summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* generate systemd: `ExecStopPost` for all unitsValentin Rothberg2020-06-17
| | | | | | | | | | | | | | | | Add an `ExecStopPost` run even for units generated without `--new`. Although it may seem redundant to run `container/pod stop` twice at first glance, we really need the post run. If the main PID (i.e., conmon) is killed, systemd will not execute `ExecStop` but only the post one. We made this obeservation in a customer issue and could reproduce the behavior consistently. Hence, the post run is needed to properly clean up when conmon is killed and it's pretty much a NOP in all other cases. Credits to Ulrich Obergfell for throrough and detailed analyses, which ultimately lead to this fix. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #6631 from rhatdan/hooksOpenShift Merge Robot2020-06-17
|\ | | | | Fix handling of old oci hooks
| * Fix handling of old oci hooksDaniel J Walsh2020-06-17
| | | | | | | | | | | | | | | | | | | | Podman is blowing up with oci-umount hook, because it was never rewritten to support the v1.0.0 value. This PR adds support for the older version and cleans up the hook handling. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #6640 from edsantiago/fix_flaky_logs_testOpenShift Merge Robot2020-06-17
|\ \ | | | | | | "streaming output" logs test: fix flake
| * | "streaming output" logs test: fix flakeEd Santiago2020-06-17
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Test has been flaking excessively. A quick look shows that the test itself is broken, making a bad assumption. 'podman logs -f' is guaranteed to exit when a container terminates. This does not (and should not) mean that the container has been cleaned up. It is undefined and unsafe to run 'podman run -n same-name-as-terminated-container' immediately after 'podman logs' exits. Solution: instead of 'podman run', do 'podman inspect'. This, too, is unsafe, but we can expect to see one of two possible conditions: 1) command succeeds, in which case we require that container State.Status be "exited"; or 2) command fails, in which case we expect "no such container" in error output For full coverage we should add a small delay-check test to (1) to ensure that the container is cleaned up after a short amount of time. Leaving that as a TODO because it's more than my Go skills can handle, and I want to get this checked in ASAP to get rid of the flake hassle. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #6636 from mheon/add_warningsOpenShift Merge Robot2020-06-17
|\ \ | | | | | | Re-add resource limit warnings to Specgen
| * | Re-add resource limit warnings to SpecgenMatthew Heon2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These were part of Podman v1.9, but were lost in the transition to using Specgen to create containers. Most resource limits are checked via the sysinfo package to ensure they are safe to use (the cgroup is mounted, kernel support is present, etc) and removed if not safe. Further, bounds checks are performed to ensure that values are valid. Ensure these warnings are printed client-side when they occur. This part is a little bit gross, as it happens in pkg/infra and not cmd/podman, which is largely down to how we implemented `podman run` - all the work is done in pkg/infra and it returns only once the container has exited, and we need warnings to print *before* the container runs. The solution here, while inelegant, avoid the need to extensively refactor our handling of run. Should fix blkio-limit warnings that were identified by the FCOS test suite. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #6583 from mheon/inspect_ctr_before_imgOpenShift Merge Robot2020-06-17
|\ \ \ | | | | | | | | Fix podman inspect on overlapping/missing objects
| * | | Fix podman inspect on overlapping/missing objectsMatthew Heon2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This started as a small fix to `podman inspect` where a container and image, with the same name/tag, were present, and `podman inspect` was run on that name. `podman inspect` in 1.9 (and `docker inspect`) will give you the container; in v2.0, we gave the image. This was an easy fix (just reorder how we check for image/container). Unfortunately, in the process of testing this fix, I determined that we regressed in a different area. When you run inspect on a number of containers, some of which do not exist, `podman inspect` should return an array of inspect results for the objects that exist, then print a number of errors, one for each object that could not be found. We were bailing after the first error, and not printing output for the containers that succeeded. (For reference, this applied to images as well). This required a much more substantial set of changes to properly handle - signatures for the inspect functions in ContainerEngine and ImageEngine, plus the implementations of these interfaces, plus the actual inspect frontend code needed to be adjusted to use this. Fixes #6556 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #6622 from goochjj/podman_fix_initOpenShift Merge Robot2020-06-17
