aboutsummaryrefslogtreecommitdiff
path: root/pkg
diff options
context:
space:
mode:
Diffstat (limited to 'pkg')
-rw-r--r--pkg/api/handlers/compat/images_build.go9
-rw-r--r--pkg/api/handlers/libpod/generate.go3
-rw-r--r--pkg/api/server/register_generate.go9
-rw-r--r--pkg/api/server/register_images.go7
-rw-r--r--pkg/bindings/generate/types.go2
-rw-r--r--pkg/bindings/generate/types_systemd_options.go15
-rw-r--r--pkg/checkpoint/checkpoint_restore.go26
-rw-r--r--pkg/checkpoint/crutils/checkpoint_restore_utils.go55
-rw-r--r--pkg/domain/entities/generate.go2
-rw-r--r--pkg/domain/infra/abi/generate.go8
-rw-r--r--pkg/domain/infra/runtime_libpod.go5
-rw-r--r--pkg/domain/infra/tunnel/generate.go14
-rw-r--r--pkg/specgen/generate/ports.go36
-rw-r--r--pkg/specgenutil/specgen.go2
-rw-r--r--pkg/specgenutil/util.go5
-rw-r--r--pkg/systemd/generate/containers.go17
-rw-r--r--pkg/systemd/generate/pods.go6
17 files changed, 154 insertions, 67 deletions
diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go
index 6152f1c02..7bbc4b99c 100644
--- a/pkg/api/handlers/compat/images_build.go
+++ b/pkg/api/handlers/compat/images_build.go
@@ -134,6 +134,15 @@ func BuildImage(w http.ResponseWriter, r *http.Request) {
return
}
+ // if layers field not set assume its not from a valid podman-client
+ // could be a docker client, set `layers=true` since that is the default
+ // expected behviour
+ if !utils.IsLibpodRequest(r) {
+ if _, found := r.URL.Query()["layers"]; !found {
+ query.Layers = true
+ }
+ }
+
// convert addcaps formats
var addCaps = []string{}
if _, found := r.URL.Query()["addcaps"]; found {
diff --git a/pkg/api/handlers/libpod/generate.go b/pkg/api/handlers/libpod/generate.go
index 5205d875d..1411c680e 100644
--- a/pkg/api/handlers/libpod/generate.go
+++ b/pkg/api/handlers/libpod/generate.go
@@ -23,10 +23,12 @@ func GenerateSystemd(w http.ResponseWriter, r *http.Request) {
TemplateUnitFile bool `schema:"templateUnitFile"`
RestartPolicy *string `schema:"restartPolicy"`
StopTimeout uint `schema:"stopTimeout"`
+ StartTimeout uint `schema:"startTimeout"`
ContainerPrefix string `schema:"containerPrefix"`
PodPrefix string `schema:"podPrefix"`
Separator string `schema:"separator"`
}{
+ StartTimeout: 0,
StopTimeout: util.DefaultContainerConfig().Engine.StopTimeout,
ContainerPrefix: "container",
PodPrefix: "pod",
@@ -46,6 +48,7 @@ func GenerateSystemd(w http.ResponseWriter, r *http.Request) {
NoHeader: query.NoHeader,
TemplateUnitFile: query.TemplateUnitFile,
RestartPolicy: query.RestartPolicy,
+ StartTimeout: &query.StartTimeout,
StopTimeout: &query.StopTimeout,
ContainerPrefix: query.ContainerPrefix,
PodPrefix: query.PodPrefix,
diff --git a/pkg/api/server/register_generate.go b/pkg/api/server/register_generate.go
index e10c7029c..0e36394cf 100644
--- a/pkg/api/server/register_generate.go
+++ b/pkg/api/server/register_generate.go
@@ -37,10 +37,15 @@ func (s *APIServer) registerGenerateHandlers(r *mux.Router) error {
// default: false
// description: Do not generate the header including the Podman version and the timestamp.
