summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Remove No New Privs from DB as it's already in the specMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #383 Approved by: rhatdan
* Vendor in latest containers/imageumohnani82018-02-22
| | | | | | | | | This fixes the blob and config names in the dir transport by removing the .tar extension Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #382 Approved by: rhatdan
* Add accessors to all container config and state fieldsMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #381 Approved by: rhatdan
* Implement --image-volumes for create and runumohnani82018-02-22
| | | | | | | | | | | | | | --image-volumes tells podman what to do with the image volumes in the image config There are 3 options: bind, tmpfs, and ignore bind puts the volume contents in /var/lib/containers/storage/container-id/volumes/vol-dir and bind mounts it into the container at /vol-dir tmpfs mounts /vol-dir as a tmps into the container ignore doesn't mount the image volumes onto the container Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #377 Approved by: rhatdan
* Remove unnecessary booleansMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Fix gofmtMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Make operations on pod containers as a group independentMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Fix gofmtMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Add ability to start containers in a podMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Add kill and stop for podsMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Add pod status commandMatthew Heon2018-02-22
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #361 Approved by: rhatdan
* Add tests and cleanupJhon Honce2018-02-22
| | | | | | | | | | - Added run_cgroup_parent_test.go - Cleaned up calls to logrus Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #370 Approved by: rhatdan
* Push up createConfig.CgroupParent processing to parentJhon Honce2018-02-22
| | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #370 Approved by: rhatdan
* Corrected commentJhon Honce2018-02-22
| | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #370 Approved by: rhatdan
* Implement podman run option --cgroup-parentJhon Honce2018-02-22
| | | | | | | | | | | Example: sudo /usr/local/bin/podman run --cgroup-parent=/zzz fedora cat /proc/self/cgroup Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #370 Approved by: rhatdan
* Correct exit code 126 and 127baude2018-02-21
| | | | | | | | | | | | | | | | The exit codes for 126 and 127 were reversed. For the record, the exit codes used are as follows: * 125 if ‘chroot’ itself fails * 126 if COMMAND is found but cannot be invoked * 127 if COMMAND cannot be found This resolves issue #367 Signed-off-by: baude <bbaude@redhat.com> Closes: #378 Approved by: baude
* Inspect output should be in array formbaude2018-02-21
| | | | | | | | | | | | | | | | | | | | | | | | Inspect should be able to inspect one or more containers depending on the user input. Therefore, inspect output should be in array format so the consumer could potentially iterate it. This PR allows users to specify one more or containers|images|or a mix for inspection. The output, as stated, is therefore in array form. This holds true even for a singular image. In the case that the user enters an invalid container|image "name", we handle that gracefully. Podman will output json for the valid names until it reaches the invalid one. For example: In this case, podman will out the json for alpine and then print an error about 123 being invalid. It will not continute onto busybox. This behavior imatates docker. This addresses issue #360 Signed-off-by: baude <bbaude@redhat.com> Closes: #371 Approved by: baude
* Add --time alias to manpagesMatthew Heon2018-02-21
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #375 Approved by: rhatdan
* Alias --time to --timeout for 'podman stop'Matthew Heon2018-02-21
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #375 Approved by: rhatdan
* Performance enhancement for podman imagesbaude2018-02-20
| | | | | | | | | | | | | Previous code was using slow routines to collect some of the information needed to output images. Specifically size was being calculated instead of using the cached, already known size already available. Also, straight- lined several of the code paths. Overall assessment is that these improvements cut the time for images in half. Signed-off-by: baude <bbaude@redhat.com> Closes: #365 Approved by: mheon
* Resolve contention between copr and fedora reposbaude2018-02-20
| | | | | | | | | | | | In order for the podman in podman tests to work, we need to install a copr RPM that has the function we need (and is not in a fedora build yet). Because the copr rpms are not versioned correctly (relative to the fedora ones), we now set the version in the copr rpm. Signed-off-by: baude <bbaude@redhat.com> Closes: #368 Approved by: mheon
* Fix podman save when redirecting outputumohnani82018-02-20
| | | | | | | | | | | podman save would write the progress bar to the image tar file when the output was redirected with >. Fixed the writer to write to stderr for all commands using writer Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #362 Approved by: mheon
* Ensure we don't repeatedly poll disk for exit codesMatthew Heon2018-02-20
| | | | | | | | | | | | Change logic for refreshing our state using runc to only poll for conmon exit files when we first transition to the Stopped state. After that, we should already have the exit code stored in the database, so we don't need to look it up again. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #363 Approved by: TomSweeneyRedHat
* Update c/image to 701221f0891d76aeac3f25912e6bb9f84e88de1cMatthew Heon2018-02-20
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #358 Approved by: TomSweeneyRedHat
