summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Fix pod sharing for utsmodeDaniel J Walsh2018-09-07
| | | | | | | | | | | | | We should be sharing cgroups namespace by default in pods uts namespace sharing was broken in pods. Create a new libpod/pkg/namespaces for handling of namespace fields in containers Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1418 Approved by: mheon
* Respect user-added mounts over default spec mountsMatthew Heon2018-09-07
| | | | | | | | | | | | | | When there was a conflict between a user-added volume and a mount already in the spec, we previously respected the mount already in the spec and discarded the user-added mount. This is counter to expected behavior - if I volume-mount /dev into the container, I epxect it will override the default /dev in the container, and not be ignored. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1419 Approved by: TomSweeneyRedHat
* Ensure we do not overlap mounts in the specMatthew Heon2018-09-07
| | | | | | | | | | | When user-specified volume mounts overlap with mounts already in the spec, remove the mount in the spec to ensure there are no conflicts. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1419 Approved by: TomSweeneyRedHat
* Change references to cri-o to point at new repositoryDaniel J Walsh2018-09-07
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1425 Approved by: mheon
* fix docs for podman buildbaude2018-09-07
| | | | | | | | | podman build docs should now reflect that the --layers default value is true. Signed-off-by: baude <bbaude@redhat.com> Closes: #1424 Approved by: mheon
* use layer cache when building imagesbaude2018-09-07
| | | | | | | | | | | | | | | | to more closely mimic docker default behavior, the --layers cli option is set to true by default for podman. the buildah environment variable of BUILDAH_LAYERS is still honored and will override the command line input. this should be considered in place of PR #1383. Many thanks for Scott McCarty for inspiring this welcome change. Signed-off-by: baude <bbaude@redhat.com> Closes: #1422 Approved by: rhatdan
* Add first pass for baseline pod testsbaude2018-09-07
| | | | | | | | | | | This bash script is meant to compliment the podman baseline test script. It primarily focuses on exercising the common actions of pods. Signed-off-by: baude <bbaude@redhat.com> Closes: #1421 Approved by: rhatdan
* Change shm test to be less flaky.Daniel J Walsh2018-09-07
| | | | | | | | | | | This tests fails a lot, I think because of a race condition. Changing to just make sure the inode of the /dev/shm on the host is the same as inside the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1420 Approved by: mheon
* Update WaitForTimeOut to output OutputString to help with debugging.Daniel J Walsh2018-09-06
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1416 Approved by: baude
* Fixups for baseline test scriptbaude2018-09-06
| | | | | | | | | | | Small amount of clean up on the baseline script to handle failing on error. I also added an option to not use docker at all for platoforms where docker cannot be installed. Signed-off-by: baude <bbaude@redhat.com> Closes: #1411 Approved by: rhatdan
* Fix nameing of Namespaces to be more consistentDaniel J Walsh2018-09-06
| | | | | | | | | | Figuring out the difference between a User and a USERNS as well as Cgroup and CGROUPNS Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1417 Approved by: TomSweeneyRedHat
* Start pod infra container when pod is createdbaude2018-09-06
| | | | | | | | | | | When we create a pod that also has an infra container, we should start the infra container automatically. This allows users to add running containers to the pod immediately. Signed-off-by: baude <bbaude@redhat.com> Closes: #1415 Approved by: rhatdan
* vendor containerd/cgroupsbaude2018-09-06
| | | | | | | | | | | We need to vendor in the latest containerd/cgroups for a fix related to slice delegation and systemd <= 239. The opencontainer/runtime-spec is brought along for the ride. Signed-off-by: baude <bbaude@redhat.com> Closes: #1414 Approved by: mheon
* Fix up libpod.conf man pages and referencese to it.Daniel J Walsh2018-09-06
| | | | | | | | | Remove podman --config option, since it does not do anything. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1410 Approved by: mheon
* Print errors from individual pull attemptsMatthew Heon2018-09-05
| | | | | | | | | | | Right now, we don't print errors from c/image while trying to pull images. This prints the errors when log-level=debug is set so we can debug errors while pulling. Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #1409 Approved by: baude
* Added GOPATH/bin to PATH install.mdTomSweeneyRedHat2018-09-05
