summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #3176 from baude/resizechanbufferOpenShift Merge Robot2019-05-22
|\ | | | | make remote resize channel buffered
| * make remote resize channel bufferedbaude2019-05-21
| | | | | | | | | | | | | | | | | | | | | | when doing any sort of attach to a container, a sigwinch is sent followed by a resize event. this is fine for the local client but when doing things over the varlink, the first sigwinch is wiped out by the immediate resize event and is therefore lost. by making the channel buffered, both events are processed after the varlink connection is established. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #3177 from mheon/duplicate_volumesOpenShift Merge Robot2019-05-22
|\ \ | | | | | | When superceding mounts, check for opposite types
| * | Add test for image volume conflict with user volumeMatthew Heon2019-05-21
| | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | When superceding mounts, check for opposite typesMatthew Heon2019-05-21
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we supercede low-priority mounts and volumes (image volumes, and volumes sourced from --volumes-from) with higher-priority ones (the --volume and --mount flags), we always replaced lower-priority mounts of the same type (e.g. a user mount to /tmp/test1 would supercede a volumes-from mount to the same destination). However, we did not supercede the opposite type - a named volume from image volumes at /tmp/test1 would be allowed to remain and create a conflict, preventing container creation. Solve this by destroying opposite types before merging (we can't do it in the same loop, as then named volumes, which go second, might trample changes made by mounts). Fixes #3174 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #3173 from giuseppe/use-wait-for-fileOpenShift Merge Robot2019-05-21
|\ \ | | | | | | libpod: prefer WaitForFile to polling
| * | libpod: prefer WaitForFile to pollingGiuseppe Scrivano2019-05-21
| | | | | | | | | | | | | | | | | | | | | replace two usage of kwait.ExponentialBackoff in favor of WaitForFile that uses inotify when possible. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #3084 from giuseppe/rootless-pause-processOpenShift Merge Robot2019-05-21
|\ \ \ | | | | | | | | rootless: use a pause process to keep namespaces alive
| * | | troubleshooting.md: add note about updating subuid/subgidGiuseppe Scrivano2019-05-17
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | system: migrate stops the pause processGiuseppe Scrivano2019-05-17
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: join namespace immediately when possibleGiuseppe Scrivano2019-05-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add a shortcut for joining immediately the namespace so we don't need to re-exec Podman. With the pause process simplificaton, we can now attempt to join the namespaces as soon as Podman starts (and before the Go runtime kicks in), so that we don't need to re-exec and use just one process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: use a pause processGiuseppe Scrivano2019-05-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | use a pause process to keep the user and mount namespace alive. The pause process is created immediately on reload, and all successive Podman processes will refer to it for joining the user&mount namespace. This solves all the race conditions we had on joining the correct namespaces using the conmon processes. As a fallback if the join fails for any reason (e.g. the pause process was killed), then we try to join the running containers as we were doing before. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | migrate: not create a new namespaceGiuseppe Scrivano2019-05-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | this leaves the containers stopped but we won't risk to use the wrong user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #2561 from cevich/cirrus_test_imagesOpenShift Merge Robot2019-05-21
|\ \ \ \ | | | | | | | | | | Cirrus: Support testing of VM cache-image changes
| * | | | Cirrus: Fix missing CRIO_COMMIT -> CONMON_COMMITChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: workaround root expand failureChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Occasionally, and seemingly only on F29 the root disk fails to expand upon boot. When this happens, any number of failures could occur if space runs out. Until there is time to investigate the actual cause, workaround this problem by detecting it and acting accordingly. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Stub in F30 supportChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New base-image boots, a cache-image builds, but more work is needed for it to be prime-time ready. This commit just adds some updates to the scafolding necessary to build the base-image. Future work will make F30 more of a reality. Also add log-collection scripts to test image verification task Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: fixups based on review feedbackChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also remove disused distros (RHEL/CentOS/FAH) and fix get_ci_vm script Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Overhaul/Simplify env. var setupChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Run tests on test-built cache-imagesChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, add jq and catatonit installs to images. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Support testing of VM cache-image changesChris Evich2019-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, it was quite difficult to affect changes to VM cache images without lots of manual work. This commit adds a new optional testing task which mirrors the official-image build task which only runs on master. In contrast, the new task may be run at any time in a PR, but including a magic phrase in the PR description. Update documentation to describe the new task and inform on it's usage. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Remove "too new" runc hackChris Evich2019-05-21
