summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* libpod: fix stats for rootless podsGiuseppe Scrivano2019-12-04
| | | | | | | | honor the systemd parent directory when specified. Closes: https://github.com/containers/libpod/issues/4634 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #4635 from ssbarnea/fix/go-md2manOpenShift Merge Robot2019-12-03
|\ | | | | Attempt to install go-md2man only if missing
| * Attempt to install go-md2man only if missingSorin Sbarnea2019-12-03
|/ | | | | Fixes: #4632 Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* Merge pull request #4630 from TomSweeneyRedHat/dev/tsweeney/rootlesstouchupOpenShift Merge Robot2019-12-03
|\ | | | | Quick grammar touchup in rootless.md
| * Quick grammar touchup in rootless.mdTomSweeneyRedHat2019-12-03
| | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #4629 from mheon/fix_indirect_netnsctr_lookupOpenShift Merge Robot2019-12-03
|\ \ | | | | | | Allow chained network namespace containers
| * | Allow chained network namespace containersMatthew Heon2019-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The code currently assumes that the container we delegate network namespace to will never further delegate to another container, so when looking up things like /etc/hosts and /etc/resolv.conf we won't pull the correct files from the chained dependency. The changes to resolve this are relatively simple - just need to keep looking until we find a container without NetNsCtr set. Fixes #4626 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #4614 from bfallik/patch-1OpenShift Merge Robot2019-12-03
|\ \ \ | |_|/ |/| | troubleshooting: warn about secure boot
| * | troubleshooting: warn about secure bootBrian Fallik2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an additional troubleshooting item to warn users that Secure Boot can prevent Podman from running containers. The error messages and initial debugging steps don't make it clear that this all stems from a BIOS setting. Hopefully adding this item to the troubleshooting doc will avoid future headaches. Signed-off-by: Brian Fallik <brian@clypd.com>
* | | Merge pull request #4599 from raukadah/rpmbuild_withoutOpenShift Merge Robot2019-12-03
|\ \ \ | | | | | | | | Updates on making doc building optional
| * | | Updates on making doc building and debug optionalChandan Kumar (raukadah)2019-12-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It changes the podman spec from using with_doc to bcond_without for building docs so that anyone can pass --without doc as well as other rpmbuild args to the build_rpm.sh script to skip building docs. Since go-md2man is not available in CentOS8 repo. without the help fo extra_args, it makes it conditional. It also moves the manpages to a seperate package. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | Merge pull request #4615 from ssbarnea/fix/prepareOpenShift Merge Robot2019-12-03
|\ \ \ \ | | | | | | | | | | build: improved prepare.sh
| * | | | build: improved prepare.shSorin Sbarnea2019-12-02
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | * assure we use bash strict mode * avoid shallow errors on full clones * make script bit more idempotent Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | | | Merge pull request #4622 from rhatdan/rootlessOpenShift Merge Robot2019-12-03
|\ \ \ \ | | | | | | | | | | Add comment on rootless containers creating device nodes
| * | | | Add comment on rootless containers creating device nodesDaniel J Walsh2019-12-03
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4623 from rhatdan/errorsOpenShift Merge Robot2019-12-03
|\ \ \ \ \ | | | | | | | | | | | | Ignore ErrCtrRemoved when removing a container
| * | | | | Ignore ErrCtrRemoved when removing a containerDaniel J Walsh2019-12-03
| | |_|_|/ | |/| | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4624 from mheon/refresh_volume_locksOpenShift Merge Robot2019-12-02
|\ \ \ \ \ | | | | | | | | | | | | Ensure volumes reacquire locks on state refresh
| * | | | | Ensure volumes reacquire locks on state refreshMatthew Heon2019-12-02
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After a restart, pods and containers both run a refresh() function to prepare to run after a reboot. Until now, volumes have not had a similar function, because they had no per-boot setup to perform. Unfortunately, this was not noticed when in-memory locking was introduced to volumes. The refresh() routine is, among other things, responsible for ensuring that locks are reserved after a reboot, ensuring they cannot be taken by a freshly-created container, pod, or volume. If this reservation is not done, we can end up with two objects using the same lock, potentially needing to lock each other for some operations - classic recipe for deadlocks. Add a refresh() function to volumes to perform lock reservation and ensure it is called as part of overall refresh(). Fixes #4605 Fixes #4621 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #4584 from nitrocode/patch-2OpenShift Merge Robot2019-12-02
