| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support to auto-update containers running in systemd units as
generated with `podman generate systemd --new`.
`podman auto-update` looks up containers with a specified
"io.containers.autoupdate" label (i.e., the auto-update policy).
If the label is present and set to "image", Podman reaches out to the
corresponding registry to check if the image has been updated. We
consider an image to be updated if the digest in the local storage is
different than the one of the remote image. If an image must be
updated, Podman pulls it down and restarts the container. Note that the
restarting sequence relies on systemd.
At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT"
environment variables and stores it verbatim in the container's label.
This variable is now set by all systemd units generated by
`podman-generate-systemd` and is set to `%n` (i.e., the name of systemd
unit starting the container). This data is then being used in the
auto-update sequence to instruct systemd (via DBUS) to restart the unit
and hence to restart the container.
Note that this implementation of auto-updates relies on systemd and
requires a fully-qualified image reference to be used to create the
container. This enforcement is necessary to know which image to
actually check and pull. If we used an image ID, we would not know
which image to check/pull anymore.
Fixes: #3575
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
| |
Move the dbus-connection code from libpod's healthcheck to pkg/systemd
to allow for sharing the logic. Needed for the auto-updates work.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
Four small CI fixes:
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1) 'podman system info' (in logcollector): has been silently
failing in special_testing_rootless, with:
logcollector.sh: line 16: podman: command not found
Use ./bin/podman instead of just podman; this is probably
the right thing to do in the general case anyway
2) logformatter: highlight 'panic:', seen in bindings test:
https://storage.googleapis.com/cirrus-ci-5385732420009984-fcae48/artifacts/containers/libpod/6693715108429824/html/integration_test.log.html
3) logformatter: handle Unicode bullet in front of 'Running',
seen in bindings test.
4) logformatter: turn down contrast on BATS 'ok' results,
for legibility
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | | |
Bump k8s.io/api from 0.17.3 to 0.17.4
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [k8s.io/api](https://github.com/kubernetes/api) from 0.17.3 to 0.17.4.
- [Release notes](https://github.com/kubernetes/api/releases)
- [Commits](https://github.com/kubernetes/api/compare/v0.17.3...v0.17.4)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| |
| | |
| | | |
containers/dependabot/go_modules/github.com/containers/common-0.5.0
Bump github.com/containers/common from 0.4.2 to 0.5.0
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.4.2 to 0.5.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.4.2...v0.5.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
fix systemd generate tests
|
| |/ /
| |
| |
| |
| |
| | |
Add the `default.target` to the failing tests.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| | |
| | | |
systemd generator: force run container detached if CreateCommand has no detach param
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
the podman generated systemd service file has `Type=forking` service,
so the command after `ExecStart=` should not run in front.
if someone created a container and has the detach(`-d`) param missing
like this
```
podman create --name ngxdemo -P nginxdemos/hello
```
and generate the file with `--new` param:
```
podman generate systemd --name --new ngxdemo
```
because `podman run xxx` has no `-d` param,
so the container is not run in background and nerver exit.
and systemd will fail to start the service:
```
sudo systemctl start container-ngxdemo.service
Job for container-ngxdemo.service failed because a timeout was exceeded.
See "systemctl status container-ngxdemo.service" and "journalctl -xe" for details.
```
Signed-off-by: 荒野無燈 <ttys3@outlook.com>
|
| |\ \ \
| | | |
| | | | |
Fix bug podman reset to not remove $XDG_RUNTIME_DIR
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In some older systems we point the temporary directory to /run/user/1000 which leads podman system reset to clear unrelated files under XDG_RUNTIME_DIR. This patch only removes files created by podman if TmpDir is the same as the XDG_RUNTIME_DIR.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Missing double quotes in troubleshooting guide.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Tony Benoy <me@tonybenoy.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
run --rmi test: make it work
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The recently-added 'run --rmi' test was not actually doing
what it thinks it was doing: for one, 'run_podman | grep'
is never going to work; also, the test was leaving behind
stray images.
