summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Remove parent cgroup we create with cgroupfsMatthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Place Conmon and Container in separate CGroupsMatthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Add --cgroup-manager flag to Podman binaryMatthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Major fixes to systemd cgroup handlingMatthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Skip systemd-style CGroups testMatthew Heon2018-05-11
| | | | | | | | | | Until we get Systemd cgroup manager working, this will cause a validation error. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Alter CGroup path handling for 'podman top'Matthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Add validation for CGroup parents. Pass CGroups path into runcMatthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* vendor/github.com/docker/docker/hack: Remove unused directoryW. Trevor King2018-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This directory just had Markdown and vendor.conf. I'm not sure why we have it in our version control, maybe old versions of vndr kept it? Or maybe folk dropped it into vendor/ by hand without using vndr? The history of that vendored directory is: * 619637a9 (Handle Linux Capabilities from command line, 2017-11-03, #17) added the three files to our version control. * c344fe61 (Update vendoring, 2017-11-22, #60) bumped hack/README.md. * af64e104 (Vendor in lots of kubernetes stuff to shrink image size, 2018-03-26, #554) bumped hack/README.md. * 27107fda (Vendor in latest containers/image and contaners/storage, 2018-04-18, #509) removed the files. * a824186a (Use buildah commit and bud in podman, 2018-04-25, #681) added the files back. * I'm removing them again in this commit. With this commit, $ vndr github.com/docker/docker becomes a no-op. Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #752 Approved by: baude
* varlink infobaude2018-05-11
| | | | | | | | | | The varlinfo info returns the same information as podman info but always includes the so-called debug information. Signed-off-by: baude <bbaude@redhat.com> Closes: #745 Approved by: baude
* vendor.conf: Bump containerd/cgroups to 77e62851W. Trevor King2018-05-11
| | | | | | | | | | | | | | | | | | | | vendor.conf has been pinned at containerd/cgroups@7a5fdd83 (Merge pull request #26 from onorua/error-ignore-example, 2017-08-24) since libpod forked from CRI-O with a031b83a (Initial checkin from CRI-O repo, 2017-11-01). The content in vendor/github.com/containerd/cgroups was bumped to containerd/cgroups@77e62851 (Use /proc/diskstats to get device names, 2018-01-31) in ae89dc28 (Update containerd/cgroups repo fix perf issue, 2018-02-01, #284), but ae89dc28 forgot to update vendor.conf. With this commit: $ vndr github.com/containerd/cgroups no longer changes anything under vendor/github.com/containerd/cgroups. Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #749 Approved by: mheon
* vendor.conf: Bump CNI to v0.6.0W. Trevor King2018-05-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Neither the nominal version nor vendored content had changed since a031b83a (Initial checkin from CRI-O repo, 2017-11-01): $ git ls-tree origin/master -- vendor/github.com/containernetworking/cni 040000 tree 744c091cc1dbb869b2cf714cf6b5e8d33fe17d9c vendor/github.com/containernetworking/cni $ git ls-tree a031b83a -- vendor/github.com/containernetworking/cni 040000 tree 744c091cc1dbb869b2cf714cf6b5e8d33fe17d9c vendor/github.com/containernetworking/cni $ git grep /cni a031b83a -- vendor.conf a031b83a:vendor.conf:github.com/containernetworking/cni v0.4.0 I'm not quite sure which upstream version the old vendored content came from, but it certainly wasn't v0.4.0. I've bumped our nominal version to v0.6.0 and re-vendored with: $ vndr github.com/containernetworking/cni $ git add -A vendor/github.com/containernetworking/cni to generate this commit. The only change to the vendored content is text in the README (unlikely to break anything ;), and sitting on an upstream tag is nice, so I think this is good enough. Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #750 Approved by: mheon
* Dont eat the pull error message for varlinkbaude2018-05-10
| | | | | | | | | When using varlink to pull an image, we should expose the actual error to the caller. Signed-off-by: baude <bbaude@redhat.com> Closes: #744 Approved by: rhatdan
* podman push should honor registries.confbaude2018-05-10
| | | | | | | | | | | Like podman pull, when you push an image, podman should check if the registry is listed as insecure and if so, it should --tls-verify=false unless the user overrides this. Signed-off-by: baude <bbaude@redhat.com> Closes: #738 Approved by: mheon
* alphabetize the varlink methods, types, and errors in the docsbaude2018-05-10
| | | | | | | | | | | | We have decided to alphabetize things in the API documentation to help users find things easier. It also solves an issue where when being made, the API.md doc would remake itself in a different order resulting in massive diffs in the pull requests but no new content. Signed-off-by: baude <bbaude@redhat.com> Closes: #739 Approved by: baude
* Add missing newline to podman portMatthew Heon2018-05-10
| | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #741 Approved by: giuseppe
* Generate varlink API documentation automaticallybaude2018-05-08
| | | | | | | | | | Using varlink's idl parser, we generate API documentation for the podman API relying on the .varlink file as the source. Signed-off-by: baude <bbaude@redhat.com> Closes: #734 Approved by: baude
* Allow streaming on some varlink container methodsbaude2018-05-08
| | | | | | | | | | | | | | | The following methods should support streaming requests from the client: * GetContainerLogs A reference for a python stream implementation can be found here: https://github.com/varlink/python/blob/master/varlink/tests/test_orgexamplemore.py#L29-L42 Signed-off-by: baude <bbaude@redhat.com> Closes: #724 Approved by: mheon
