summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* [skip ci] Cirrus: Container for tracking image useChris Evich2019-01-24
| | | | | | | Once built, this container can be utilized by automation to help keep track of VM images. All parameters are passed in via env. vars. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #2069 from mheon/warn_on_overriding_driverOpenShift Merge Robot2019-01-23
|\ | | | | Warn on overriding user-specified storage driver w/ DB
| * Warn on overriding user-specified storage driver w/ DBMatthew Heon2019-01-02
| | | | | | | | | | | | | | | | Overriding storage.conf is not intuitive behavior, so pop up an error message when it happens, so people know that bad things are happening. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #2203 from 9034725985/patch-1OpenShift Merge Robot2019-01-23
|\ \ | | | | | | remove sudo
| * | remove sudoKushal2019-01-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | just tested with podman 1.0.0 on fedora 29 we don't need sudo I tried this again and it seems like we DO need sudo? Maybe I misunderstood something but looks like I am unable to reproduce getting an IP address also it would be nice if creating a check point (which I belive means writing to disk) could be done without root but I guess it depends on where on disk I am writing? in any case, here is my new console output ```console [kus@asus-vivobook personal]$ cd libpod/ [kus@asus-vivobook libpod]$ git checkout patch-1 Branch 'patch-1' set up to track remote branch 'patch-1' from 'origin'. Switched to a new branch 'patch-1' [kus@asus-vivobook libpod]$ podman run -dt -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \ > -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \ > -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \ > registry.fedoraproject.org/f29/httpd /usr/bin/run-httpd Trying to pull registry.fedoraproject.org/f29/httpd...Getting image source signatures Copying blob 281a37f51f75: 85.68 MiB / 85.68 MiB [=======================] 1m47s Copying blob ab0d48faadd2: 4.64 MiB / 4.64 MiB [=========================] 1m47s Copying blob e1bf69dce18d: 49.77 MiB / 49.77 MiB [=======================] 1m47s Copying config 532763348c4e: 6.66 KiB / 6.66 KiB [==========================] 0s Writing manifest to image destination Storing signatures 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777 [kus@asus-vivobook libpod]$ podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 78917177dbf7 registry.fedoraproject.org/f29/httpd:latest container-entrypo... 4 seconds ago Up 3 seconds ago nifty_lewin [kus@asus-vivobook libpod]$ podman inspect -l | grep IPAddress\" "IPAddress": "", [kus@asus-vivobook libpod]$ sudo podman inspect -l | grep IPAddress\" [sudo] password for kus: no such container [kus@asus-vivobook libpod]$ podman logs --latest => sourcing 10-set-mpm.sh ... => sourcing 20-copy-config.sh ... => sourcing 40-ssl-certs.sh ... AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.100. Set the 'ServerName' directive globally to suppress this message [Tue Jan 22 12:59:38.887673 2019] [ssl:warn] [pid 1:tid 140100965338496] AH01909: 10.0.2.100:8443:0 server certificate does NOT include an ID which matches the server name AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.100. Set the 'ServerName' directive globally to suppress this message [Tue Jan 22 12:59:38.998169 2019] [ssl:warn] [pid 1:tid 140100965338496] AH01909: 10.0.2.100:8443:0 server certificate does NOT include an ID which matches the server name [Tue Jan 22 12:59:38.998876 2019] [lbmethod_heartbeat:notice] [pid 1:tid 140100965338496] AH02282: No slotmem from mod_heartmonitor [Tue Jan 22 12:59:39.001562 2019] [cgid:error] [pid 28:tid 140100965338496] (13)Permission denied: AH01243: Couldn't bind unix domain socket /run/httpd/cgisock.1 [Tue Jan 22 12:59:39.006051 