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #1408 Approved by: rhatdan
* We should fail Podman with ExitCode 125 by defaultDaniel J Walsh2018-09-05
| | | | | | | | | | | | | | | | | | | | | | | | $ ./bin/podman --foo $ echo $? 125 $ ./bin/podman foo Command "foo" not found. See `podman --help`. $ echo $? 1 After this change $ ./bin/podman foo Command "foo" not found. See `podman --help`. $ echo $? 125 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1398 Approved by: vrothberg
* Add CRI logs parsing to podman logsumohnani82018-09-05
| | | | | | | | | | | Podman logs was not parsing CRI logs well, especially the F and P logs. Now using the same parsing code as in kube here. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #1403 Approved by: rhatdan
* rmi remove all not error when no images are presentbaude2018-09-05
| | | | | | | | | | When running podman rm -a on a storage where no images exist, the exit code should NOT be non-zero. Signed-off-by: baude <bbaude@redhat.com> Closes: #1402 Approved by: rhatdan
* rootless: check uid with Geteuid() instead of Getuid()Giuseppe Scrivano2018-09-04
| | | | | | | | | | | | change the tests to use chroot to set a numeric UID/GID. Go syscall.Credential doesn't change the effective UID/GID of the process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless, tests: add tests for the pod commandGiuseppe Scrivano2018-09-04
| | | | | | | | | | also refactor the rootless_test.go to facilitate running a test in a rootless context. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless, create: support --podGiuseppe Scrivano2018-09-04
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless, run: support --podGiuseppe Scrivano2018-09-04
| | | | | | | | | | move re-exec later on, so that we can check whether we need to join the infra container user namespace or we need to create another one. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless: create compatible pod infra containerGiuseppe Scrivano2018-09-04
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless: be in an userns to initialize the runtimeGiuseppe Scrivano2018-09-04
| | | | | | | | | | | be sure to be in an userns for a rootless process before initializing the runtime. In case we are not running as uid==0, take advantage of "podman info" that creates the runtime. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* commandNotFoundHandler: use stderr and exit code 1Valentin Rothberg2018-09-01
| | | | | | | | Fixes: #1395 Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1397 Approved by: mheon
* Merge pull request #1394 from mheon/bump-0.8.5Matthew Heon2018-08-31
|\ | | | | Bump to 0.8.5
| * Bump gitvalidation epochMatthew Heon2018-08-31
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.9.1-devMatthew Heon2018-08-31
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.5v0.8.5Matthew Heon2018-08-31
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Merge pull request #1393 from mheon/release_notes_0.8.5Matthew Heon2018-08-31
|\ \ | |/ |/| Update release notes for 0.8.5
| * Update release notes for 0.8.5Matthew Heon2018-08-31
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Merge pull request #1392 from mheon/up_wait_durationMatthew Heon2018-08-31
|\ | | | | Up time between checks for podman wait
| * Up time between checks for podman waitMatthew Heon2018-08-31
| | | | | | | | | | | | | | | | | | Prior to this patch, we were polling continuously to check if a container had died. This patch changes this to poll 10 times a second, which should be more than sufficient and drastically reduce CPU utilization. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Merge pull request #1318 from rhatdan/systemdMatthew Heon2018-08-31
|\ \ | | | | | | Add proper support for systemd inside of podman
| * | Add proper support for systemd inside of podmanDaniel J Walsh2018-08-31
|/ / | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | We are mistakenly seeing repos as registries.Daniel J Walsh2018-08-31
| | | | | | | | | | | | | | | | | | | | | | | | Currently `podman pull rhel7/rhel-tools` is failing because it sees rhel7 as a registry. This change will verify that the returned registry from the parser is actually a registry and not a repo, if a repo it will return the correct content, and we will pull the image. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1387 Approved by: mtrmac
* | container: resolve rootfs symlinksGiuseppe Scrivano2018-08-31
|/ | | | | | | | | | | | Prevent a runc error that doesn't like symlinks as part of the rootfs. Closes: https://github.com/containers/libpod/issues/1389 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1390 Approved by: rhatdan
* Turn on test debuggingJhon Honce2018-08-31
| | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1369 Approved by: rhatdan
