summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Update API documentation for InspectMatthew Heon2020-05-14
| | | | | | | | | Most importantly, note the pruning behavior of compat Inspect. Less importantly, note that the Tty parameter to Start is only ignored, as opposed to being not supported. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Parameters for ExecStart are body, not queryMatthew Heon2020-05-14
| | | | | | | Oops. Misread the docs when I initially implemented this. Nice and easy fix, at least. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Prune stale exec sessions on inspectMatthew Heon2020-05-14
| | | | | | | | | | | | | | | | | | | | The usual flow for exec is going to be: - Create exec session - Start and attach to exec session - Exec session exits, attach session terminates - Client does an exec inspect to pick up exit code The safest point to remove the exec session, without doing any database changes to track stale sessions, is to remove during the last part of this - the single inspect after the exec session exits. This is definitely different from Docker (which would retain the exec session for up to 10 minutes after it exits, where we will immediately discard) but should be close enough to be not noticeable in regular usage. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Remove exec sessions on container restartMatthew Heon2020-05-14
| | | | | | | | | | | | | With APIv2, we cannot guarantee that exec sessions will be removed cleanly on exit (Docker does not include an API for removing exec sessions, instead using a timer-based reaper which we cannot easily replicate). This is part 1 of a 2-part approach to providing a solution to this. This ensures that exec sessions will be reaped, at the very least, on container restart, which takes care of any that were not properly removed during the run of a container. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Fix start order for APIv2 exec start endpointMatthew Heon2020-05-14
| | | | | | This makes the endpoint (mostly) functional. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Don't fail when saving exec status fails on removed ctrMatthew Heon2020-05-14
| | | | | | | We can't save the exec session, but it's because the container is entirely gone, so no point erroring. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Add APIv2 handler for resizing exec sessionsMatthew Heon2020-05-14
| | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Ensure that Streams are set to defaults for HTTP attachMatthew Heon2020-05-14
| | | | | | | | | | | If not overridden, we should use the attach configuration given when the exec session was first created. Also, setting streams should not conflict with a TTY - the two are allowed together with Attach and should be allowed together here. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Wire in endpoint for ExecStartMatthew Heon2020-05-14
| | | | | | | This is still very early not not well tested, and missing resize capability, but it does provide the first bits of exec. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Add an initial implementation of HTTP-forwarded execMatthew Heon2020-05-14
| | | | | | | | | | | | | | | This is heavily based off the existing exec implementation, but does not presently share code with it, to try and ensure we don't break anything. Still to do: - Add code sharing with existing exec implementation - Wire in the frontend (exec HTTP endpoint) - Move all exec-related code in oci_conmon_linux.go into a new file - Investigate code sharing between HTTP attach and HTTP exec. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #6229 from mheon/small_kata_fixOpenShift Merge Robot2020-05-14
|\ | | | | Cleanup OCI runtime before storage
| * Ensure that cleanup runs before we set Removing stateMatthew Heon2020-05-14
| | | | | | | | | | | | | | | | | | Cleaning up the OCI runtime is not allowed in the Removing state. To ensure it is actually cleaned up, when calling cleanup() as part of removing a container, do so before we set the Removing state, so we can successfully remove. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * Cleanup OCI runtime before storageMatthew Heon2020-05-14
| | | | | | | | | | | | | | | | | | Some runtimes (e.g. Kata containers) seem to object to having us unmount storage before the container is removed from the runtime. This is an easy fix (change the order of operations in cleanup) and seems to make more sense than the way we were doing things. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #6235 from QiWang19/events-formatOpenShift Merge Robot2020-05-14
|\ \ | | | | | | fix bug --format {{json.}} of events
| * | fix bug --format {{json.}} of eventsQi Wang2020-05-14
| | | | | | | | | | | | | | | | | | Allow the `podman events --format` accept {{json.}} and complete small fix podman-events.1.md Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #6220 from jwhonce/wip/attachOpenShift Merge Robot2020-05-14
|\ \ \ | |/ / |/| | V2 Update attach bindings to use Readers/Writers vs chan
| * | V2 Update attach bindings to use Readers/Writers vs chanJhon Honce2020-05-14
|/ / | | | | | | | | | | | | | | * Change function call to use readers/writers in place channels * Support stdin for pushing data from client to container * Add bindings test Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #6228 from rhatdan/specOpenShift Merge Robot2020-05-14
|\ \ | | | | | | Default podman.spec to use crun
| * | Default podman.spec to use crunDaniel J Walsh2020-05-14
| | | | | | | | | | | | | | | | | | | | | On systems with cgroupV2 runc will not currently work switch the default in spec file to use crun. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6223 from ↵OpenShift Merge Robot2020-05-14
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/github.com/containernetworking/plugins-0.8.6 Bump github.com/containernetworking/plugins from 0.8.5 to 0.8.6
| * | | Bump github.com/containernetworking/plugins from 0.8.5 to 0.8.6dependabot-preview[bot]2020-05-14