|\ \ \ \ | |_|_|/ |/| | | Fix --init and --init-path
| * | | Fix --init and --init-pathJoseph Gooch2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Init properly passed into specgen Allow --init with --systemd=true but not --systemd=always. Signed-off-by: Joseph Gooch <mrwizard@dok.org>
* | | | Merge pull request #6638 from jwhonce/issues/6548OpenShift Merge Robot2020-06-17
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Fixes #6548
| * | | | [CI:DOCS] Fixes #6548Jhon Honce2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Update swagger documentation Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #6633 from rhatdan/VENDOROpenShift Merge Robot2020-06-17
|\ \ \ \ \ | | | | | | | | | | | | Vendor containers/common v0.14.0
| * | | | | Vendor containers/common v0.14.0Daniel J Walsh2020-06-16
| | |_|_|/ | |/| | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #6635 from rhatdan/logsOpenShift Merge Robot2020-06-17
|\ \ \ \ \ | | | | | | | | | | | | Add <return> to lines returned in podman-remote logs
| * | | | | Add <return> to lines returen in podman-remote logsDaniel J Walsh2020-06-16
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Every line is sent back individually over the APIv2 as logs, but we are not adding the '\n' to give us line breaks. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #6624 from rhatdan/mountOpenShift Merge Robot2020-06-16
|\ \ \ \ \ | |/ / / / |/| | | | Fix podman-remote images
| * | | | Fix podman-remote imagesDaniel J Walsh2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Looks like we went too far with the linters. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #6616 from ↵OpenShift Merge Robot2020-06-16
|\ \ \ \ \ | |/ / / / |/| | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containers/conmon-2.0.18incompatible Bump github.com/containers/conmon from 2.0.17+incompatible to 2.0.18+incompatible
| * | | | Bump github.com/containers/conmondependabot-preview[bot]2020-06-16
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/conmon](https://github.com/containers/conmon) from 2.0.17+incompatible to 2.0.18+incompatible. - [Release notes](https://github.com/containers/conmon/releases) - [Changelog](https://github.com/containers/conmon/blob/master/changelog.txt) - [Commits](https://github.com/containers/conmon/compare/v2.0.17...v2.0.18) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6619 from mheon/revert_systemd_varlinkchangeOpenShift Merge Robot2020-06-16
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Revert "Change Varlink systemd unit to use `system service`"
| * | | | Revert "Change Varlink systemd unit to use `system service`"Matthew Heon2020-06-16
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 1bc992bfc3a983b4d9ab53f778a545d83bcde94d. We originally thought `podman varlink` was entirely removed, but that was not true. We originally thought that `podman system service --varlink` worked the same as `podman varlink` but that was also not true. `system service` is broken when used under systemd units, and `podman varlink` still exists and works. Revert the change to `podman system service` to fix socket-activated Varlink under systemd. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #6610 from jwhonce/wip/varlinkOpenShift Merge Robot2020-06-16
|\ \ \ \ | |/ / / |/| | | Add deprecated message to varlink command
| * | | Add deprecated message to varlink commandJhon Honce2020-06-15
| |/ / | | | | | | | | | | | | | | | | | | * Remove varlink references from the man pages * Fix signature for extractTarFile() Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #6615 from vrothberg/auto-update-variantOpenShift Merge Robot2020-06-16
|\ \ \ | | | | | | | | auto-update: use image's arch
| * | | handlers/compat: fix lint errorValentin Rothberg2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a lint error of an used parameter. The error must have sneaked in with a PR that was merged after the recent linter enablement. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | auto-update: use image's archValentin Rothberg2020-06-16
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Use the architecture of the local image when looking for a new image on a registry. It seems to be common practice on ARM to tweak the architecture choice to pull the correct image. Fixes: #6613 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #6605 from ypu/apiv2-podsOpenShift Merge Robot2020-06-16
|\ \ \ | |/ / |/| | APIv2 tests: Add some tests for podman pods
| * | APIv2 tests: Add some tests for podman podsYiqiao Pu2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add some tests for podman pods subcommand: restart rm start stas stop top unpause Signed-off-by: Yiqiao Pu <ypu@redhat.com>