// - in: query
- // name: time
+ // name: startTimeout
+ // type: integer
+ // default: 0
+ // description: Start timeout in seconds.
+ // - in: query
+ // name: stopTimeout
// type: integer
// default: 10
- // description: Stop timeout override.
+ // description: Stop timeout in seconds.
// - in: query
// name: restartPolicy
// default: on-failure
diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go
index 38ceea271..bf8eeef40 100644
--- a/pkg/api/server/register_images.go
+++ b/pkg/api/server/register_images.go
@@ -1523,6 +1523,13 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
// JSON map of key, value pairs to set as labels on the new image
// (As of version 1.xx)
// - in: query
+ // name: layers
+ // type: boolean
+ // default: true
+ // description: |
+ // Cache intermediate layers during build.
+ // (As of version 1.xx)
+ // - in: query
// name: networkmode
// type: string
// default: bridge
diff --git a/pkg/bindings/generate/types.go b/pkg/bindings/generate/types.go
index 6f2594604..092474e4a 100644
--- a/pkg/bindings/generate/types.go
+++ b/pkg/bindings/generate/types.go
@@ -20,6 +20,8 @@ type SystemdOptions struct {
TemplateUnitFile *bool
// RestartPolicy - systemd restart policy.
RestartPolicy *string
+ // StartTimeout - time when starting the container.
+ StartTimeout *uint
// StopTimeout - time when stopping the container.
StopTimeout *uint
// ContainerPrefix - systemd unit name prefix for containers
diff --git a/pkg/bindings/generate/types_systemd_options.go b/pkg/bindings/generate/types_systemd_options.go
index b26aa7fc2..d60f1d70e 100644
--- a/pkg/bindings/generate/types_systemd_options.go
+++ b/pkg/bindings/generate/types_systemd_options.go
@@ -92,6 +92,21 @@ func (o *SystemdOptions) GetRestartPolicy() string {
return *o.RestartPolicy
}
+// WithStartTimeout set field StartTimeout to given value
+func (o *SystemdOptions) WithStartTimeout(value uint) *SystemdOptions {
+ o.StartTimeout = &value
+ return o
+}
+
+// GetStartTimeout returns value of field StartTimeout
+func (o *SystemdOptions) GetStartTimeout() uint {
+ if o.StartTimeout == nil {
+ var z uint
+ return z
+ }
+ return *o.StartTimeout
+}
+
// WithStopTimeout set field StopTimeout to given value
func (o *SystemdOptions) WithStopTimeout(value uint) *SystemdOptions {
o.StopTimeout = &value
diff --git a/pkg/checkpoint/checkpoint_restore.go b/pkg/checkpoint/checkpoint_restore.go
index 85fe6a77e..c371adf5b 100644
--- a/pkg/checkpoint/checkpoint_restore.go
+++ b/pkg/checkpoint/checkpoint_restore.go
@@ -6,7 +6,6 @@ import (
"os"
metadata "github.com/checkpoint-restore/checkpointctl/lib"
- "github.com/checkpoint-restore/go-criu/v5/stats"
"github.com/containers/common/libimage"
"github.com/containers/common/pkg/config"
"github.com/containers/podman/v3/libpod"
@@ -14,10 +13,8 @@ import (
"github.com/containers/podman/v3/pkg/checkpoint/crutils"
"github.com/containers/podman/v3/pkg/criu"
"github.com/containers/podman/v3/pkg/domain/entities"
- "github.com/containers/podman/v3/pkg/errorhandling"
"github.com/containers/podman/v3/pkg/specgen/generate"
"github.com/containers/podman/v3/pkg/specgenutil"
- "github.com/containers/storage/pkg/archive"
spec "github.com/opencontainers/runtime-spec/specs-go"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -30,24 +27,6 @@ import (
func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOptions entities.RestoreOptions) ([]*libpod.Container, error) {