2019] [mpm_event:notice] [pid 1:tid 140100965338496] AH00489: Apache/2.4.37 (Fedora) OpenSSL/1.1.1-pre9 configured -- resuming normal operations [Tue Jan 22 12:59:39.006164 2019] [core:notice] [pid 1:tid 140100965338496] AH00094: Command line: 'httpd -D FOREGROUND' [Tue Jan 22 12:59:39.006445 2019] [cgid:crit] [pid 1:tid 140100965338496] AH01238: cgid daemon failed to initialize [kus@asus-vivobook libpod]$ podman top 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777 USER PID PPID %CPU ELAPSED TTY TIME COMMAND default 1 0 0.000 2m10.968144627s pts/0 0s httpd -D FOREGROUND default 24 1 0.000 2m9.968688975s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat default 25 1 0.000 2m9.968784295s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat default 26 1 0.000 2m9.968880829s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat default 27 1 0.000 2m9.968997468s pts/0 0s /usr/bin/coreutils --coreutils-prog-shebang=cat /usr/bin/cat default 29 1 0.000 2m9.969134191s pts/0 0s httpd -D FOREGROUND default 38 1 0.000 2m9.969239549s pts/0 0s httpd -D FOREGROUND default 72 1 0.000 2m9.969344456s pts/0 0s httpd -D FOREGROUND [kus@asus-vivobook libpod]$ podman container checkpoint 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777 checkpointing a container requires root [kus@asus-vivobook libpod]$ podman stop --latest 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777 [kus@asus-vivobook libpod]$ podman ps -a CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 78917177dbf7 registry.fedoraproject.org/f29/httpd:latest container-entrypo... 3 minutes ago Exited (0) 9 seconds ago nifty_lewin [kus@asus-vivobook libpod]$ podman rm --latest 78917177dbf7634993fdcc44e0bc90c9422482b9a9e757c85c14dfd1ee09c777 ``` original: ```console [kus@mcny ~]$ podman run -dt -e HTTPD_VAR_RUN=/var/run/httpd -e HTTPD_MAIN_CONF_D_PATH=/etc/httpd/conf.d \ > -e HTTPD_MAIN_CONF_PATH=/etc/httpd/conf \ > -e HTTPD_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/httpd/ \ > registry.fedoraproject.org/f27/httpd /usr/bin/run-httpd Trying to pull registry.fedoraproject.org/f27/httpd...Getting image source signatures Copying blob ff3dab903f92: 80.73 MiB / 80.73 MiB [=========================] 14s Copying blob 9347d6e9d864: 7.30 MiB / 7.30 MiB [===========================] 14s Copying blob 2fc5c44251d4: 44.82 MiB / 44.82 MiB [=========================] 14s Copying config 18f01f6f77ef: 6.55 KiB / 6.55 KiB [==========================] 0s Writing manifest to image destination Storing signatures d0362571c3850159315778700a63a305296150177578a9339cca0d9c86ed97f1 [kus@mcny ~]$ podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES d0362571c385 registry.fedoraproject.org/f27/httpd:latest container-entrypo... 36 seconds ago Up 36 seconds ago happy_babbage [kus@mcny ~]$ ``` Signed-off-by: Kushal <kushaldeveloper@gmail.com>
* | | Merge pull request #2199 from baude/remoteversionOpenShift Merge Robot2019-01-22
|\ \ \ | | | | | | | | enable podman-remote version
| * | | enable podman-remote versionbaude2019-01-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | initial enablement of podman-remote version. includes add a APIVersion const that will allow us to check compatibility between host/client when connections are made. also added client related information to podman info. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #2202 from rhatdan/storageOpenShift Merge Robot2019-01-22
|\ \ \ \ | | | | | | | | | | Vendor in latest containers/storage
| * | | | Vendor in latest containers/storageDaniel J Walsh2019-01-21
| | |/ / | |/| | | | | | | | | | | | | | | | | | Fixes issue with metacopyup not working in rootless mode. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #2190 from rhatdan/transferOpenShift Merge Robot2019-01-22
|\ \ \ \ | |/ / / |/| | | Update transfer.md and commands.md to add missing commands.