* Change uptime format in `podman info` to human-readableMatthew Heon2018-02-19
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #355 Approved by: rhatdan
* Merge pull request #357 from edsantiago/vice-versaDaniel J Walsh2018-02-19
|\ | | | | language: correct 'vice versa' in docs
| * language: correct 'vice versa' in docsEd Santiago2018-02-19
|/ | | | Signed-off-by: Ed Santiago <santiago@redhat.com>
* Remove unused registry related options from libpodMatthew Heon2018-02-19
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #349 Approved by: rhatdan
* Bump version to v0.2.2 for ongoing developmentMatthew Heon2018-02-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #347 Approved by: mheon
* Merge pull request #346 from baude/0.2.1v0.2.1Brent Baude2018-02-16
|\ | | | | 0.2.1
| * 0.2.1baude2018-02-16
|/ | | | Signed-off-by: baude <bbaude@redhat.com>
* Run podman inside a podman containerbaude2018-02-16
| | | | | | | | | | | | | | | | | We should be able to run nested podman containers in particular for our testing environment. i.e. eat our own dog food. Some privileges had to be corrected in order for this to work correctly. Added a third papr target that runs podman tests inside podman. I marked the test as not required right now as we get more confident in the results Signed-off-by: baude <bbaude@redhat.com> Closes: #340 Approved by: rhatdan
* Remove last traces of old version schemeMatthew Heon2018-02-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #345 Approved by: rhatdan
* Add FFJSON encoding/decoding for our container structsMatthew Heon2018-02-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #323 Approved by: mheon
* images --all developer notebaude2018-02-16
| | | | | | | | | | | | | podman does not implement --all for images intermediate images are only generated during the build process. they are children to the image once built. until buildah supports caching builds, it will not generate these intermediate images. Signed-off-by: baude <bbaude@redhat.com> Closes: #344 Approved by: rhatdan
* Add podman versionDaniel J Walsh2018-02-15
| | | | | | | | Copy the way cri-o does this by adding a libpod/version Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #343 Approved by: mheon
* Touch up tutorial location and install reqsTomSweeneyRedHat2018-02-15
| | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Closes: #337 Approved by: rhatdan
* No registries warningbaude2018-02-15
| | | | | | | | | When no /etc/containers/registries.conf is found, log a warning message. Signed-off-by: baude <bbaude@redhat.com> Closes: #338 Approved by: mheon
* Return imageid from podman pullbaude2018-02-15
| | | | | | | | | | | | When using podman to pull an image, print the image id after the image is pulled. Resolves issue #329 Signed-off-by: baude <bbaude@redhat.com> Closes: #342 Approved by: rhatdan
* Squash logged errors from failed SQL rollbacksMatthew Heon2018-02-15
| | | | | | | | | | | | | | | | Currently we unconditionally roll back transactions after error, even if a commit has already been attempted. Commit is guaranteed to end a transaction, though, whether by successfully committing or by rolling back if that fails. As such, we attempt a double rollback if a transaction fails at commit (for example, for a constraint violation), which doesn't error but does log angry warning messages. Ensure we don't try rolling back after commit runs to prevent this. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #327 Approved by: rhatdan
* No entrpoint, cmd, or commandbaude2018-02-15
| | | | | | | | | | | | | When an image does not have an ENTRYPOINT nor a CMD and the user does not provide a command in the CLI, we should fail gracefully. This resolves issue #328 Signed-off-by: baude <bbaude@redhat.com> Closes: #333 Approved by: mheon
* Privileged containers should inherit host devicesbaude2018-02-15
| | | | | | | | | | When running a privileged container, it should inherit the same devices the host has. Signed-off-by: baude <bbaude@redhat.com> Closes: #330 Approved by: mheon
* Bump podman version to match release versionbaude2018-02-14
| | | | | | | Signed-off-by: baude <bbaude@redhat.com> Closes: #331 Approved by: baude
* Add copr depsbaude2018-02-14
| | | | | | | | | | | | The COPR spec needs to require: * atomic-registries * iptables * containernetworking-cni Signed-off-by: baude <bbaude@redhat.com> Closes: #332 Approved by: baude
* PS performance cleanupsbaude2018-02-14
| | | | | | | | | | | By not getting data that we don't need and adding more locking functions under the batch, we are able to cut the time for listing 50 containers in half. More to come. Signed-off-by: baude <bbaude@redhat.com> Closes: #325 Approved by: mheon
* Disable default Seccomp profile with privileged containersMatthew Heon2018-02-13
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #326 Approved by: baude
* Make libpod build on 32-bit systemsMatthew Heon2018-02-13
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #324 Approved by: rhatdan
* Address review commentv0.2Matthew Heon2018-02-12
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #184 Approved by: baude
* Add buckets for all containers and all podsMatthew Heon2018-02-12
| | | | | | | | | | | Now, we don't need to use the global ID registry to iterate - we can iterate only through containers or only through pods, without having to iterate through both. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #184 Approved by: baude
* Containers in a pod can only join namespaces in that podMatthew Heon2018-02-12
| | | | | | | | | | | | | | This solves some dependency problems in the state, and makes sense from a design standpoint. Containers not in a pod can still depend on the namespaces of containers joined to a pod, which we might also want to change in the future. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #184 Approved by: baude