| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
| |
If the container is running and we need to get its netns and
can't, that is a serious bug deserving of errors.
If it's not running, that's not really a big deal. Log an error
and continue.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When Libpod removes a container, there is the possibility that
removal will not fully succeed. The most notable problems are
storage issues, where the container cannot be removed from
c/storage.
When this occurs, we were faced with a choice. We can keep the
container in the state, appearing in `podman ps` and available for
other API operations, but likely unable to do any of them as it's
been partially removed. Or we can remove it very early and clean
up after it's already gone. We have, until now, used the second
approach.
The problem that arises is intermittent problems removing
storage. We end up removing a container, failing to remove its
storage, and ending up with a container permanently stuck in
c/storage that we can't remove with the normal Podman CLI, can't
use the name of, and generally can't interact with. A notable
cause is when Podman is hit by a SIGKILL midway through removal,
which can consistently cause `podman rm` to fail to remove
storage.
We now add a new state for containers that are in the process of
being removed, ContainerStateRemoving. We set this at the
beginning of the removal process. It notifies Podman that the
container cannot be used anymore, but preserves it in the DB
until it is fully removed. This will allow Remove to be run on
these containers again, which should successfully remove storage
if it fails.
Fixes #3906
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
podman rm/stop --cidfile
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add a --cidfile flag to podman rm/stop to pass a container ID via a
file. Podman run already provides the functionaly to store the ID
in a specified file which we now complete with rm/stop. This allows
for a better life-cycle management in systemd services. Note that
--cdifile can be specified multiple times to rm/stop.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| | |
| | | |
history: rewrite mappings
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Rewrite the backend for displaying the history of an image to simplify
the code and be closer to docker's behaviour. Instead of driving
index-based heuristics, create a reverse mapping from top-layers to the
corresponding image IDs and lookup the layers on-demand. Also use the
uncompressed layer size to be closer to Docker's behaviour.
Note that intermediate images from local builds are not considered for
the ID lookups anymore.
Fixes: #3359
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Also delete winsz fifo
|
| | | |/
| |/|
| | |
| | |
| | |
| | | |
In conmon 2.0.3, we add another fifo to handle window resizing. This needs to be cleaned up for commands like restore, where the same path is used.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \ \
| | | |
| | | | |
container create: os/arch check
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Unless explicitely overridden, check if the image's OS and architecture
and throw an errors in case of a mismatch.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Add pod annotations to container
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
We have the annotations SandboxID, let's use them. This also allows kata containers to be created in pods and share a VM with the infra container. Note: as of now, this sharing only works if the pod has an infra container
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \ \
| | | |
| | | | |
use pause image for check all
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
the pull all tags test can frequently timeout when trying to pull all
alpine tags. using the pause image, which is smaller, should provide
some relief.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Bump to Buildah v1.11.5
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bump to Buildah v1.11.5. Most notably changes to the
podman build `--pull` functionality. `--pull=true` and `--pull=false` now
work as Docker does, `--pull-never` added to supply the functionality
of the old `--pull=false`.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \
| | | |
| | | | |
codespell: spelling corrections
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Dmitry Smirnov <onlyjob@member.fsf.org>
|
| |\ \ \
| |/ /
|/| | |
Cirrus: Use branch-specific container tags
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Automated building of container images is handled in quay.io based on
changes in the master branch of this repository. However, as additional
branches are made, the "latest" image (from master) diverges from their
expectations. Fix this by using the branch-tagged images built by quay.
For the near-term, this also implies quay.io will be configured to also
build different images for each branch, and tag them appropriately.
Long-term, image build automation should be combined with libpod
automation - to avoid needing to maintain automation in multiple
systems/locations.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \
| | |
| | | |
create a separate install target for seccomp
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman in Fedora gets seccomp.json from containers-common while
the one in Ubuntu PPA gets seccomp.json from containers-golang.