Rework to do what I believe the intention was; and, combine
into one test (down from two) for readability.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
add os|arch attributes when building
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
when building images, we can now add the os and arch of the image using overrides from the commandline. the commandline options set sane defaults so we use those as well.
Fixes: #5503
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
eat signal 23 in signal proxy
|
| | | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
due to a change in golang-1.14 and it's changes to make go funcs with tight loops preemptive, signals are now getting "through" that never were before.
From the golang-1.14 announce:
Goroutines are now asynchronously preemptible. As a result, loops without function calls no longer potentially deadlock the scheduler or significantly delay garbage collection. This is supported on all platforms except windows/arm, darwin/arm, js/wasm, and plan9/*.
A consequence of the implementation of preemption is that on Unix systems, including Linux and macOS systems, programs built with Go 1.14 will receive more signals than programs built with earlier releases. This means that programs that use packages like syscall or golang.org/x/sys/unix will see more slow system calls fail with EINTR errors. Those programs will have to handle those errors in some way, most likely looping to try the system call again. For more information about this see man 7 signal for Linux systems or similar documentation for other systems.
Fixes #5483
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/fsnotify/fsnotify-1.4.9
Bump github.com/fsnotify/fsnotify from 1.4.7 to 1.4.9
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) from 1.4.7 to 1.4.9.
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/master/CHANGELOG.md)
- [Commits](https://github.com/fsnotify/fsnotify/compare/v1.4.7...v1.4.9)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
add apiv2 healthcheck code
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | | |
reworking binding and endpoint to actually work. added documentation in swagger for and various return code possibilities. add a good start on tests though we need some other container functions not yet implemented for that.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | |
| | | | |
| | | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.16.3
Bump github.com/containers/storage from 1.16.2 to 1.16.3
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.16.2 to 1.16.3.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.16.2...v1.16.3)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
turn off color-mode for bindings
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
the binding ginkgo tests were using color mode which throws in a bunch of ansi garbage that makes it hard to read the logs
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
remove imagefilter for varlink remote client
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
the api for getting images changed to use filters but back level podman versions cannot handle it. so temporarily disabling the filtering for remote clients until the restful approach can be used.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
rootlessport: detect rootless-child exit
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
otherwise the rootless parent process might wait indefinitely when the
rootless-child process exits early.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
create: do not calculate image size
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
calculating the image size can be an expensive operation. Avoid doing
it when creating a new container since the size is not needed.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
Follow up change from #5244
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Code review change suggested by jwhonce in
https://github.com/containers/libpod/pull/5244#pullrequestreview-366574431
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[CI:DOCS]Add libpod event endpoint
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
add an endpoint for events on the libpod side of the house.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
man page cross-reference fixes: part 2
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The other direction: fix or clean up elements documented in
man pages but which did/do not exist in actual podman:
* runlabel: add missing "-n" alias for --name
And, remove man page entries for nonexistent options:
* podman commit: --iidfile
* podman container runlabel: --rootfs, --storage
* podman create: --cpu-count
There are two problems I don't know how to deal with. Both
are related to main_local.go:rootCmd.PersistentFlags() :
1) podman-build.1.md documents --cni-config-dir and
--runtime options, but these are not actually options
under podman build; they are global options. The
documentation in this man page differs from that
under podman-build.
2) podman ps implements a binary --namespace option,
but this option does not (cannot?) appear in --help
because there's a global --namespace string option
and Cobra somehow gets confused about this.
Do we really intend for global options to be parsed on
the right-hand side of subcommands? This strikes me as
unintuitive and potentially confusing, although the
fact that it has taken me this long to discover it
suggests that it's not _that_ confusing.
Suggestions welcome. I can file issues for 1/2 above,
or simply teach my script to special-case ignore them.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Update start stop api to use pod status function.
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Update the strat and stop api to validate pod status based on status functions
rather than iterating over all the containers in the pod. (Addressing the TO-DO)
Signed-off-by: Sujil02 <sushah@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
[CI:DOCS] Update version in README to v1.8.1
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
[CI:DOCS]Bump to v1.8.1
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/ / / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
man pages: fix inconsistencies
|