|\ \ \ \ \ | | | | | | | | | | | | install.md: added slirp4netns dependency to ubuntu
| * | | | | install.md: added slirp4netns dependency to ubuntunitro2019-12-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://github.com/containers/libpod/issues/1234 Signed-off-by: nitrocode <nitrocode@users.noreply.github.com>
* | | | | | Merge pull request #4616 from ssbarnea/fix/makefileOpenShift Merge Robot2019-12-02
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | build: improved main makefile
| * | | | | build: improved main makefileSorin Sbarnea2019-12-02
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * added .install.md2man as dependency for docs, fixed broken build on systems that do not have go-md2man preinstalled. * sorted PHONY targets Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | | | | Merge pull request #4596 from kunalkushwaha/container-pruneOpenShift Merge Robot2019-12-02
|\ \ \ \ \ | |_|_|/ / |/| | | | container prune command fixed as per docker prune command
| * | | | man page updated with examples of filter optionKunal Kushwaha2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | examples with filter added Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | | | filter added to container prune commandKunal Kushwaha2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filter flag helps to filter the containers based on labels, until(time), name, etc for prune command. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | | | command output fixed as per docker equivalentKunal Kushwaha2019-11-28
| | |/ / | |/| | | | | | | | | | | | | | | | | | container prune command ask for confirmation by default. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | | Merge pull request #4617 from giuseppe/fix-error-caseOpenShift Merge Robot2019-12-02
|\ \ \ \ | | | | | | | | | | libpod: fix case for executable file not found errors
| * | | | libpod: fix case for executable file not found errorsGiuseppe Scrivano2019-12-02
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | do not change the runtime error to be lowercase, but use a case insensitive regex matching. In this way the original error from the OCI runtime is reported back. regression introduced by bc485bce47f55135d6ead80537bc145edb779ae9 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #4608 from rhatdan/vendorOpenShift Merge Robot2019-12-02
|\ \ \ \ | |/ / / |/| | | Fix podman-remote version to print client and server
| * | | Fix podman-remote version to print client and serverDaniel J Walsh2019-12-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the user specifies .Server.* on a non podman-remote, substitute .Client for .Server and return the value. This is for compatability with Docker. Since prior versions documented --format {{ .Version }}, we have to continue to support that. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4493 from mheon/add_removing_stateOpenShift Merge Robot2019-12-02
|\ \ \ \ | |/ / / |/| | | Add ContainerStateRemoving
| * | | Error on netns not exist only when ctr is runningMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the container is running and we need to get its netns and can't, that is a serious bug deserving of errors. If it's not running, that's not really a big deal. Log an error and continue. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | Add ContainerStateRemovingMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Libpod removes a container, there is the possibility that removal will not fully succeed. The most notable problems are storage issues, where the container cannot be removed from c/storage. When this occurs, we were faced with a choice. We can keep the container in the state, appearing in `podman ps` and available for other API operations, but likely unable to do any of them as it's been partially removed. Or we can remove it very early and clean up after it's already gone. We have, until now, used the second approach. The problem that arises is intermittent problems removing storage. We end up removing a container, failing to remove its storage, and ending up with a container permanently stuck in c/storage that we can't remove with the normal Podman CLI, can't use the name of, and generally can't interact with. A notable cause is when Podman is hit by a SIGKILL midway through removal, which can consistently cause `podman rm` to fail to remove storage. We now add a new state for containers that are in the process of being removed, ContainerStateRemoving. We set this at the beginning of the removal process. It notifies Podman that the container cannot be used anymore, but preserves it in the DB until it is fully removed. This will allow Remove to be run on these containers again, which should successfully remove storage if it fails. Fixes #3906 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #4558 from rhatdan/resetOpenShift Merge Robot2019-11-29