* | | Merge pull request #6589 from rhatdan/attachOpenShift Merge Robot2020-06-15
|\ \ \ | | | | | | | | Handle errors on attach properly
| * | | Handle errors on attach properlyDaniel J Walsh2020-06-15
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #6591 from jgallucci32/patch-1OpenShift Merge Robot2020-06-15
|\ \ \ \ | | | | | | | | | | Merged request to fix -f to stop following logs
| * | | | Remove redundant break in for loop.jgallucci322020-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove redundant `break` call in for loop. Co-authored-by: Qi Wang <qiwan@redhat.com> Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
| * | | | Do not print error message when container does not existjgallucci322020-06-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a condition when a container is removed while following the logs and prints an error when the container is removed forcefully. Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
| * | | | Changed from t.StopAtEOF() to t.Stop() and added error checkjgallucci322020-06-12
| | | | | | | | | | | | | | | | | | | | Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
| * | | | Fix -f logs to stop when a container exitsjgallucci322020-06-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes an issue with the previous PR where a container would exit while following logs and the log tail continued to follow. This creates a subroutine which checks the state of the container and instructs the tailLog to stop when it reaches EOF. Tested the following conditions: * Tail and follow logs of running container * Tail and follow logs of stopped container * Tail and follow logs of running container which exits after some time Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
| * | | | Fix -f logs follow with stopped containerQi Wang2020-06-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix -f logs follow with stopped container. Close #6531 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #6601 from zhangguanzhang/podman-cp-dirOpenShift Merge Robot2020-06-15
|\ \ \ \ \ | | | | | | | | | | | | fix podman cp can create an extra directory when the source is the container's root directory
| * | | | | fix podman cp can create an extra directory levelzhangguanzhang2020-06-15
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | | | | Merge pull request #6590 from zhangguanzhang/masterOpenShift Merge Robot2020-06-15
|\ \ \ \ \ \ | | | | | | | | | | | | | | Add the missing return in the API handlers' image_build method
| * | | | | | Add the missing returnzhangguanzhang2020-06-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
| * | | | | | Merge pull request #1 from containers/masterzhangguanzhang2020-06-12
| |\ \ \ \ \ \ | | |/ / / / / | |/| | | | | # sync
* | | | | | | Merge pull request #6603 from sujil02/python-testOpenShift Merge Robot2020-06-15
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Adds more docker py test
| * | | | | | | Adds more docker py testSujil022020-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Addes more docker py test Optimize test to import images from cache Rename test class and dir for python unittest framework Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | | | | | Merge pull request #6597 from rhatdan/imageOpenShift Merge Robot2020-06-15
|\ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | Add some additional fields to imageinspect
| * | | | | | | | Add some additional fields to imageinspectDaniel J Walsh2020-06-13
| |/ / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | | Merge pull request #6553 from vrothberg/replaceOpenShift Merge Robot2020-06-15
|\ \ \ \ \ \ \ \ | |_|_|_|_|/ / / |/| | | | | | | --replace for containers and pods
| * | | | | | | generate systemd: `--replace` on named containers/podsValentin Rothberg2020-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use `--replace` for named containers and pods. This will clean up previous containers and podsthat may not have been removed after a system crash. Fixes: #5485 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | | | | | | pod create --replaceValentin Rothberg2020-06-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a `--replace` flag to the `pod create` command. If another pod with the same name already exists, it will be replaced and removed. Adding this flag is motivated by #5485 to make running Podman in systemd units (or any other scripts/automation) more robust. In case of a crash, a pod may not be removed by a sytemd unit anymore. The `--replace` flag allows for supporting crashes. Note that the `--replace` flag does not require the `--name` flag to be set, so it can be set unconditionally in `podman generate systemd`. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>