| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
There exists a chance for a node to be booted in v1, but have reminents of v2. An example is this CRI-O ci run: https://deck-ci.apps.ci.l2s4.p1.openshiftapps.com/view/gcs/origin-federated-results/pr-logs/pull/cri-o_cri-o/3565/test_pull_request_crio_critest_fedora/11243/
We fail because we are incorrectly writing to the unified path, because we are v1. We should not write to the unified path if we are v1
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\
| |
| | |
[1.9] vendor github.com/containers/common@v0.8.4
|
| |/
|
|
|
| |
Fixes: #6163
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
Set pids-limit to 0 on non cgroupv2 rootless systems
|
| | |
| |
| |
| |
| |
| | |
Rootless cgroups V1 does not support setting a pids limit.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Add HairpinMode to our CNI configs [v1.9]
|
| |/ /
| |
| |
| |
| |
| |
| | |
This may resolve some issues with routing traffic between
containers using the host's IP.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | | |
Update containers/common to v0.8.3
|
| | |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Add command to build podman-remote-static
|
| | |/
| |
| |
| |
| |
| |
| | |
CRC Team wants a static podman-remote that it can install on any linux
box.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Set up ulimits for rootless containers.
|
| | |/
| |
| |
| |
| |
| |
| | |
Currently we are setting the maximum limits for rootful podman containers,
no reason not to set them by default for rootless users as well
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
[1.9] add --conmon-pidfile/--cidfile system test
|
| |/
|
|
|
|
|
|
|
| |
Add a system test to make sure that pidfile and cidfile are being
generated. Podman regressed in master and given 1.9 will be supported
for a while, let's make extra sure we're catching potential on these
flags early.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
User specified environment after other environments are set
|
| | |
| |
| |
| |
| |
| |
| | |
Users can not currently override the environment variables set by
--http-proxy
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
[1.9] rootless: backport two patches
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
commit 788fdc685b00dee5ccb594bef845204250c4c123 introduced a race
where the target process dies before the child process opens the
namespace files. Move the open before the fork so if it fails the
parent process can attempt to join a different container instead of
failing.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 89d4940a3787ccc871c92950a79347efc0d5c58c)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The same channel is written to by two different goroutines.
Use a different channel for each of them so to avoid writing to a
closed channel.
Closes: https://github.com/containers/libpod/issues/6018
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 6d545bb2f773ff996ce28e0b6608380206835004)
|
| |\ \ \
| |/ /
|/| | |
Fixes podman save fails when specifying an image using a digest #5234
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adds check to parse normalized name and create docker archive dst reference
for tagged untagged image. Relevant test case added.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Bump to v1.9.1
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Release notes v1.9.1
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \
| |/ / /
|/| | | |
Update vendor to containers/common v0.8.2
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This will fix a couple of issues caused by the move to containers.conf
If a libpod.conf file still exists, we will ignore its events_logger
definition and use "file"
If you are running rootless on cgroupsV1 we will default to host cgroupns.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
separate healthcheck and container log paths
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
instead of using the container log path to derive where to put the healthchecks, we now put them into the rundir to avoid collision of health check log files when the log path is set by user.
Fixes: #5915
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| /
| |/ |
Don't check configuration until user input is applied
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
[1.9] rootless: move join namespace inside child process
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
open the namespace file descriptors inside of the child process.
Closes: https://github.com/containers/libpod/issues/5873
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 788fdc685b00dee5ccb594bef845204250c4c123)
|
| |/
|
|
|
|
|
|
|
| |
since we join directly the conmon user namespace, there is no need to
look up its parent user namespace, as we can safely assume it is the
init namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 8360fcf82cc17ef55a00870d7e950079a51f2083)
|
| |\
| |
| | |
Move selinux labeling support from pkg/util to pkg/selinux
|
| |/
|
|
|
|
|
| |
The goal here is to make the package less heavy and not overload
the pkg/util.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
Cirrus: Necessary changes for v1.9 branch automation
|
| | |
| |
| |
| |
| |
| |
| | |
Also, drop image_prune task which only runs on the master branch by
design.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
apiv2 tests emit TAP-compliant output; recognize it and
highlight it the same way we do BATS tests.
Add anchor links to TAP output, so other tools (e.g.
cirrus-flake-summarize) can link to particular lines
And, remove a "-f" from "wait" in test-apiv2; looks
like there's some version of bash used in some CI VM
that doesn't grok it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
v2specgen prune libpod
|
| | |
| |
| |
| |
| |
| | |
use libpod only in the specgen/generate package so that the remote clients do not inherit libpod bloat.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
More system test fixes on regressions
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fix more regressions between v1 and v2
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
podmanV2: fix nil deref
|
| |/ /
| |
| |
| |
| |
| |
| | |
Fix a typo when looking up a flag causing a nil deref and all commands
to fail.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| |/
|/| |
Add support for the global flags and config files
|
| |/
|
|
|
|
|
| |
Note: This PR doesn't provide full rootless support that will be
addressed in a future PR
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
