summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Moved getPodStatus to pod API to be used in varlinkhaircommander2018-08-16
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1275 Approved by: mheon
* Vendor in latest containers/psgo codeDaniel J Walsh2018-08-16
| | | | | | | | | | | | | | | | | | This fixes a couple of issues with podman top. podman top --latest USER HUSER Now shows you the User inside of the containers usernamespace as well as the user on the host. podman top --latest capeff capbnd Now has headings that differentiatiate between the Capabiltiies. We also have support for ambient capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1286 Approved by: vrothberg
* switch projectatomic to containersDaniel J Walsh2018-08-16
| | | | | | | | | | Need to get some small changes into libpod to pull back into buildah to complete buildah transition. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1270 Approved by: mheon
* Revert "spec: bind mount /sys only for rootless containers"Giuseppe Scrivano2018-08-16
| | | | | | | | | It breaks "podman run --net=host --uidmap=0:1:70000 --gidmap=0:20000:70000 busybox echo hi" Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1285 Approved by: rhatdan
* Suport format param for varlink CommitQi Wang2018-08-16
| | | | | | | | | We need to pass the image format OCI or docker in the varlink commit command. Signed-off-by: Qi Wang <qiwan@redhat.com> Closes: #1281 Approved by: mheon
* Fix segfault in top when -l and no args are passedhaircommander2018-08-16
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1284 Approved by: mheon
* Document STORAGE_DRIVER and STORAGE_OPTS environment variableDaniel J Walsh2018-08-16
| | | | | | | | | | Default settings for storage can be overriden by setting these environment variables. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1282 Approved by: mheon
* Do not 'make all' on Travis for LinuxMatthew Heon2018-08-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1266 Approved by: baude
* Fix build on non-Linux OSesMatthew Heon2018-08-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1266 Approved by: baude
* Create pod CGroups when using the systemd cgroup driverMatthew Heon2018-08-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1266 Approved by: baude
* Switch systemd default CGroup parent to machine.sliceMatthew Heon2018-08-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1266 Approved by: baude
* spec: bind mount /sys only for rootless containersGiuseppe Scrivano2018-08-15
| | | | | | | | | root can always mount a new instance. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1279 Approved by: rhatdan
* build, rootless: specify IsolationOCIRootlessGiuseppe Scrivano2018-08-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1269 Approved by: rhatdan
* vendor: update buildah versionGiuseppe Scrivano2018-08-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1269 Approved by: rhatdan
* Fix handling of hostname in --net=hostDaniel J Walsh2018-08-15
| | | | | | | | | Hostname should be set to the hosts hostname when network is none. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1274 Approved by: giuseppe
* Updated pod_api to reflect function spechaircommander2018-08-14
| | | | | | | | | | Specifically, pod.Start() always returned CtrErrors, even if none failed. This cause podman start to not return the successfully started pod id. Also, pod.Kill() didn't return an error along with ctrErrors. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1272 Approved by: rhatdan
* Add create and pull commandsJhon Honce2018-08-14
| | | | | | | | | | | * Rename id_ to ident, make non-PEP8'ers happier * Fix bug where port was required on local connections * Improve error messages for exceptions Signed-off-by: Jhon Honce <jhonce@redhat.com> Closes: #1246 Approved by: rhatdan
* rootless: not require userns for help/versionGiuseppe Scrivano2018-08-14
| | | | | | | | | | | these commands do not require to be root in an userns Closes: https://github.com/containers/libpod/issues/1263 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1268 Approved by: vrothberg
* pkg/apparmor: use a pipe instead of a tmp fileValentin Rothberg2018-08-14
| | | | | | | | | | Use a pipe instead of a temporary file to load the apparmor profile. This change has a measurable speed improvement for apparmor users. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1262 Approved by: mheon
* pkg/apparmor: move data under Linux/apparmor buildtagsValentin Rothberg2018-08-14
| | | | | | | | | | Move all Linux-related data under the corresponding buildtags to reduce the memory footprint and speed up compilation for non-apparmor builds. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1262 Approved by: mheon
* pkg/apparmor: move all linux-code into apparmor_linux*Valentin Rothberg2018-08-14
| | | | | | | | | For easier maintenance and clearer structure of the code. Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1262 Approved by: mheon
* podman in rootless mode will only work with cgroupfs at this point.Daniel J Walsh2018-08-14
| | | | | | | | | | | If user does not pass in cgroup manager and running in rootless mode, then we need to force the cgroupfs support until/unless we get support for rootless systemd support. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1261 Approved by: mheon
* when searching, survive errors for multiple registriesbaude2018-08-14