// First get the container definition from the
// tarball to a temporary directory
- archiveFile, err := os.Open(restoreOptions.Import)
- if err != nil {
- return nil, errors.Wrap(err, "failed to open checkpoint archive for import")
- }
- defer errorhandling.CloseQuiet(archiveFile)
- options := &archive.TarOptions{
- // Here we only need the files config.dump and spec.dump
- ExcludePatterns: []string{
- "volumes",
- "ctr.log",
- "artifacts",
- stats.StatsDump,
- metadata.RootFsDiffTar,
- metadata.DeletedFilesFile,
- metadata.NetworkStatusFile,
- metadata.CheckpointDirectory,
- },
- }
dir, err := ioutil.TempDir("", "checkpoint")
if err != nil {
return nil, err
@@ -57,9 +36,8 @@ func CRImportCheckpoint(ctx context.Context, runtime *libpod.Runtime, restoreOpt
logrus.Errorf("Could not recursively remove %s: %q", dir, err)
}
}()
- err = archive.Untar(archiveFile, dir, options)
- if err != nil {
- return nil, errors.Wrapf(err, "Unpacking of checkpoint archive %s failed", restoreOptions.Import)
+ if err := crutils.CRImportCheckpointConfigOnly(dir, restoreOptions.Import); err != nil {
+ return nil, err
}
// Load spec.dump from temporary directory
diff --git a/pkg/checkpoint/crutils/checkpoint_restore_utils.go b/pkg/checkpoint/crutils/checkpoint_restore_utils.go
index 3b77368bb..2765d18e8 100644
--- a/pkg/checkpoint/crutils/checkpoint_restore_utils.go
+++ b/pkg/checkpoint/crutils/checkpoint_restore_utils.go
@@ -3,11 +3,13 @@ package crutils
import (
"bytes"
"io"
+ "io/ioutil"
"os"
"os/exec"
"path/filepath"
metadata "github.com/checkpoint-restore/checkpointctl/lib"
+ "github.com/checkpoint-restore/go-criu/v5/stats"
"github.com/containers/storage/pkg/archive"
"github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
@@ -39,6 +41,36 @@ func CRImportCheckpointWithoutConfig(destination, input string) error {
return nil
}
+// CRImportCheckpointConfigOnly only imports the checkpoint configuration
+// from the checkpoint archive (input) into the directory destination.
+// Only the files "config.dump" and "spec.dump" are extracted.
+func CRImportCheckpointConfigOnly(destination, input string) error {
+ archiveFile, err := os.Open(input)
+ if err != nil {
+ return errors.Wrapf(err, "Failed to open checkpoint archive %s for import", input)
+ }
+
+ defer archiveFile.Close()
+ options := &archive.TarOptions{
+ // Here we only need the files config.dump and spec.dump
+ ExcludePatterns: []string{
+ "volumes",
+ "ctr.log",
+ "artifacts",
+ stats.StatsDump,
+ metadata.RootFsDiffTar,
+ metadata.DeletedFilesFile,
+ metadata.NetworkStatusFile,
+ metadata.CheckpointDirectory,
+ },
+ }
+ if err = archive.Untar(archiveFile, destination, options); err != nil {
+ return errors.Wrapf(err, "Unpacking of checkpoint archive %s failed", input)
+ }
+
+ return nil
+}
+
// CRRemoveDeletedFiles loads the list of deleted files and if
// it exists deletes all files listed.
func CRRemoveDeletedFiles(id, baseDirectory, containerRootDirectory string) error {
@@ -200,3 +232,26 @@ func CRRuntimeSupportsPodCheckpointRestore(runtimePath string) bool {
out, _ := cmd.CombinedOutput()
return bytes.Contains(out, []byte("flag needs an argument"))
}
+
+// CRGetRuntimeFromArchive extracts the checkpoint metadata from the
+// given checkpoint archive and returns the runtime used to create
+// the given checkpoint archive.