|\ \ \ \ | | | | | | | | | | Add podman system reset command
| * | | | Add podman system reset commandDaniel J Walsh2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This command will destroy all data created via podman. It will remove containers, images, volumes, pods. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | | | fix commands.go to get links from correct directoryDaniel J Walsh2019-11-29
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #4597 from openSUSE/nostoreOpenShift Merge Robot2019-11-29
|\ \ \ \ \ | |_|_|_|/ |/| | | | Do not initialize store on rootless podman
| * | | | Do not initialize store on rootless podmanSascha Grunert2019-11-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a double-locking issue of the container storage when running rootless podman. Closes #4591 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | | | Merge pull request #4576 from giuseppe/oci-errors-only-matchOpenShift Merge Robot2019-11-29
|\ \ \ \ \ | | | | | | | | | | | | oci: print only matching part for the errors
| * | | | | oci: print only matching part for the errorsGiuseppe Scrivano2019-11-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when parsing the OCI error, be sure to discard any other output that is not matched. The full output is still printed with --log-level=debug. Closes: https://github.com/containers/libpod/issues/4574 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #4587 from raukadah/btrfsOpenShift Merge Robot2019-11-29
|\ \ \ \ \ \ | | | | | | | | | | | | | | Disable btrfs for RHEL in podman spec
| * | | | | | Donot install btrfs in RHEL/CentOS-8Chandan Kumar (raukadah)2019-11-28
| | |_|_|_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since btrfs-progs-devel is not available in RHEL/CentOS 8 and the spec fails to build it while running build_rpm.sh, making it optional fixes the issue. It also modifies the spec file to install btrfs-progs-devel for fedora only. Since golang-github-cpuguy83-go-md2man was added twice, it also removes the repetition. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | | | Merge pull request #4589 from ssbarnea/fix/build2OpenShift Merge Robot2019-11-29
|\ \ \ \ \ \ | | | | | | | | | | | | | | Detect Python executable in Makefile
| * | | | | | Detect Python executable in MakefileSorin Sbarnea2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `make help` failed on modern platforms that have only python3 executable installed. Signed-off-by: Sorin Sbarnea <ssbarnea@redhat.com>
* | | | | | | Merge pull request #4590 from raukadah/docsOpenShift Merge Robot2019-11-29
|\ \ \ \ \ \ \ | |_|_|_|_|/ / |/| | | | | | Make doc building in spec optional
| * | | | | | Make doc building in spec optionalChandan Kumar (raukadah)2019-11-28
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | since go-man2md is not available in CentOS 8, making it optional allows them to build the rpm. Signed-off-by: Chandan Kumar (raukadah) <raukadah@gmail.com>
* | | | | | Merge pull request #4594 from adrianreber/masterOpenShift Merge Robot2019-11-29
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Disable checkpointing of containers started with --rm
| * | | | | Disable checkpointing of containers started with --rmAdrian Reber2019-11-28
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Trying to checkpoint a container started with --rm works, but it makes no sense as the container, including the checkpoint, will be deleted after writing the checkpoint. This commit inhibits checkpointing containers started with '--rm' unless '--export' is used. If the checkpoint is exported it can easily be restored from the exported checkpoint, even if '--rm' is used. To restore a container from a checkpoint it is even necessary to manually run 'podman rm' if the container is not started with '--rm'. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | | Merge pull request #4579 from ssbarnea/fix/buildOpenShift Merge Robot2019-11-28
|\ \ \ \ \ | |/ / / / |/| / / / | |/ / / Improved build_rpm.sh