| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add an `ExecStopPost` run even for units generated without `--new`.
Although it may seem redundant to run `container/pod stop` twice at
first glance, we really need the post run. If the main PID (i.e.,
conmon) is killed, systemd will not execute `ExecStop` but only the
post one. We made this obeservation in a customer issue and could
reproduce the behavior consistently. Hence, the post run is needed
to properly clean up when conmon is killed and it's pretty much a
NOP in all other cases.
Credits to Ulrich Obergfell for throrough and detailed analyses,
which ultimately lead to this fix.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
Fix handling of old oci hooks
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman is blowing up with oci-umount hook, because
it was never rewritten to support the v1.0.0 value.
This PR adds support for the older version and cleans
up the hook handling.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
"streaming output" logs test: fix flake
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Test has been flaking excessively. A quick look shows that
the test itself is broken, making a bad assumption.
'podman logs -f' is guaranteed to exit when a container
terminates. This does not (and should not) mean that the
container has been cleaned up. It is undefined and unsafe
to run 'podman run -n same-name-as-terminated-container'
immediately after 'podman logs' exits.
Solution: instead of 'podman run', do 'podman inspect'.
This, too, is unsafe, but we can expect to see one of
two possible conditions:
1) command succeeds, in which case we require that
container State.Status be "exited"; or
2) command fails, in which case we expect "no such
container" in error output
For full coverage we should add a small delay-check test
to (1) to ensure that the container is cleaned up after
a short amount of time. Leaving that as a TODO because
it's more than my Go skills can handle, and I want to
get this checked in ASAP to get rid of the flake hassle.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Re-add resource limit warnings to Specgen
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
These were part of Podman v1.9, but were lost in the transition
to using Specgen to create containers. Most resource limits are
checked via the sysinfo package to ensure they are safe to use
(the cgroup is mounted, kernel support is present, etc) and
removed if not safe. Further, bounds checks are performed to
ensure that values are valid.
Ensure these warnings are printed client-side when they occur.
This part is a little bit gross, as it happens in pkg/infra and
not cmd/podman, which is largely down to how we implemented
`podman run` - all the work is done in pkg/infra and it returns
only once the container has exited, and we need warnings to print
*before* the container runs. The solution here, while inelegant,
avoid the need to extensively refactor our handling of run.
Should fix blkio-limit warnings that were identified by the FCOS
test suite.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Fix podman inspect on overlapping/missing objects
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This started as a small fix to `podman inspect` where a container
and image, with the same name/tag, were present, and
`podman inspect` was run on that name. `podman inspect` in 1.9
(and `docker inspect`) will give you the container; in v2.0, we
gave the image. This was an easy fix (just reorder how we check
for image/container).
Unfortunately, in the process of testing this fix, I determined
that we regressed in a different area. When you run inspect on
a number of containers, some of which do not exist,
`podman inspect` should return an array of inspect results for
the objects that exist, then print a number of errors, one for
each object that could not be found. We were bailing after the
first error, and not printing output for the containers that
succeeded. (For reference, this applied to images as well). This
required a much more substantial set of changes to properly
handle - signatures for the inspect functions in ContainerEngine
and ImageEngine, plus the implementations of these interfaces,
plus the actual inspect frontend code needed to be adjusted to
use this.
Fixes #6556
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| |_|_|/
|/| | | |
Fix --init and --init-path
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Init properly passed into specgen
Allow --init with --systemd=true but not --systemd=always.
Signed-off-by: Joseph Gooch <mrwizard@dok.org>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Fixes #6548
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* Update swagger documentation
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Vendor containers/common v0.14.0
|
| | |_|_|/
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add <return> to lines returned in podman-remote logs
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Every line is sent back individually over the APIv2 as
logs, but we are not adding the '\n' to give us line breaks.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Fix podman-remote images
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Looks like we went too far with the linters.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/containers/conmon-2.0.18incompatible
Bump github.com/containers/conmon from 2.0.17+incompatible to 2.0.18+incompatible
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/containers/conmon](https://github.com/containers/conmon) from 2.0.17+incompatible to 2.0.18+incompatible.
- [Release notes](https://github.com/containers/conmon/releases)
- [Changelog](https://github.com/containers/conmon/blob/master/changelog.txt)
- [Commits](https://github.com/containers/conmon/compare/v2.0.17...v2.0.18)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Revert "Change Varlink systemd unit to use `system service`"
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This reverts commit 1bc992bfc3a983b4d9ab53f778a545d83bcde94d.
We originally thought `podman varlink` was entirely removed, but
that was not true. We originally thought that
`podman system service --varlink` worked the same as
`podman varlink` but that was also not true. `system service` is
broken when used under systemd units, and `podman varlink` still
exists and works. Revert the change to `podman system service` to
fix socket-activated Varlink under systemd.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Add deprecated message to varlink command
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
* Remove varlink references from the man pages
* Fix signature for extractTarFile()
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | | |
auto-update: use image's arch
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix a lint error of an used parameter. The error must have sneaked in
with a PR that was merged after the recent linter enablement.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use the architecture of the local image when looking for a new image on
a registry. It seems to be common practice on ARM to tweak the
architecture choice to pull the correct image.
Fixes: #6613
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
APIv2 tests: Add some tests for podman pods
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add some tests for podman pods subcommand:
restart
rm
start
stas
stop
top
unpause
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
|\ \ \
| | | |
| | | | |
Handle errors on attach properly
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Merged request to fix -f to stop following logs
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Remove redundant `break` call in for loop.
Co-authored-by: Qi Wang <qiwan@redhat.com>
Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This fixes a condition when a container is removed while
following the logs and prints an error when the container
is removed forcefully.
Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes an issue with the previous PR where a container would exit while following logs and the log tail continued to follow. This creates a subroutine which checks the state of the container and instructs the tailLog to stop when it reaches EOF.
Tested the following conditions:
* Tail and follow logs of running container
* Tail and follow logs of stopped container
* Tail and follow logs of running container which exits after some time
Signed-off-by: jgallucci32 <john.gallucci.iv@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fix -f logs follow with stopped container. Close #6531
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
fix podman cp can create an extra directory when the source is the container's root directory
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add the missing return in the API handlers' image_build method
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| |\ \ \ \ \ \
| | |/ / / / /
| |/| | | | | |
# sync
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Adds more docker py test
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Addes more docker py test
Optimize test to import images from cache
Rename test class and dir for python unittest framework
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Add some additional fields to imageinspect
|
| |/ / / / / / /
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \ \ \ \
| |_|_|_|_|/ / /
|/| | | | | | | |
--replace for containers and pods
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Use `--replace` for named containers and pods. This will clean up
previous containers and podsthat may not have been removed after a
system crash.
Fixes: #5485
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add a `--replace` flag to the `pod create` command. If another pod with
the same name already exists, it will be replaced and removed.
Adding this flag is motivated by #5485 to make running Podman in systemd
units (or any other scripts/automation) more robust. In case of a
crash, a pod may not be removed by a sytemd unit anymore. The
`--replace` flag allows for supporting crashes.
Note that the `--replace` flag does not require the `--name` flag to be
set, so it can be set unconditionally in `podman generate systemd`.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|