+func CRGetRuntimeFromArchive(input string) (*string, error) {
+ dir, err := ioutil.TempDir("", "checkpoint")
+ if err != nil {
+ return nil, err
+ }
+ defer os.RemoveAll(dir)
+
+ if err := CRImportCheckpointConfigOnly(dir, input); err != nil {
+ return nil, err
+ }
+
+ // Load config.dump from temporary directory
+ ctrConfig := new(metadata.ContainerConfig)
+ if _, err = metadata.ReadJSONFile(ctrConfig, dir, metadata.ConfigDumpFile); err != nil {
+ return nil, err
+ }
+
+ return &ctrConfig.OCIRuntime, nil
+}
diff --git a/pkg/domain/entities/generate.go b/pkg/domain/entities/generate.go
index dfb5bfc6c..7e80e5d2d 100644
--- a/pkg/domain/entities/generate.go
+++ b/pkg/domain/entities/generate.go
@@ -10,6 +10,8 @@ type GenerateSystemdOptions struct {
New bool
// RestartPolicy - systemd restart policy.
RestartPolicy *string
+ // StartTimeout - time when starting the container.
+ StartTimeout *uint
// StopTimeout - time when stopping the container.
StopTimeout *uint
// ContainerPrefix - systemd unit name prefix for containers
diff --git a/pkg/domain/infra/abi/generate.go b/pkg/domain/infra/abi/generate.go
index a4d6bcf86..0defa1923 100644
--- a/pkg/domain/infra/abi/generate.go
+++ b/pkg/domain/infra/abi/generate.go
@@ -124,6 +124,14 @@ func (ic *ContainerEngine) GenerateKube(ctx context.Context, nameOrIDs []string,
if err != nil {
return nil, err
}
+ if len(po.Spec.Volumes) != 0 {
+ warning := `
+# NOTE: If you generated this yaml from an unprivileged and rootless podman container on an SELinux
+# enabled system, check the podman generate kube man page for steps to follow to ensure that your pod/container
+# has the right permissions to access the volumes added.
+`
+ content = append(content, []byte(warning))
+ }
b, err := generateKubeYAML(libpod.ConvertV1PodToYAMLPod(po))
if err != nil {
return nil, err
diff --git a/pkg/domain/infra/runtime_libpod.go b/pkg/domain/infra/runtime_libpod.go
index cfb674b6d..90eb6abeb 100644
--- a/pkg/domain/infra/runtime_libpod.go
+++ b/pkg/domain/infra/runtime_libpod.go
@@ -236,6 +236,11 @@ func getRuntime(ctx context.Context, fs *flag.FlagSet, opts *engineOpts) (*libpo
options = append(options, libpod.WithRegistriesConf(cfg.RegistriesConf))
}
+ // no need to handle the error, it will return false anyway
+ if syslog, _ := fs.GetBool("syslog"); syslog {
+ options = append(options, libpod.WithSyslog())
+ }
+
// TODO flag to set CNI plugins dir?
if !opts.withFDS {
diff --git a/pkg/domain/infra/tunnel/generate.go b/pkg/domain/infra/tunnel/generate.go
index 3a35dd59c..d62a318d6 100644
--- a/pkg/domain/infra/tunnel/generate.go
+++ b/pkg/domain/infra/tunnel/generate.go
@@ -8,14 +8,18 @@ import (
)
func (ic *ContainerEngine) GenerateSystemd(ctx context.Context, nameOrID string, opts entities.GenerateSystemdOptions) (*entities.GenerateSystemdReport, error) {
- options := new(generate.SystemdOptions).WithUseName(opts.Name).WithContainerPrefix(opts.ContainerPrefix).WithNew(opts.New).WithNoHeader(opts.NoHeader).WithTemplateUnitFile(opts.TemplateUnitFile)
- options.WithPodPrefix(opts.PodPrefix).WithSeparator(opts.Separator)
- if opts.RestartPolicy != nil {
- options.WithRestartPolicy(*opts.RestartPolicy)
