summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Merge pull request #4201 from TomSweeneyRedHat/dev/tsweeney/updatebuildmdOpenShift Merge Robot2019-10-11
|\ | | | | Update build man page with latest Buildah changes
| * Update build man page with latest Buildah changesTomSweeneyRedHat2019-10-10
| | | | | | | | | | | | | | Changes include: Containerfile by default, add --device flags to bud, allow buildah bud to be called without arguments, and a couple of small typo corrections. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #4232 from csomh/auth-file-pathOpenShift Merge Robot2019-10-11
|\ \ | | | | | | Fix default path for auth.json
| * | Fix default path for auth.jsonHunor Csomortáni2019-10-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Default path should be ${XDG_RUNTIME_DIR}/containers/auth.json according to the docs. This regressed to ${XDG_RUNTIME_DIR}/auth.json in #3760. Fixes: #4227 Signed-off-by: Hunor Csomortáni <csomh@redhat.com>
* | | Merge pull request #4235 from giuseppe/no-pids-cgroupfsOpenShift Merge Robot2019-10-11
|\ \ \ | | | | | | | | rootless: do not set PIDs limit if --cgroup-manager=cgroupfs
| * | | rootless: do not set PIDs limit if --cgroup-manager=cgroupfsGiuseppe Scrivano2019-10-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | even if the system is using cgroups v2, rootless is not able to setup limits when the cgroup-manager is not systemd. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #4231 from cgwalters/user-unit-wantedOpenShift Merge Robot2019-10-11
|\ \ \ \ | | | | | | | | | | Make user io.podman.service unit WantedBy=default.target
| * | | | Make user io.podman.service unit WantedBy=default.targetColin Walters2019-10-11
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `multi-user.target` doesn't exist in the systemd *user* instance. We can't hook up the startup of a user unit to a system target. Doing so causes systemd to error out in Fedora CoreOS builds during presets. Make it depend on `default.target` instead. (Having the same unit in both system and user sessions has some tricky bits like this) Signed-off-by: Colin Walters <walters@verbum.org>
* | | | Merge pull request #4205 from manics/no-log-initOpenShift Merge Robot2019-10-11
|\ \ \ \ | | | | | | | | | | troubleshooting: fix useradd no-log-init argument
| * | | | troubleshooting: fix useradd no-log-init argumentSimon Li2019-10-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --log-no-init should be --no-log-init Signed-off-by: Simon Li <spli@dundee.ac.uk>
* | | | | Merge pull request #4223 from QiWang19/uidmapOpenShift Merge Robot2019-10-10
|\ \ \ \ \ | |_|_|_|/ |/| | | | show uid_map in podman info
| * | | | show uid_map in podman infoQi Wang2019-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | show uid_map gid_map in podman info Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #4206 from giuseppe/systemd-mode-look-full-pathOpenShift Merge Robot2019-10-10
|\ \ \ \ \ | | | | | | | | | | | | systemd: expect full path /usr/sbin/init
| * | | | | cli: support --systemd=alwaysGiuseppe Scrivano2019-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it enforces the systemd mode also when the command name doesn't match /usr/sbin/init or systemd. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | systemd: expect full path /usr/sbin/initGiuseppe Scrivano2019-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "init" is a quite common name for the command executed in a container image and Podman ends up using the systemd mode also when not required. Be stricter on enabling the systemd mode and not enable it automatically when the basename is "init" but expect the full path "/usr/sbin/init". Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #4181 from cevich/start_test_slower_pollOpenShift Merge Robot2019-10-10
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Raise start_test polling interval
| * | | | | Raise start_test polling intervalChris Evich2019-10-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | According to the documentation https://onsi.github.io/gomega/#eventually > the default value for the polling interval is 10 milliseconds That is excessively fast given the observed failures in issue #4021 are always using podman-remote. Lower the interval to 3-seconds, which should be plenty long enough for container removal. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #4197 from vrothberg/fix-4192OpenShift Merge Robot2019-10-10
|\ \ \ \ \ \ | | | | | | | | | | | | | | vendor c/psgo@v1.3.2
| * | | | | | vendor c/psgo@v1.3.2Valentin Rothberg2019-10-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Now supports cgroupsv2. Fixes: #4192 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | | | | Merge pull request #4216 from baude/catchv2runcOpenShift Merge Robot2019-10-10
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | | catch runc v2 error
