| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
Add --max-workers and heuristics for parallel operations
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add a global flag for --max-workers so users can limit the number
of parallel operations for a given function. also, when not limited
by max-workers, we implement a heuristic function that returns the
number of preferred parallel workers based on the number of CPUs and
the given operation.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
run performance improvements
|
| | |/
| |
| |
| |
| |
| |
| | |
run prepare() -- which consists of creating a network namespace and
mounting the container image is now run in parallel. This saves 25-40ms.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
Increase security and performance when looking up groups
|
| |/
|
|
|
|
|
|
|
|
| |
We implement the securejoin method to make sure the paths to /etc/passwd and
/etc/group are not symlinks to something naughty or outside the container
image. And then instead of actually chrooting, we use the runc functions to
get information about a user. The net result is increased security and
a a performance gain from 41ms to 100us.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
downgrade runc due a rootless bug
|
| |/
|
|
| |
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
Support auth file environment variable in podman build
|
| | |
| |
| |
| | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \
| | |
| | | |
Eat our own dogfood
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Switch all tests to use podman installed on the system, or Docker if podman
does not exist.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Explain the device format in man pages
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
create: fix writing cidfile when using rootless
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
prevent opening the same file twice, since we re-exec podman in
rootless mode. While at it, also solve a possible race between the
check for the file and writing to it. Another process could have
created the file in the meanwhile and we would just end up overwriting
it.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
vendor: update container/storage
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Add support for /usr/local installation
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |\ \ \
| | | |
| | | | |
read conmon output and convert to json in two steps
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when reading the output from conmon using the JSON methods, it appears that
JSON marshalling is higher in pprof than it really is because the pipe is
"waiting" for a response. this gives us a clearer look at the real CPU/time
consumers.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Cirrus: Use images w/ buildah fix
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Ref: https://github.com/containers/buildah/pull/1109
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Move selinux label reservations to containers storage.
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
Add --all and --latest to checkpoint/restore
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This add the convenience options --all and --latest to the subcommands
checkpoint and restore.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This removes duplicate code paths which has been previously factored out
as getAllOrLatestContainers().
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Instead of duplicating the same code in multiple commands this uses the
newly added function checkAllAndLatest() instead.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Just as the checkAllAndLatest() function the new code in
getAllOrLatestContainers() is used in some commands and duplicated. This
factors out this code to be used in other places without duplicating it.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The check about the --all and --latest option is used and repeated and
some commands. Factor it out and put it into common.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Downgrade code to support python3.4
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
* Added tox configuration to test python 3.4, 3.5 and 3.6.
Tox testing not enabled on every PR
* Updated MANIFEST.ini to support tox
* Correct comments
Fixes #1641
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Make podman ps fast
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Like Ricky Bobby, we want to go fast.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Use more reliable check for rootless for firewall init
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
We probably won't be able to initialize a firewall plugin when we
are not running as root, so we shouldn't even try. Replace the
less-effect EUID check with the rootless package's better check
to make sure we don't accidentally set up the firewall in these
cases.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
| |\ \ \ \ \ \ \ \
| |_|_|/ / / / /
|/| | | | | | | |
Fix podman port -l
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Running 'podman port -l' on a system without any containers created
gives:
$ podman port -l
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0xf3cef1]
goroutine 1 [running]:
github.com/containers/libpod/libpod.(*Container).State(0x0, 0x0, 0x0, 0x0)
/share/go/src/github.com/containers/libpod/libpod/container.go:658 +0x41
main.portCmd(0xc420094580, 0x0, 0x0)
/share/go/src/github.com/containers/libpod/cmd/podman/port.go:118 +0x406
This fixes it by making sure the variable 'containers' is nil and not [<nil>].
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Add CRIU version check for checkpoint and restore
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Do not re-implement the CRIU version check in the test suite, use it
from libpod/pkg/criu.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
The newly introduced CRIU version check is now used to make sure
checkpointing and restoring is only used if the CRIU version is new
enough.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This adds a simple CRIU version check using the vendored-in
CRIU go bindings.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| |_|_|/ / / / / /
|/| | | | | | | | |
Add simple IRC messenger
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
This reverts commit b610913ef55ac36d0b145a7d20461649650cc5a1.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Add a naive python script that's able to connect to IRC and send a
single line of text to the #podman channel. Wrap this in a new
library function to ensure nick-name collisions are unlikely.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
