| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We previously attempted to work within CNI to do this, without
success. So let's do it manually, instead. We know where the
files should live, so we can remove them ourselves instead. This
solves issues around sudden reboots where containers do not have
time to fully tear themselves down, and leave IP address
allocations which, for various reasons, are not stored in tmpfs
and persist through reboot.
Fixes #5433
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\
| |
| | |
Begin exec rework
|
| | |
| |
| |
| |
| |
| |
| | |
This produces detailed information about the configuration of an
exec session in a format suitable for the new HTTP API.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As part of the rework of exec sessions, we need to address them
independently of containers. In the new API, we need to be able
to fetch them by their ID, regardless of what container they are
associated with. Unfortunately, our existing exec sessions are
tied to individual containers; there's no way to tell what
container a session belongs to and retrieve it without getting
every exec session for every container.
This adds a pointer to the container an exec session is
associated with to the database. The sessions themselves are
still stored in the container.
Exec-related APIs have been restructured to work with the new
database representation. The originally monolithic API has been
split into a number of smaller calls to allow more fine-grained
control of lifecycle. Support for legacy exec sessions has been
retained, but in a deprecated fashion; we should remove this in
a few releases.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
As part of the rework of exec sessions, we want to split Create
and Start - and, as a result, we need to keep everything needed
to start exec sessions in the struct, not just the bare minimum
for tracking running ones.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
[CI:DOCS] Add guidelines for writing podman V2 CLI commands
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Bump to v1.8.2
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \
| | | |
| | | | |
[CI:DOCS]remove podmanv2 binary
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
[CI:DOCS] Update release notes for v1.8.2 final release
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \
| | | |
| | | | |
V2 podman command
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
fix reported compat issues
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
honor -1 in in list containers for compatibility mode. it is commonly used to indicate no limit.
change the json id parameter to Id in container create.
Fixes: #5553
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
New test: man page cross-ref against --help
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
New hack/xref-helpmsgs-manpages script, added to CI 'gate'
task, runs 'podman [subcommand] --help' and cross-references
against man pages in docs/source/markdown/podman*.1.md
See #5453 and #5460 for instances of the problems the
script has found.
The careful reader will find an alarming number of special-case
bypasses. These are a tradeoff I am making: to get perfect
coverage with no handwaving, it would be necessary to make
drastic changes to some man pages, and I believe those would
be counterproductive.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Don't include SUBDIR in windows.zip
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
The zip file should returne podman.exe plus the documentation
directory.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| |_|_|/
|/| | | |
Filter pods through pod list api
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Refactored current filter pods flow through the shared pod functions
so filter pod functionalities can be shared between api and cmd.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
rootless: fix usage with hidepid=1
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when /proc is mounted with hidepid=1 a process doesn't see processes
from the outer user namespace. This causes an issue reading the
cmdline from the parent process.
To address it, always read the command line from /proc/self instead of
using /proc/PARENT_PID.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Vendor in containers/buildah v1.14.3
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Reduce CPU usage when --timeout=0
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add second go routine for when a Timer is not needed.
* goimports updated some project files
Fixes #5531
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
serve swagger when present
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
register the swagger endpoint and add some error handling for when the swagger file does not exist
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
swagger: more consistency fixes
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
Some new 'manifests' entries have the wrong {name} parameter
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
auto update containers in systemd units
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add support to auto-update containers running in systemd units as
generated with `podman generate systemd --new`.
`podman auto-update` looks up containers with a specified
"io.containers.autoupdate" label (i.e., the auto-update policy).
If the label is present and set to "image", Podman reaches out to the
corresponding registry to check if the image has been updated. We
consider an image to be updated if the digest in the local storage is
different than the one of the remote image. If an image must be
updated, Podman pulls it down and restarts the container. Note that the
restarting sequence relies on systemd.
At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT"
environment variables and stores it verbatim in the container's label.
This variable is now set by all systemd units generated by
`podman-generate-systemd` and is set to `%n` (i.e., the name of systemd
unit starting the container). This data is then being used in the
auto-update sequence to instruct systemd (via DBUS) to restart the unit
and hence to restart the container.
Note that this implementation of auto-updates relies on systemd and
requires a fully-qualified image reference to be used to create the
container. This enforcement is necessary to know which image to
actually check and pull. If we used an image ID, we would not know
which image to check/pull anymore.
Fixes: #3575
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Move the dbus-connection code from libpod's healthcheck to pkg/systemd
to allow for sharing the logic. Needed for the auto-updates work.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
fix timeout file flake
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It looks like something snuck in and now make vendor fails on
master. This should make things happy.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
this is a temporary fix for the flake that has been troubling us. once conmon is in fedora 30 and 31 stable, we can remove this fix. the images will just need to be rebuilt.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Bump to v1.8.2-RC1
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | |_|/
| |/| |
| | | |
| | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
podman: avoid conmon zombie on exec
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
conmon forks itself, so make sure we reap the first process and not
leave a zombie process.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Fix vendoring on master
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
It looks like something snuck in and now make vendor fails on
master. This should make things happy.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
[CI:DOCS] Update release notes for v1.8.2-RC1
|
| |/ /
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
Update containers/storage to v1.16.5
|