+ options := new(generate.SystemdOptions).WithUseName(opts.Name).WithContainerPrefix(opts.ContainerPrefix).WithNew(opts.New).WithNoHeader(opts.NoHeader).WithTemplateUnitFile(opts.TemplateUnitFile).WithPodPrefix(opts.PodPrefix).WithSeparator(opts.Separator)
+
+ if opts.StartTimeout != nil {
+ options.WithStartTimeout(*opts.StartTimeout)
}
- if to := opts.StopTimeout; to != nil {
+ if opts.StopTimeout != nil {
options.WithStopTimeout(*opts.StopTimeout)
}
+ if opts.RestartPolicy != nil {
+ options.WithRestartPolicy(*opts.RestartPolicy)
+ }
+
return generate.Systemd(ic.ClientCtx, nameOrID, options)
}
diff --git a/pkg/specgen/generate/ports.go b/pkg/specgen/generate/ports.go
index 53a5e5697..b60cc1e98 100644
--- a/pkg/specgen/generate/ports.go
+++ b/pkg/specgen/generate/ports.go
@@ -5,7 +5,6 @@ import (
"fmt"
"net"
"sort"
- "strconv"
"strings"
"github.com/containers/common/libimage"
@@ -13,6 +12,7 @@ import (
"github.com/containers/podman/v3/utils"
"github.com/containers/podman/v3/pkg/specgen"
+ "github.com/containers/podman/v3/pkg/specgenutil"
"github.com/containers/podman/v3/pkg/util"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
@@ -410,31 +410,13 @@ func checkProtocol(protocol string, allowSCTP bool) ([]string, error) {
}
func GenExposedPorts(exposedPorts map[string]struct{}) (map[uint16]string, error) {
- expose := make(map[uint16]string, len(exposedPorts))
- for imgExpose := range exposedPorts {
- // Expose format is portNumber[/protocol]
- splitExpose := strings.SplitN(imgExpose, "/", 2)
- num, err := strconv.Atoi(splitExpose[0])
- if err != nil {
- return nil, errors.Wrapf(err, "unable to convert image EXPOSE statement %q to port number", imgExpose)
- }
- if num > 65535 || num < 1 {
- return nil, errors.Errorf("%d from image EXPOSE statement %q is not a valid port number", num, imgExpose)
- }
-
- // No need to validate protocol, we'll do it later.
- newProto := "tcp"
- if len(splitExpose) == 2 {
- newProto = splitExpose[1]
- }
-
- proto := expose[uint16(num)]
- if len(proto) > 1 {
- proto = proto + "," + newProto
- } else {
- proto = newProto
- }
- expose[uint16(num)] = proto
+ expose := make([]string, 0, len(exposedPorts))
+ for e := range exposedPorts {
+ expose = append(expose, e)
+ }
+ toReturn, err := specgenutil.CreateExpose(expose)
+ if err != nil {
+ return nil, errors.Wrapf(err, "unable to convert image EXPOSE")
}
- return expose, nil
+ return toReturn, nil
}
diff --git a/pkg/specgenutil/specgen.go b/pkg/specgenutil/specgen.go
index c110b9e97..7a572e730 100644
--- a/pkg/specgenutil/specgen.go
+++ b/pkg/specgenutil/specgen.go
@@ -314,7 +314,7 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *entities.ContainerCreateOptions
s.Pod = podID
}
- expose, err := createExpose(c.Expose)
+ expose, err := CreateExpose(c.Expose)
if err != nil {
return err
}
diff --git a/pkg/specgenutil/util.go b/pkg/specgenutil/util.go
index b47082b7f..6b564c60e 100644
--- a/pkg/specgenutil/util.go
+++ b/pkg/specgenutil/util.go
@@ -53,11 +53,11 @@ func ParseFilters(filter []string) (map[string][]string, error) {
return filters, nil
}
-// createExpose parses user-provided exposed port definitions and converts them
+// CreateExpose parses user-provided exposed port definitions and converts them
// into SpecGen format.
// TODO: The SpecGen format should really handle ranges more sanely - we could
// be massively inflating what is sent over the wire with a large range.
