| Commit message (Collapse) | Author | Age |
|
|
|
|
|
| |
This fixes all the current errors concerning checkpoint/restore.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Only Fedora 29 and newer has an updated container-selinux and
selinux-policy new enough to support CRIU in restoring threaded
processes in a container with SELinux enabled.
Also skip checkpoint/restore tests if rootless. CRIU requires root.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\
| |
| | |
Bump to Buildah v1.8.2
|
| |
| |
| |
| |
| |
| | |
As the title suggests.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|\ \
| |/
|/| |
Document events logger options in libpod.conf manpage
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
Add restart policy for containers
|
| |
| |
| |
| |
| |
| |
| | |
Theory: it's SELinux blowing up and preventing us from creating
files as the container. Try and use a fresh dir and :Z to fix.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| | |
Ensure that we can decode the restart event with the new journald
events.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The on-failure restart option supports restarting only a given
number of times. To do this, we need one additional field in the
DB to track restart count (which conveniently fills a field in
Inspect we weren't populating), plus some plumbing logic.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| | |
Noticed this when testing some behavior with Docker.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| | |
This initial version does not support restart count, but it works
as advertised otherwise.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This field indicates that a container was explciitly stopped by
an API call, and did not exit naturally. It's used when
implementing restart policy for containers.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
fix logout message if login only with docker
|
| | |
| | |
| | |
| | |
| | |
| | | |
if checkAuth() success but not logged in with podman, assume it's logged in with docker and retrun the message.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| |_|/
|/| | |
change from sysregistries to sysregistriesv2
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We want to start supporting the registries.conf format.
Also start showing blocked registries in podman info
Fix sorting so all registries are listed together in podman info.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
top: fallback to execing ps(1)
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fallback to executing ps(1) in case we hit an unknown psgo descriptor.
This ensures backwards compatibility with docker-top, which was purely
ps(1) driven.
Also support comma-separated descriptors as input.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add variable for global flags to runlabel
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
use $GLOBAL_OPTS to pass global flags to the runlabel command.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
clean up shared/parse/parse.go
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
prune unused functions and add unit tests for a number of the remaining
ones.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Cirrus: timestamp all output script output
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also remove direct time-stamping by CI scripts that would compete.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Merge volume flags implementation
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
When running inside Podman, we get an extra `nodev` mount option.
It doesn't seem to be a bug, more an artifact of running in a
somewhat locked-down container. So instead of checking explicitly
for a set of mount options, just verify the ones we set are
present.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This involves moving some code out of pkg/spec/ into util/ so it
can also be used by libpod.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This ensures that all tmpfs mounts added by the user, even with
the --mount flag, share a few common options (nosuid, noexec,
nodev), and options for tmpfs mounts are properly validated to
ensure they are correct.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Same result, but notably better error messages when things go
wrong.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
As part of this, move bind mount option validity parsing and
modification (adding e.g. rbind on bind mounts that are missing
it), which requires test changes (expected values have changed).
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We were unconditionally resetting volume mount options for all
mount points (and by the looks of things, completely dropping
tmpfs mounts), which was causing runc to refuse to run containers
and all the tests to consequently fail.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Several changes made in the interface of pkg/spec make
interacting with it without a runtime difficult to impossible,
so move the existing limited testing from cmd/podman (which
mostly tested pkg/spec) into pkg/spec itself where we can call
individual functions that don't break things.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Unify handling for the --volume, --mount, --volumes-from, --tmpfs
and --init flags into a single file and set of functions. This
will greatly improve readability and maintainability.
Further, properly handle superceding and conflicting mounts. Our
current patchwork has serious issues when mounts conflict, or
when a mount from --volumes-from or an image volume should be
overwritten by a user volume or named volume.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Play kube was passing the pod, but CreateConfig was not. Unify it
so they both do, so we can remove some unnecessary duplicate
lookup code.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The goal here is to keep only the configuration directly used to
build the container in CreateConfig, and scrub temporary state
and helpers that we need to generate. We'll keep those internally
in MakeContainerConfig.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Right now, there are two major API calls necessary to turn a
filled-in CreateConfig into the options and OCI spec necessary to
make a libpod Container. I'm intending on refactoring both of
these extensively to unify a few things, so make a common
frontend to both that will prevent API changes from leaking out
of the package.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
Small fixes for #2950
|