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 0.8.5 to 0.8.6. - [Release notes](https://github.com/containernetworking/plugins/releases) - [Commits](https://github.com/containernetworking/plugins/compare/v0.8.5...v0.8.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6204 from ↵OpenShift Merge Robot2020-05-14
|\ \ \ | |/ / |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/storage-1.19.2 Bump github.com/containers/storage from 1.19.1 to 1.19.2
| * | Bump github.com/containers/storage from 1.19.1 to 1.19.2dependabot-preview[bot]2020-05-14
|/ / | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.19.1 to 1.19.2. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.19.1...v1.19.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #6218 from mheon/master_bump_releasenotesOpenShift Merge Robot2020-05-14
|\ \ | | | | | | [CI:DOCS] Update release notes and version on master
| * | Update release notes and version on masterMatthew Heon2020-05-13
| |/ | | | | | | | | | | | | We released v1.9.2 on the v1.9 branch, so bring the release notes and readme up to date. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #6211 from baude/v2remoteimagetreeOpenShift Merge Robot2020-05-13
|\ \ | | | | | | enable remote image tree
| * | enable remote image treeBrent Baude2020-05-13
| | | | | | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #6206 from ↵OpenShift Merge Robot2020-05-13
|\ \ \ | |_|/ |/| | | | | | | | containers/dependabot/go_modules/github.com/containers/conmon-2.0.16incompatible Bump github.com/containers/conmon from 2.0.14+incompatible to 2.0.16+incompatible
| * | Bump github.com/containers/conmondependabot-preview[bot]2020-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [github.com/containers/conmon](https://github.com/containers/conmon) from 2.0.14+incompatible to 2.0.16+incompatible. - [Release notes](https://github.com/containers/conmon/releases) - [Changelog](https://github.com/containers/conmon/blob/master/changelog.txt) - [Commits](https://github.com/containers/conmon/compare/v2.0.14...v2.0.16) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #6214 from baude/v2removelibconfOpenShift Merge Robot2020-05-13
|\ \ \ | | | | | | | | [CI:DOCS]remove libpod.conf from spec
| * | | [CI:DOCS]remove libpod.conf from specBrent Baude2020-05-13
| | |/ | |/| | | | | | | | | | | | | in the contrib rpm.spec.in, we no longer should try to package libpod.conf Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #6203 from jwhonce/wip/attachOpenShift Merge Robot2020-05-13
|\ \ \ | | | | | | | | V2 attach bindings and test
| * | | WIP V2 attach bindings and testJhon Honce2020-05-13
| |/ / | | | | | | | | | | | | | | | | | | | | | * Add ErrLostSync to report lost of sync when de-mux'ing stream * Add logus.SetLevel(logrus.DebugLevel) when `go test -v` given * Add context to debugging messages Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #6197 from baude/v2remotenetworkOpenShift Merge Robot2020-05-13
|\ \ \ | |/ / |/| | enable podman v2 networking for remote client
| * | enable podman v2 networking for remote clientBrent Baude2020-05-12
| | | | | | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #6200 from haircommander/skip-unifiedOpenShift Merge Robot2020-05-13
|\ \ \ | | | | | | | | cgroup: skip unified if we are using v1
| * | | cgroup: skip unified if we are using v1Peter Hunt2020-05-12
| |/ / | | | | | | | | | | | | | | | | | | | | | There exists a chance for a node to be booted in v1, but have reminents of v2. An example is this CRI-O ci run: https://deck-ci.apps.ci.l2s4.p1.openshiftapps.com/view/gcs/origin-federated-results/pr-logs/pull/cri-o_cri-o/3565/test_pull_request_crio_critest_fedora/11243/ We fail because we are incorrectly writing to the unified path, because we are v1. We should not write to the unified path if we are v1 Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | Merge pull request #6205 from ↵OpenShift Merge Robot2020-05-13
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/gopkg.in/yaml.v2-2.3.0 Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0
| * | | Bump gopkg.in/yaml.v2 from 2.2.8 to 2.3.0dependabot-preview[bot]2020-05-13
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.8 to 2.3.0. - [Release notes](https://github.com/go-yaml/yaml/releases) - [Commits](https://github.com/go-yaml/yaml/compare/v2.2.8...v2.3.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #6202 from edsantiago/bats_volumesOpenShift Merge Robot2020-05-13
|\ \ \ | |/ / |/| | system tests: add volume tests
| * | system tests: add volume testsEd Santiago2020-05-12
| |/ | | | | | | Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #6196 from mheon/remote_libpod_confOpenShift Merge Robot2020-05-12
|\ \ | |/ |/| Remove libpod.conf from repo
| * Remove libpod.conf from repoMatthew Heon2020-05-12
|/ | | | | | | | | | | Now that we're shipping containers.conf, we don't want to provide a libpod.conf anymore. This removes libpod.conf from the repo and as many direct uses as I can find. There are a few more mentions in the documentation, but someone more familiar with containers.conf should make those edits. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #6174 from giuseppe/fix-events-rootlessOpenShift Merge Robot2020-05-12
|\ | | | | rootless: do not set pids limits with cgroupfs
| * test: enable networking test for rootlessGiuseppe Scrivano2020-05-12
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * rootless: do not set pids limits with cgroupfsGiuseppe Scrivano2020-05-12
| | | | | | | | | | | | and enable events tests. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #6182 from baude/v2remotedfOpenShift Merge Robot2020-05-12
|\ \ | | | | | | add podman remote system df
| * | add podman remote system dfBrent Baude2020-05-12
| | | | | | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #6154 from baude/v2signOpenShift Merge Robot2020-05-12
|\ \ \ | | | | | | | | v2podman image sign
| * | | v2podman image signBrent Baude2020-05-11
| | | | | | | | | | | | | | | | | | | | | | | | this is a straight port to add the podman image sign command. no improvements or refactoring done Signed-off-by: Brent Baude <bbaude@redhat.com>