| * | | Update transfer.md and commands.md to add missing commands.Daniel J Walsh2019-01-21
| |/ / | | | | | | | | | | | | | | | These pages are a litte out of data. Add missing content. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #2198 from kirbyfan64/better-refresh-rootless-errorOpenShift Merge Robot2019-01-21
|\ \ \ | |/ / |/| | Show a better error message when podman info fails during a refresh
| * | Show a better error message when podman info fails during a refreshRyan Gonzalez2019-01-21
|/ / | | | | | | Signed-off-by: Ryan Gonzalez <rymg19@gmail.com>
* | Merge pull request #2177 from cevich/more_timingsOpenShift Merge Robot2019-01-21
|\ \ | | | | | | cirrus: Record start/end time of important things
| * | cirrus: Record start/end time of important thingsChris Evich2019-01-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously we only reported the date/time at the beginning of a run since it's not available in the Cirrus-CI system. This commit generalizes the solution, recording start/end times for all major events. Also the timestamps are recorded into a local file on the VMs. This is intended for future use, for example tracking execution-time trends. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #2187 from rhatdan/selinuxOpenShift Merge Robot2019-01-21
|\ \ \ | | | | | | | | Vendor in latest opencontainers/selinux
| * | | Vendor in latest opencontainers/selinuxDaniel J Walsh2019-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will now verify labels passed in by the user. Will also prevent users from accidently relabeling their homedir. podman run -ti -v ~/home/user:Z fedora sh Is not a good idea. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #2184 from baude/remotemaskcommandsOpenShift Merge Robot2019-01-20
|\ \ \ \ | | | | | | | | | | Mask unimplemeted commands for remote client
| * | | | Mask unimplemeted commands for remote clientbaude2019-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Masking main level, image, and container commands that are not yet implemented for the remote client. As each command is completed, be sure to unmask it. Also, masking podman command line switches that are not applicable to the remote client. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #2142 from giuseppe/expose-portsOpenShift Merge Robot2019-01-20
|\ \ \ \ \ | | | | | | | | | | | | rootless: support port redirection from the host
| * | | | | rootless: support port redirection from the hostGiuseppe Scrivano2019-01-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for ports redirection from the host. It needs slirp4netns v0.3.0-alpha.1. Closes: https://github.com/containers/libpod/issues/2081 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #2183 from baude/remoteinspectOpenShift Merge Robot2019-01-19
|\ \ \ \ \ \ | | | | | | | | | | | | | | podman-remote inspect
| * | | | | | podman-remote inspectbaude2019-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | base enablement of the inspect command. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | Merge pull request #2176 from cevich/centralize_image_namesOpenShift Merge Robot2019-01-18
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Cirrus: Consolidate VM image names in once place
| * | | | | | Cirrus: Consolidate VM image names in once placeChris Evich2019-01-17
| | |_|_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously it was not possible to specify keys from the ``env`` section in the various GCE sections. Now that features is added, consolidate all the cache image definitions into a single place, reducing maintenance burden. This also results in the names passing through into the VMs. This is useful, e.g. for future tracking of image usage statistics. Update get_ci_vm script hints for new image name definition format Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #2179 from rhatdan/vendorOpenShift Merge Robot2019-01-18
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Vendor in latest containers/storage
| * | | | | Vendor in latest containers/storageDaniel J Walsh2019-01-18
| |/ / / / | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #2186 from giuseppe/rootless-fix-pid-hostOpenShift Merge Robot2019-01-18
|\ \ \ \ \ | | | | | | | | | | | | rootless: fix --pid=host without --privileged
| * | | | | rootless: fix --pid=host without --privilegedGiuseppe Scrivano2019-01-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using --pid=host don't try to cover /proc paths, as they are coming from the /proc bind mounted from the host. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #2181 from vrothberg/issue-2159OpenShift Merge Robot2019-01-18
|\ \ \ \ \ \ | |/ / / / / |/| | | | | podman-inspect: don't ignore errors
| * | | | | podman-inspect: don't ignore errorsValentin Rothberg2019-01-18