This change will let me use install.config target unmodified
in downstream packages.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |\ \
| | |
| | | |
Fixed issue #4391; podman info --format '{{ json . }}'
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jimmy Crumpler <slimjim2234@gmail.com>
|
| |\ \ \
| | | |
| | | | |
fix bug check nonexist authfile
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Use GetDefaultAuthFile() from buildah.
For podman command(except login), if authfile does not exist returns error.
close #4328
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \
| |_|_|/
|/| | | |
docs: Update "podman container rm -v" description
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In commit 52df1fa (Fix volume handling in podman) was implemented the
--volume option for podman remove. However, its behaviour changed after
83db80c (Only remove image volumes when removing containers).
This commit updates the description of this option to reflect the new
behaviour.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add support for make vendor-in-container
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
Split up create config handling of namespaces and security
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As it stands, createconfig is a huge struct. This works fine when the only caller is when we create a container with a fully created config. However, if we wish to share code for security and namespace configuration, a single large struct becomes unweildy, as well as difficult to configure with the single createConfigToOCISpec function.
This PR breaks up namespace and security configuration into their own structs, with the eventual goal of allowing the namespace/security fields to be configured by the pod create cli, and allow the infra container to share this with the pod's containers.
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add links to readthedocs on docs/readme
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add a couple of links to the new ReadTheDocs site
for the libpod man pages from the docs/readme.md. Many users
go to github.com/{project}/docs looking for the man pages for
the project and their location is not evident on the current
readme.md.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
mount: add new options nocopyup|copyup for tmpfs
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
add a way to disable tmpcopyup for tmpfs.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
podman: add support for specifying MAC
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
I basically copied and adapted the statements for setting IP.
Closes #1136
Signed-off-by: Jakub Filak <jakub.filak@sap.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
`go get github.com/cri-o/ocicni@deac903fd99b6c52d781c9f42b8db3af7dcfd00a`
I had to fix compilation errors in libpod/networking_linux.go
---
ocicni.Networks has changed from string to the structure NetAttachment
with the member Name (the former string value) and the member Ifname
(optional).
I don't think we can make use of Ifname here, so I just map the array of
structures to array of strings - e.g. dropping Ifname.
---
The function GetPodNetworkStatus no longer returns Result but it returns
the wrapper structure NetResult which contains the former Result plus
NetAttachment (Network name and Interface name).
Again, I don't think we can make use of that information here, so I
just added `.Result` to fix the build.
---
Issue: #1136
Signed-off-by: Jakub Filak <jakub.filak@sap.com>
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
containers/dependabot/go_modules/github.com/json-iterator/go-1.1.8
Bump github.com/json-iterator/go from 1.1.7 to 1.1.8
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Bumps [github.com/json-iterator/go](https://github.com/json-iterator/go) from 1.1.7 to 1.1.8.
- [Release notes](https://github.com/json-iterator/go/releases)
- [Commits](https://github.com/json-iterator/go/compare/v1.1.7...1.1.8)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
containers/dependabot/go_modules/github.com/onsi/gomega-1.7.1
Bump github.com/onsi/gomega from 1.7.0 to 1.7.1
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/onsi/gomega/releases)
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md)
- [Commits](https://github.com/onsi/gomega/compare/v1.7.0...v1.7.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
containers/dependabot/go_modules/github.com/uber/jaeger-client-go-2.20.0+incompatible
Bump github.com/uber/jaeger-client-go from 2.19.0+incompatible to 2.20.0+incompatible
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Bumps [github.com/uber/jaeger-client-go](https://github.com/uber/jaeger-client-go) from 2.19.0+incompatible to 2.20.0+incompatible.
- [Release notes](https://github.com/uber/jaeger-client-go/releases)
- [Changelog](https://github.com/jaegertracing/jaeger-client-go/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uber/jaeger-client-go/compare/v2.19.0...v2.20.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
podman images --digest: always list a digest
|