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hack was to workaround not having fix for: https://bodhi.fedoraproject.org/updates/FEDORA-2019-b4356521ba Update `RUNC_COMMIT` value to match commit id to working package. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3168 from rhatdan/vendorMatthew Heon2019-05-21
|\ \ \ \ | | | | | | | | | | Update vendor of buildah and containers/images
| * | | | Update vendor of buildah and containers/imagesDaniel J Walsh2019-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mainly add support for podman build using --overlay mounts. Updates containers/image also adds better support for new registries.conf file. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #3167 from weirdwiz/filterOpenShift Merge Robot2019-05-21
|\ \ \ \ \ | |_|/ / / |/| | | | Minor fix filtering images by label
| * | | | Minor fix filtering images by labelDivyansh Kamboj2019-05-20
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Added test to avoid future regressions Fix #3163 Signed-off-by: Divyansh Kamboj <kambojdivyansh2000@gmail.com>
* | | | Merge pull request #3169 from giuseppe/rootless-empty-res-cgroup1OpenShift Merge Robot2019-05-21
|\ \ \ \ | |_|_|/ |/| | | rootless: force resources to be nil on cgroup v1
| * | | rootless: force resources to be nil on cgroup v1Giuseppe Scrivano2019-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | force the resources block to be empty instead of having default values. Regression introduced by 8e88461511e81d2327e4c1a1315bb58fda1827ca Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #3086 from TomSweeneyRedHat/dev/tsweeney/runorder3OpenShift Merge Robot2019-05-21
|\ \ \ \ | | | | | | | | | | Touchup run man page
| * | | | Touchup run man pageTomSweeneyRedHat2019-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Moves --help and combines the duplicate sections of help for uts and userns. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #3170 from TomSweeneyRedHat/dev/tsweeney/touchupinstallOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | | | | | | | | | | | | Remove conmon from fedora install instructions
| * | | | | Remove conmon from fedora install instructionsTomSweeneyRedHat2019-05-20
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | conmon package is no longer available, remove from install.md. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #3162 from giuseppe/fix-hang-waitforfileOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | |_|/ / / |/| | | | util: fix race condition in WaitForFile
| * | | | container: move channel close to its writerGiuseppe Scrivano2019-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | let the writer of the channel close it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | util: fix race condition in WaitForFileGiuseppe Scrivano2019-05-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | enable polling also when using inotify. It is generally useful to have it as under high load inotify can lose notifications. It also solves a race condition where the file is created while the watcher is configured and it'd wait until the timeout and fail. Closes: https://github.com/containers/libpod/issues/2942 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #3152 from rhatdan/remoteOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | | | | | | | | | | | | install.remote should be separate for install.bin
| * | | | | install.remote should be separate for install.binDaniel J Walsh2019-05-17
| | |_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | For people who want to install podman remote or podman only we need to separate out the two install commands. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #3092 from mheon/jhonce_approverOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | | | | | | | | | | | | Add Jhon Honce (@jwhonce on github) to OWNERS
| * | | | | Add Jhon Honce (@jwhonce on github) to OWNERSMatthew Heon2019-05-20
| | |/ / / | |/| | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #3139 from jwhonce/wip/remote_infoOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | | | | | | | | | | | | Add connection information to podman-remote info
| * | | | | Add connection information to podman-remote infoJhon Honce2019-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor client code to break out building connection string from making the connection. Example: client: Connection: unix:/run/podman/io.podman Connection Type: DirectConnection . : Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | | Merge pull request #3164 from rhatdan/apparmorOpenShift Merge Robot2019-05-20
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Don't set apparmor if --priviliged
| * | | | | Don't set apparmor if --priviligedDaniel J Walsh2019-05-20
| | |/ / / | |/| | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #3154 from haircommander/tutorial-conmonOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | |/ / / / |/| | | | Fixup conmon documentation
| * | | | Fixup conmon documentationPeter Hunt2019-05-18
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | | Merge pull request #3158 from kofalt/runlabel-formatingOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | | | | | | | | | | | | Output name of process on runlabel command
| * | | | | Output name of process on runlabel commandNathaniel Kofalt2019-05-18
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: Nathaniel Kofalt <nathaniel@kofalt.com>
* | | | | Merge pull request #3160 from wking/have-higher-precedence-typoOpenShift Merge Robot2019-05-20
|\ \ \ \ \ | | | | | | | | | | | | docs/libpod.conf.5: Add "have" to "higher precedence" typo
| * | | | | docs/libpod.conf.5: Add "have" to "higher precedence" typoW. Trevor King2019-05-19
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I'd left this out in a4b483c848 (libpod/container_internal: Deprecate implicit hook directories, 2018-12-02, #1920). Signed-off-by: W. Trevor King <wking@tremily.us>
* | | | | Merge pull request #3138 from weirdwiz/env-varOpenShift Merge Robot2019-05-19
|\ \ \ \ \ | |/ / / / |/| | | | Minor fix splitting env vars in podman-commit