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Return errors when executing the --format templates. Otherwise, Podman will just silently ignore them and not print any output that could guide user into solving the issue. Fixes: #2159 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | Merge pull request #2185 from mheon/specfromstate_fixOpenShift Merge Robot2019-01-18
|\ \ \ \ \ | | | | | | | | | | | | Do not unmarshal into c.config.Spec
| * | | | | Do not unmarshal into c.config.SpecMatthew Heon2019-01-18
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We try to keep c.config immutable, but Go doesn't really agree with me that things other than strings and ints can be immutable, so occasionally things like this slip through. When unmarshalling the OCI spec from disk, do it into a separate struct, to ensure we don't make lasting modifications to the spec in the Container struct (which could affect container restart). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #2149 from afbjorklund/bridgeOpenShift Merge Robot2019-01-18
|\ \ \ \ \ | |/ / / / |/| | | | Add bridge support, for the varlink connection
| * | | | Add bridge support, for the varlink connectionAnders F Björklund2019-01-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Read the $PODMAN_VARLINK_BRIDGE environment variable (normally looks like: "ssh user@host varlink bridge") Also respect $PODMAN_VARLINK_ADDRESS as an override, if using a different podman socket than the default. Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | | | | Merge pull request #2178 from sysrich/patch-1OpenShift Merge Robot2019-01-18
|\ \ \ \ \ | |_|/ / / |/| | | | Add openSUSE Kubic to install.md
| * | | | Add openSUSE Kubic to install.mdRichard Brown2019-01-17
|/ / / / | | | | | | | | | | | | Signed-off-by: Richard Brown <RBrownCCB@opensuse.org>
* | | | Merge pull request #2165 from rhatdan/mountOpenShift Merge Robot2019-01-17
|\ \ \ \ | | | | | | | | | | Add --latest and --all to podman mount/umount
| * | | | Add --latest and --all to podman mount/umountDaniel J Walsh2019-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I find these useful for playing around with containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #2166 from rhatdan/installOpenShift Merge Robot2019-01-16
|\ \ \ \ \ | | | | | | | | | | | | Installing podman
| * | | | | Installing podmanDaniel J Walsh2019-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add documentation on how to install a packaged version of podman Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | Merge pull request #2147 from mheon/update_readme_and_epochOpenShift Merge Robot2019-01-16
|\ \ \ \ \ \ | | | | | | | | | | | | | | Update readme for v1.0.0
| * | | | | | Update README for v1.0.0Matthew Heon2019-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also bump gitvalidation epoch - we usually do this every release, but v1.0.0 is on a branch so we need a separate commit for master Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | | Merge pull request #2162 from rhatdan/vendorOpenShift Merge Robot2019-01-16
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Vendor in latest containers/storage
| * | | | | | Vendor in containers/storageDaniel J Walsh2019-01-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix issues with metacopyup when specifying new usernamespace. Also fixes issues with zfs back end. Rest of changes come from running make vendor. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> ` Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #2169 from mheon/ensure_wait_doesnot_hangOpenShift Merge Robot2019-01-16
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | Ensure that wait exits on state transition
| * | | | | | Ensure that wait exits on state transitionMatthew Heon2019-01-16
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When waiting for a container, there is a long interval between status checks - plenty long enough for the container in question to start, then subsequently be cleaned up and returned to Created state to be restarted. As such, we can't wait on container state to go to Stopped or Exited - anything that is not Running or Paused indicates the container is dead. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #2079 from giuseppe/multiple-runtimesOpenShift Merge Robot2019-01-16
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | oci: allow to define multiple OCI runtimes
| * | | | | config: store the runtime used to create each containerGiuseppe Scrivano2019-01-14
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | oci: allow to define multiple OCI runtimesGiuseppe Scrivano2019-01-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we can define multiple OCI runtimes that can be chosen with --runtime. in libpod.conf is possible to specify them with: [runtimes] foo = [ "/usr/bin/foo", "/usr/sbin/foo", ] bar = [ "/usr/bin/foo", "/usr/sbin/foo", ] If the argument to --runtime is an absolute path then it is used directly without any lookup in the configuration. Closes: https://github.com/containers/libpod/issues/1750 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>