* Remove extra close from attach resize channelMatthew Heon2018-05-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #733 Approved by: umohnani8
* Vendor in latest containers/storage fix for UserNSDaniel J Walsh2018-05-07
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #732 Approved by: mheon
* container.go: fix lint errorGiuseppe Scrivano2018-05-05
| | | | | | | | | | | the error was: libpod/container.go:219::error: struct field tag `json:"groups, omitempty"` not compatible with reflect.StructTag.Get: suspicious space in struct tag value (vet) Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #729 Approved by: baude
* Dockerfile.Fedora: use fedora:28 instead of fedora:27Giuseppe Scrivano2018-05-05
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #729 Approved by: baude
* Fix calculation of RunningFor in ps json outputMatthew Heon2018-05-05
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #727 Approved by: rhatdan
* Should not error out if container no longer exists in ociDaniel J Walsh2018-05-04
| | | | | | | | | | This prevents you from cleaning up the container database, if some how runc and friends db gets screwed up. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #725 Approved by: mheon
* Make invalid state nonfatal when cleaning up in runMatthew Heon2018-05-04
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #726 Approved by: baude
* test/e2e/run_userns_test.go: new fileGiuseppe Scrivano2018-05-04
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #690 Approved by: mheon
* podman, userNS: configure an intermediate mount namespaceGiuseppe Scrivano2018-05-04
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #690 Approved by: mheon
* networking, userNS: configure the network namespace after createGiuseppe Scrivano2018-05-04
| | | | | | | | | | | so that the OCI runtime creates the network namespace from the correct userNS. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #690 Approved by: mheon
* Begin wiring in USERNS Support into podmanDaniel J Walsh2018-05-04
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #690 Approved by: mheon
* Merge pull request #722 from mheon/bump_0_5_1Matthew Heon2018-05-04
|\ | | | | Bump to v0.5.1
| * Bump gitvalidation epochMatthew Heon2018-05-04
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.5.2-devMatthew Heon2018-05-04
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.5.1v0.5.1Matthew Heon2018-05-04
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Fix pulling from secure registrybaude2018-05-04
| | | | | | | | | | when pulling from a secure registry that is documented in registries.conf, we should be able to pull without tls-verify=false Signed-off-by: baude <bbaude@redhat.com> Closes: #718 Approved by: rhatdan
* Optionally init() during container restartMatthew Heon2018-05-04
| | | | | | | | | | | This allows us to restart containers that have never been started without error. This makes RestartWithTimeout work with running, stopped, and created containers. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #719 Approved by: rhatdan
* bashcompletion enhancementsbaude2018-05-03
| | | | | | | | | | | * now all podman subcommands can be completed * images can be completed when run as root (not sudo) * bug corrected that made podman_top and podman_tag Signed-off-by: baude <bbaude@redhat.com> Closes: #716 Approved by: mheon
* Add directory for systemd socket and service if not presentTomSweeneyRedHat2018-05-03
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #717 Approved by: baude
* varlink containersbaude2018-05-03
| | | | | | | | | | | | | first pass at adding in the container related endpoints/methods for the libpod backend. Couple of important notes: * endpoints that can use a console are not going to be done until we have "remote" console * several of the container methods should probably be able to stream as opposed to a one-off return Signed-off-by: baude <bbaude@redhat.com> Closes: #708 Approved by: baude
* Make podman commit to localhost rather then docker.ioDaniel J Walsh2018-05-03
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #715 Approved by: mheon
* Trivial refactor on volume additionMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* When adding volumes to DB, handle nontrivial casesMatthew Heon2018-05-03
| | | | | | | | | | We want to make sure we don't add anything but the host volume, and the volumes can include options and container locations. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Add accessors for new image fields in container configMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Store user Volumes, Entrypoint, Command in databaseMatthew Heon2018-05-03
| | | | | | | | | | | We need these for commit, and they cannot be properly deduced from just the OCI spec, so save them in the database so we can retrieve them for commit. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Further fix Godoc comments in options.goMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Update hooks to use config bool to detect volume mountsMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Fix Godoc comments in options.goMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Add config bool to indicate there are user volumesMatthew Heon2018-05-03
| | | | | | | | | | This allows us to accurately trigger OCI hooks that trigger on the presence of volume mounts. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #700 Approved by: rhatdan
* Print the Buildah comment from commit to given writerMatthew Heon2018-05-03
| | | | | | | | | Much better than unconditionally dumping to stdout Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #706 Approved by: rhatdan
* Do not print unnecessary Buildah details during commitMatthew Heon2018-05-03
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #706 Approved by: rhatdan
* remove options from create/run that we cannot supportbaude2018-05-02
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #711 Approved by: rhatdan
* fix typos in the inspect json structsbaude2018-05-02
| | | | | | | | | Resolves: #633 Signed-off-by: baude <bbaude@redhat.com> Closes: #710 Approved by: rhatdan