a4d6bcf86..0defa1923 100644 --- a/pkg/domain/infra/abi/generate.go +++ b/pkg/domain/infra/abi/generate.go @@ -124,6 +124,14 @@ func (ic *ContainerEngine) GenerateKube(ctx context.Context, nameOrIDs []string, if err != nil { return nil, err } + if len(po.Spec.Volumes) != 0 { + warning := ` +# NOTE: If you generated this yaml from an unprivileged and rootless podman container on an SELinux +# enabled system, check the podman generate kube man page for steps to follow to ensure that your pod/container +# has the right permissions to access the volumes added. +` + content = append(content, []byte(warning)) + } b, err := generateKubeYAML(libpod.ConvertV1PodToYAMLPod(po)) if err != nil { return nil, err diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go index cfb674b6d..90eb6abeb 100644 --- a/pkg/domain/infra/runtime_libpod.go +++ b/pkg/domain/infra/runtime_libpod.go @@ -236,6 +236,11 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo options = append(options, libpod.WithRegistriesConf(cfg.RegistriesConf)) } + // no need to handle the error, it will return false anyway + if syslog, _ := fs.GetBool("syslog"); syslog { + options = append(options, libpod.WithSyslog()) + } + // TODO flag to set CNI plugins dir? if !opts.withFDS { diff --git a/pkg/domain/infra/tunnel/generate.go b/pkg/domain/infra/tunnel/generate.go index 3a35dd59c..d62a318d6 100644 --- a/pkg/domain/infra/tunnel/generate.go +++ b/pkg/domain/infra/tunnel/generate.go @@ -8,14 +8,18 @@ import ( ) func (ic *ContainerEngine) GenerateSystemd(ctx context.Context, nameOrID string, opts entities.GenerateSystemdOptions) (*entities.GenerateSystemdReport, error) { - options := new(generate.SystemdOptions).WithUseName(opts.Name).WithContainerPrefix(opts.ContainerPrefix).WithNew(opts.New).WithNoHeader(opts.NoHeader).WithTemplateUnitFile(opts.TemplateUnitFile) - options.WithPodPrefix(opts.PodPrefix).WithSeparator(opts.Separator) - if opts.RestartPolicy != nil { - options.WithRestartPolicy(*opts.RestartPolicy) + options := new(generate.SystemdOptions).WithUseName(opts.Name).WithContainerPrefix(opts.ContainerPrefix).WithNew(opts.New).WithNoHeader(opts.NoHeader).WithTemplateUnitFile(opts.TemplateUnitFile).WithPodPrefix(opts.PodPrefix).WithSeparator(opts.Separator) + + if opts.StartTimeout != nil { + options.WithStartTimeout(*opts.StartTimeout) } - if to := opts.StopTimeout; to != nil { + if opts.StopTimeout != nil { options.WithStopTimeout(*opts.StopTimeout) } + if opts.RestartPolicy != nil { + options.WithRestartPolicy(*opts.RestartPolicy) + } + return generate.Systemd(ic.ClientCtx, nameOrID, options) } diff --git a/pkg/specgen/generate/ports.go b/pkg/specgen/generate/ports.go index 53a5e5697..b60cc1e98 100644 --- a/pkg/specgen/generate/ports.go +++ b/pkg/specgen/generate/ports.go @@ -5,7 +5,6 @@ import ( "fmt" "net" "sort" - "strconv" "strings" "github.com/containers/common/libimage" @@ -13,6 +12,7 @@ import ( "github.com/containers/podman/v3/utils" "github.com/containers/podman/v3/pkg/specgen" + "github.com/containers/podman/v3/pkg/specgenutil" "github.com/containers/podman/v3/pkg/util" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -410,31 +410,13 @@ func checkProtocol(protocol string, allowSCTP bool) ([]string, error) { } func GenExposedPorts(exposedPorts map[string]struct{}) (map[uint16]string, error) { - expose := make(map[uint16]string, len(exposedPorts)) - for imgExpose := range exposedPorts { - // Expose format is portNumber[/protocol] - splitExpose := strings.SplitN(imgExpose, "/", 2) - num, err := strconv.Atoi(splitExpose[0]) - if err != nil { - return nil, errors.Wrapf(err, "unable to convert image EXPOSE statement %q to port number", imgExpose) - } - if num > 65535 || num < 1 { - return nil, errors.Errorf("%d from image EXPOSE statement %q is not a valid port number", num, imgExpose) - } - - // No need to validate protocol, we'll do it later. - newProto := "tcp" - if len(splitExpose) == 2 { - newProto = splitExpose[1] - } - - proto := expose[uint16(num)] - if len(proto) > 1 { - proto = proto + "," + newProto - } else { - proto = newProto - } - expose[uint16(num)] = proto + expose := make([]string, 0, len(exposedPorts)) + for e := range exposedPorts { + expose = append(expose, e) + } + toReturn, err := specgenutil.CreateExpose(expose) + if err != nil { + return nil, errors.Wrapf(err, "unable to convert image EXPOSE") } - return expose, nil + return toReturn, nil } diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go index c110b9e97..7a572e730 100644 --- a/pkg/specgenutil/specgen.go +++ b/pkg/specgenutil/specgen.go @@ -314,7 +314,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions s.Pod = podID } - expose, err := createExpose(c.Expose) + expose, err := CreateExpose(c.Expose) if err != nil { return err } diff --git a/pkg/specgenutil/util.go b/pkg/specgenutil/util.go index b47082b7f..6b564c60e 100644 --- a/pkg/specgenutil/util.go +++ b/pkg/specgenutil/util.go @@ -53,11 +53,11 @@ func ParseFilters(filter []string) (map[string][]string, error) { return filters, nil } -// createExpose parses user-provided exposed port definitions and converts them +// CreateExpose parses user-provided exposed port definitions and converts them // into SpecGen format. // TODO: The SpecGen format should really handle ranges more sanely - we could // be massively inflating what is sent over the wire with a large range. -func createExpose(expose []string) (map[uint16]string, error) { +func CreateExpose(expose []string) (map[uint16]string, error) { toReturn := make(map[uint16]string) for _, e := range expose { @@ -295,6 +295,7 @@ func CreateExitCommandArgs(storageConfig storageTypes.StoreOptions, config *conf "--cgroup-manager", config.Engine.CgroupManager, "--tmpdir", config.Engine.TmpDir, "--cni-config-dir", config.Network.NetworkConfigDir, + "--network-backend", config.Network.NetworkBackend, } if config.Engine.OCIRuntime != "" { command = append(command, []string{"--runtime", config.Engine.OCIRuntime}...) diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go index 95ff13371..2fdec5fb1 100644 --- a/pkg/systemd/generate/containers.go +++ b/pkg/systemd/generate/containers.go @@ -73,6 +73,8 @@ type containerInfo struct { ExecStartPre string // ExecStart of the unit. ExecStart string + // TimeoutStartSec of the unit. + TimeoutStartSec uint // TimeoutStopSec of the unit. TimeoutStopSec uint // ExecStop of the unit. @@ -109,6 +111,9 @@ Restart={{{{.RestartPolicy}}}} {{{{- if .StartLimitBurst}}}} StartLimitBurst={{{{.StartLimitBurst}}}} {{{{- end}}}} +{{{{- if ne .TimeoutStartSec 0}}}} +TimeoutStartSec={{{{.TimeoutStartSec}}}} +{{{{- end}}}} TimeoutStopSec={{{{.TimeoutStopSec}}}} {{{{- if .ExecStartPre}}}} ExecStartPre={{{{.ExecStartPre}}}} @@ -148,9 +153,14 @@ func ContainerUnit(ctr *libpod.Container, options entities.GenerateSystemdOption } func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSystemdOptions) (*containerInfo, error) { - timeout := ctr.StopTimeout() + stopTimeout := ctr.StopTimeout() if options.StopTimeout != nil { - timeout = *options.StopTimeout + stopTimeout = *options.StopTimeout + } + + startTimeout := uint(0) + if options.StartTimeout != nil { + startTimeout = *options.StartTimeout } config := ctr.Config() @@ -185,7 +195,8 @@ func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSyste ContainerNameOrID: nameOrID, RestartPolicy: define.DefaultRestartPolicy, PIDFile: conmonPidFile, - StopTimeout: timeout, + TimeoutStartSec: startTimeout, + StopTimeout: stopTimeout, GenerateTimestamp: true, CreateCommand: createCommand, RunRoot: runRoot, diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go index 38f7e8e3e..f4cc31c8e 100644 --- a/pkg/systemd/generate/pods.go +++ b/pkg/systemd/generate/pods.go @@ -195,9 +195,9 @@ func generatePodInfo(pod *libpod.Pod, options entities.GenerateSystemdOptions) ( return nil, errors.Wrap(err, "could not find infra container") } - timeout := infraCtr.StopTimeout() + stopTimeout := infraCtr.StopTimeout() if options.StopTimeout != nil { - timeout = *options.StopTimeout + stopTimeout = *options.StopTimeout } config := infraCtr.Config() @@ -223,7 +223,7 @@ func generatePodInfo(pod *libpod.Pod, options entities.GenerateSystemdOptions) ( ServiceName: serviceName, InfraNameOrID: ctrNameOrID, PIDFile: conmonPidFile, - StopTimeout: timeout, + StopTimeout: stopTimeout, GenerateTimestamp: true, CreateCommand: createCommand, } |