* Add support for remote commandsJhon Honce2018-08-31
| | | | | | | | | | | | | | * Add support for commit, export, inspect, kill, logs, mount, pause port commands * Refactored Report class to allow column lengths to be optionally driven by data * Refactored Ps class to truncate image names on the left vs right * Bug fixes Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1369 Approved by: rhatdan
* fixup A few language changes and subuid(5)Naja Melan2018-08-31
| | | | | | | Signed-off-by: Naja Melan <najamelan@autistici.org> Closes: #1380 Approved by: rhatdan
* Make the documentation of user namespace options in podman-run clearerNaja Melan2018-08-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This proposes a more comprehensible man page. A number of things have been lost in translation and this should be reviewed: - the former docs from --userns say that it is disabled by default. I suppose that this is the same as --userns:host, but this should be confirmed. It also stated that is would use options like pid=host, which confuses me as pid namespaces are a totally different thing from user namespaces. It also mentions the enabling of --privileged. I think the difference between using --userns:host and not using any user namespace options at all is not clear and maybe not very logical. Also what would be the difference between using --userns:host and using --priveleged alone? - I found the syntax for --gidmap at the bottom of the man page in the examples. In the example it doesn't use '=', eg. podman run `--gidmap 0:30000:2000`. For consistency with the other options I have used '=' for now, but if it is optional, I would remove it everywhere, as less tokens is usually improved readability. For now the inconsistency remains between the options doc and the examples section. - It wasn't very clear to me whether one should hard wrap long lines or not as the contains a mix. - I haven't for now looked at user namespace options on other commands, but that should be done surely before merging. - I didn't know which command to run to generate the groff, so that needs doing still. from issue #1374 Signed-off-by: Naja Melan <najamelan@autistici.org> Signed-off-by: Naja Melan <najamelan@autistici.org> Closes: #1380 Approved by: rhatdan
* pod create: restore help flagValentin Rothberg2018-08-31
| | | | | | | | | | It is not necessary to hide podman-pod-create's help flag. Therefore, partially revert commit 6751b2c35040 to restore the help flag. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1379 Approved by: rhatdan
* catch command-not-found errorsValentin Rothberg2018-08-31
| | | | | | | | | | | | | | | | | | | | Add a special handler to catch errors caused by specifying unknown commands to Podman. This allows printing a more helpful error message. ``` $ podman Command "123123" not found. See `podman --help`. $ podman pod 123123 Command "123123" not found. See `podman pod --help`. ``` Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1379 Approved by: rhatdan
* don't print help message for usage errorsValentin Rothberg2018-08-31
| | | | | | | | | | | | | | | | | Don't print potentially verbose help messages in case of usage errors, but print only the usage error followed by a pointer to the command's help. This aligns with Docker. ``` $ podman run -h flag needs an argument: -h See 'podman run --help'. ``` Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1379 Approved by: rhatdan
* Vendor in latest containers/storage and containers/imageDaniel J Walsh2018-08-31
| | | | | | | | | | | | | Update container/image to address a commit error when copying layers and metadata. This change may require users to recreate containers. container/storage added some new lock protection to prevent possible deadlock and data corruption. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1381 Approved by: mheon
* Merge pull request #1382 from baude/addconmonBrent Baude2018-08-30
|\ | | | | add conmon to copr spec
| * add conmon to copr specbaude2018-08-30
|/ | | | | | | For COPR rpms, it is desirable to have conmon built into the podman RPM. No code is impacted. Signed-off-by: baude <bbaude@redhat.com>
* docs: consistent format for exampleValentin Rothberg2018-08-30
| | | | | | | | | | All bash examples are now placed in a code section (```). The PS1 prompt is set to `$`. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1375 Approved by: rhatdan
* docs: consistent headingsValentin Rothberg2018-08-30
| | | | | | | | | | | Base heading is level 2, which is identical to the level 1. However level 3 will be indendet which is used a lot in the `## EXAMPLES` sections. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1375 Approved by: rhatdan