-func createExpose(expose []string) (map[uint16]string, error) {
+func CreateExpose(expose []string) (map[uint16]string, error) {
toReturn := make(map[uint16]string)
for _, e := range expose {
@@ -295,6 +295,7 @@ func CreateExitCommandArgs(storageConfig storageTypes.StoreOptions, config *conf
"--cgroup-manager", config.Engine.CgroupManager,
"--tmpdir", config.Engine.TmpDir,
"--cni-config-dir", config.Network.NetworkConfigDir,
+ "--network-backend", config.Network.NetworkBackend,
}
if config.Engine.OCIRuntime != "" {
command = append(command, []string{"--runtime", config.Engine.OCIRuntime}...)
diff --git a/pkg/systemd/generate/containers.go b/pkg/systemd/generate/containers.go
index 95ff13371..2fdec5fb1 100644
--- a/pkg/systemd/generate/containers.go
+++ b/pkg/systemd/generate/containers.go
@@ -73,6 +73,8 @@ type containerInfo struct {
ExecStartPre string
// ExecStart of the unit.
ExecStart string
+ // TimeoutStartSec of the unit.
+ TimeoutStartSec uint
// TimeoutStopSec of the unit.
TimeoutStopSec uint
// ExecStop of the unit.
@@ -109,6 +111,9 @@ Restart={{{{.RestartPolicy}}}}
{{{{- if .StartLimitBurst}}}}
StartLimitBurst={{{{.StartLimitBurst}}}}
{{{{- end}}}}
+{{{{- if ne .TimeoutStartSec 0}}}}
+TimeoutStartSec={{{{.TimeoutStartSec}}}}
+{{{{- end}}}}
TimeoutStopSec={{{{.TimeoutStopSec}}}}
{{{{- if .ExecStartPre}}}}
ExecStartPre={{{{.ExecStartPre}}}}
@@ -148,9 +153,14 @@ func ContainerUnit(ctr *libpod.Container, options entities.GenerateSystemdOption
}
func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSystemdOptions) (*containerInfo, error) {
- timeout := ctr.StopTimeout()
+ stopTimeout := ctr.StopTimeout()
if options.StopTimeout != nil {
- timeout = *options.StopTimeout
+ stopTimeout = *options.StopTimeout
+ }
+
+ startTimeout := uint(0)
+ if options.StartTimeout != nil {
+ startTimeout = *options.StartTimeout
}
config := ctr.Config()
@@ -185,7 +195,8 @@ func generateContainerInfo(ctr *libpod.Container, options entities.GenerateSyste
ContainerNameOrID: nameOrID,
RestartPolicy: define.DefaultRestartPolicy,
PIDFile: conmonPidFile,
- StopTimeout: timeout,
+ TimeoutStartSec: startTimeout,
+ StopTimeout: stopTimeout,
GenerateTimestamp: true,
CreateCommand: createCommand,
RunRoot: runRoot,
diff --git a/pkg/systemd/generate/pods.go b/pkg/systemd/generate/pods.go
index 38f7e8e3e..f4cc31c8e 100644
--- a/pkg/systemd/generate/pods.go
+++ b/pkg/systemd/generate/pods.go
@@ -195,9 +195,9 @@ func generatePodInfo(pod *libpod.Pod, options entities.GenerateSystemdOptions) (
return nil, errors.Wrap(err, "could not find infra container")
}
- timeout := infraCtr.StopTimeout()
+ stopTimeout := infraCtr.StopTimeout()
if options.StopTimeout != nil {
- timeout = *options.StopTimeout
+ stopTimeout = *options.StopTimeout
}
config := infraCtr.Config()
@@ -223,7 +223,7 @@ func generatePodInfo(pod *libpod.Pod, options entities.GenerateSystemdOptions) (
ServiceName: serviceName,
InfraNameOrID: ctrNameOrID,
PIDFile: conmonPidFile,
- StopTimeout: timeout,
+ StopTimeout: stopTimeout,
GenerateTimestamp: true,
CreateCommand: createCommand,
}