| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for executing an init binary as PID 1 in a container to
forward signals and reap processes. When the `--init` flag is set for
podman-create or podman-run, the init binary is bind-mounted to
`/dev/init` in the container and "/dev/init --" is prepended to the
container's command.
The default base path of the container-init binary is `/usr/libexec/podman`
while the default binary is catatonit [1]. This default can be changed
permanently via the `init_path` field in the `libpod.conf` configuration
file (which is recommended for packaging) or temporarily via the
`--init-path` flag of podman-create and podman-run.
[1] https://github.com/openSUSE/catatonit
Fixes: #1670
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
vendor in new containers/storage
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
vendor in latest containers/storage which contains a fix for when
a filesystem that overlayfs is on is ENOSPC.
adding pgzip/compress as a new dep for c/s
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Fix completions
|
|/
|
|
|
|
|
|
|
| |
Currently completions do not work. podman generate kube and podman play kube
completions broke this.
Also fixed podman import to work properly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Touch up some troubleshooting nits
|
|/
|
|
| |
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\
| |
| | |
Log container command before starting the container
|
| |
| |
| |
| |
| |
| |
| | |
Runc does not produce helpful error messages when the container's
command is not found, so print the command ourselves.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
Use sprintf to generate port numbers while committing
|
|/
|
|
|
|
|
|
|
| |
Casting integers to strings is definitely not correct, so let the
standard library handle matters.
Fixes #2066
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
Add troubleshooting for sparse files
|
|/
|
|
|
|
|
|
|
|
| |
A common failure with people building container images is the
creation of large sparse files, particularly useradd creating
the lastlog file.
This PR Documents the failures.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Re-enable checkpoint/restore CI tests on Fedora
|
| |
| |
| |
| |
| |
| |
| |
| | |
Now that the correct distribution CRIU packages are installed the
checkpoint/restore tests should no longer fail. This re-enables the
disabled tests on Fedora.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \
| | |
| | | |
podman build is not using the default oci-runtime
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently if the user installs runc in an alternative path
podman run uses it but podman build does not.
This patch will pass the default oci runtime to be used by podman
down to the image builder.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Fix handling of symbolic links
|
|/
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Fixes to handle /dev/shm correctly.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We had two problems with /dev/shm, first, you mount the
container read/only then /dev/shm was mounted read/only.
This is a bug a tmpfs directory should be read/write within
a read-only container.
The second problem is we were ignoring users mounted /dev/shm
from the host.
If user specified
podman run -d -v /dev/shm:/dev/shm ...
We were dropping this mount and still using the internal mount.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
rootless tests using stop is more reliable
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
when testing rootless containers, it is more reliable to stop
a container with a zero timeout than kill a container. We made
this change in non-rootless tests as well. When IO or CPU are
taxed, it avoids a situation where the kill signal is sent but the
container has not been able to update its status when a subsequent
action occurs.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Allow alias for list, ls, ps to work
|
| |
| |
| |
| |
| |
| |
| |
| | |
Allow multiple alias for listing containers and images.
Also fix documentation for umount and unmount
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Refactor: use idtools.ParseIDMap instead of bundling own version
|
|/
|
|
|
|
|
|
|
|
|
| |
ParseIDMap function was extracted to idtools in
https://github.com/containers/storage/pull/236
it is already used in containers/storage and buildah, it should be used in
libpod as well.
Signed-off-by: Šimon Lukašík <isimluk@fedoraproject.org>
|
|\
| |
| | |
Switch all references to image.ContainerConfig to image.Config
|
| |
| |
| |
| |
| |
| | |
This will more closely match what Docker is doing.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Use new VM images with updated CRIU
|
|/
|
|
|
|
|
| |
Also add two minor tweaks which were preventing images from building
properly.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\
| |
| | |
Allow users to specify a directory for additonal devices
|
| |
| |
| |
| |
| |
| |
| | |
Podman will search through the directory and will add any device
nodes that it finds. If no devices are found we return an error.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Vendor in latest psgo code
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When running podman top, the processes collected can exit befor
psgo gets information on the processes. This can cause some weird
errors and creates some CI flakes.
psgo now properly ignores this situation rather then returning errors
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
rootless: fix export when using fuse-overlayfs
|
| |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix usage of export when rootless containers are used without vfs. We
join the conmon process namespaces as the container is running in a
different one.
There can be a problem if the user specify a different path for the
conmon process, and then the file is deleted. In this case podman
won't be able to find the conmon process to join.
Closes: https://github.com/containers/libpod/issues/2027
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the possibility to join directly the user and mount namespace
without looking up the parent of the user namespace.
We need this in order to be able the conmon process, as the mount
namespace is kept alive only there.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
we need this information to later be able to join
the conmon process.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| |/
|/| |
Use existing CRIU packages for testing instead of building from git
|
|/
|
|
|
|
|
|
|
|
|
|
| |
For all in testing involved distribution a new enough CRIU exists as a
package.
Fedora provides CRIU packages directly. For CentOS/RHEL there is a COPR
with the latest CRIU version and for Ubuntu there is a PPA for the
latest CRIU version. Let's use these packages and fall back to building
from git if necessary.
Signed-off-by: Adrian Reber <adrian@lisas.de>
|
|\
| |
| | |
skip test for blkio.weight when kernel does not support it
|
|/
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
|
|\
| |
| | |
perf test a stress test to profile CPU load of podman
|
| |
| |
| |
| | |
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
|
|\ \
| | |
| | | |
Add Play
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman play kube adds the ability for the user to recreate pods and containers
from a Kubernetes YAML file in libpod.
Signed-off-by: baude <bbaude@redhat.com>
|