| | | | | | | | | | | | | when searching multiple registries for images, if we get an error on one of the searches, we should keep going and complete the search. if there is only one search registry however, we will return an error. Resolves: #1255 Signed-off-by: baude <bbaude@redhat.com> Closes: #1257 Approved by: mheon
* Remove unused function in runtime.goMatthew Heon2018-08-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1264 Approved by: mheon
* Fix papr tests by forcing cgroupfs in CIMatthew Heon2018-08-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1267 Approved by: mheon
* Merge pull request #1259 from mheon/bump-0.8.2.1Matthew Heon2018-08-11
|\ | | | | Bump to 0.8.2.1
| * Bump gitvalidation epochMatthew Heon2018-08-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.3-devMatthew Heon2018-08-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Bump to v0.8.2.1v0.8.2.1Matthew Heon2018-08-11
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Merge pull request #1254 from mheon/systemd_cgroups_defaultMatthew Heon2018-08-11
|\ | | | | Switch default CGroup manager to systemd
| * Further fix testsMatthew Heon2018-08-11
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Fix python tests againMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Fix python tests to use cgroupfsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Fix typo breaking testsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Force cgroupfs for python testsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Swap default CGroup manager to systemdMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Only use cgroupfs for containerized testsMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
| * Temporarily force all tests to use cgroupfs driverMatthew Heon2018-08-10
| | | | | | | | | | | | | | TODO: Change this to only force cgroupfs if if we are in a container. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Ensure pod inspect is locked and validity-checkedMatthew Heon2018-08-11
| | | | | | | | | | | | | | | | | | | | Also, don't return the internal podState struct - instead return a public inspect struct. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1258 Approved by: rhatdan
* | Bump gitvalidation epochDaniel J Walsh2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1256 Approved by: rhatdan
* | Bump to v0.8.3-devDaniel J Walsh2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1256 Approved by: rhatdan
* | Bump to v0.8.2v0.8.2Daniel J Walsh2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1256 Approved by: rhatdan
* | We need to sort mounts so that one mount does not over mount another.Daniel J Walsh2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we add mounts from images, volumes and internal. We can accidently over mount an existing mount. This patch sorts the mounts to make sure a parent directory is always mounted before its content. Had to change the default propagation on image volume mounts from shared to private to stop mount points from leaking out of the container. Also switched from using some docker/docker/pkg to container/storage/pkg to remove some dependencies on Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1243 Approved by: mheon
* | search name should include registrybaude2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When doing a podman search, the so-called NAME should be the image's fully qualified name (not index plus shortname). ``` $ sudo podman search rhel7 INDEX NAME DESCRIPTION STARS OFFICIAL AUTOMATED redhat.com registry.access.redhat.com/rhel7/rhel This platform image provides a minimal runti... 0 redhat.com registry.access.redhat.com/rhel7.0 This platform image provides a minimal runti... 0 redhat.com registry.access.redhat.com/rhel7 This platform image provides a minimal runti... 0 .... ``` Resolves: #1208 Resolves: Bugz #1614710 Signed-off-by: baude <bbaude@redhat.com> Closes: #1253 Approved by: rhatdan
* | Split pod.go into 3 filesMatthew Heon2018-08-10
| | | | | | | | | | | | | | | | | | | | | | This removes anything but structs and simple accessors from pod.go itself, which is a target file for FFJSON generation. This should reduce the amount of times FFJSON needs to run. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1247 Approved by: rhatdan
* | Make errors during refresh nonfatalMatthew Heon2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During refresh, we cannot hard-fail, as that would mean leaving a partially-configured state behind, leaving libpod unable to start without manual intervention. Instead, log errors refreshing individual containers and pods and continue. Individual containers and pods may be unusable and need to be removed manually, but libpod itself will continue to function. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1252 Approved by: rhatdan
* | Add batch check to container stats lockMatthew Heon2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1249 Approved by: rhatdan
* | removeContainer: fix deadlockValentin Rothberg2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | When checking if the container has already been removed, use c.state.HasContainer() instead of the runtime's API to avoid trying to take the already acquired lock. Fixes: #1245 Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1251 Approved by: baude
* | Add FFJSON to build containerMatthew Heon2018-08-09
|/ | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1248 Approved by: TomSweeneyRedHat
* Don't require .gopathok for individual FFJSON targetsMatthew Heon2018-08-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1240 Approved by: rhatdan