| * | | | | | catch runc v2 errorbaude2019-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when runc returns an error about not being v2 complient, catch the error and logrus an actionable message for users. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | | Merge pull request #4225 from giuseppe/rootless-create-pause-automaticallyOpenShift Merge Robot2019-10-09
|\ \ \ \ \ \ \ | |_|_|_|/ / / |/| | | | | | rootless: automatically recreate the pause.pid file
| * | | | | | rootless: automatically recreate the pause.pid fileGiuseppe Scrivano2019-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | if the pause process cannot be joined, remove the pause.pid while keeping a lock on it, and try to recreate it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | rootless: do not close files twiceGiuseppe Scrivano2019-10-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | | | | refresh: do not access network ns if not in the namespaceGiuseppe Scrivano2019-10-09
| |/ / / / / | | | | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #4222 from cevich/collect_varlink_logOpenShift Merge Robot2019-10-09
|\ \ \ \ \ \ | | | | | | | | | | | | | | Cirrus: Produce and collect varlink output
| * | | | | | Cirrus: Produce and collect varlink outputChris Evich2019-10-08
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When executing 'make remotesystem' testing, a varlink process is started up but it's stdio is dumped due to the production of excessive data. However, this also means if the process has a problem, any errors will not be accessible. Instead, grab only the last 100 lines and direct them into a file. Also update automation's log collection to retrieve this file when the `$REMOTE_CLIENT` env. var. is `true`. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | | Merge pull request #4200 from mheon/fix_sigproxy_startOpenShift Merge Robot2019-10-09
|\ \ \ \ \ \ | |_|/ / / / |/| | | | | Respect --sig-proxy flag with podman start --attach
| * | | | | Respect --sig-proxy flag with podman start --attachMatthew Heon2019-10-09
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If it's explicitly set, use it, instead of trying to set a sane default. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | Merge pull request #4218 from jlebon/pr/drop-alsoOpenShift Merge Robot2019-10-09
|\ \ \ \ \ | |_|_|_|/ |/| | | | io.podman.socket: drop Also=multi-user.target
| * | | | io.podman.socket: drop Also=multi-user.targetJonathan Lebon2019-10-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using `Also=` means that the target unit will also be installed/uninstalled together with our unit. Doing `Also=multi-user.target` essentially says: disable `multi-user.target` if `io.podman.socket` is disabled, which sounds... not at all like what we want. In practice, systemd thankfully ignores this (likely because it's the default target). I think having `Also=io.podman.socket` in the `io.podman.service` already does what we want here: it gets installed under `sockets.target` whenever the service is. (And the fact that systemd ignored this means that it wasn't actually playing a role in resolving #3998.) This was causing `systemctl preset-all` to dump core in Fedora CoreOS: https://github.com/coreos/fedora-coreos-tracker/issues/290 (Likely there's a systemd bug around here too.) Signed-off-by: Jonathan Lebon <jonathan@jlebon.com>
* | | | | Merge pull request #4189 from cevich/install_conmonOpenShift Merge Robot2019-10-08
|\ \ \ \ \ | |/ / / / |/| | | | Cirrus: Install conmon in Fedora VMs
| * | | | Cirrus: Remove broken/failing testing_crun taskChris Evich2019-10-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This task was to enable cross-environment testing of crun. However it was decided to only run testing w/ crun on F31. Since F31 release is imminent, remove this task. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Use new VM cache imagesChris Evich2019-10-07
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Install conmon in Fedora VMsChris Evich2019-10-07
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is needed because older versions of podman (1.5.1) do not automatically install the new conmon package. Also, include removal of `/usr/libexec/podman/conmon` when preparing to install and test podman built from source. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #4032 from rhatdan/pids-limitOpenShift Merge Robot2019-10-07
|\ \ \ \ | |/ / / |/| | | Setup a reasonable default for pids-limit 4096
| * | | Setup a reasonable default for pids-limit 4096Daniel J Walsh2019-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | CRI-O defaults to 1024 for the maximum pids in a container. Podman should have a similar limit. Once we have a containers.conf, we can set the limit in this file, and have it easily customizable. Currently the documentation says that -1 sets pids-limit=max, but -1 fails. This patch allows -1, but also indicates that 0 also sets the max pids limit. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #4196 from mheon/normal_remove_on_evictOpenShift Merge Robot2019-10-07
|\ \ \ \ | |_|_|/ |/| | | When evicting containers, perform a normal remove first
| * | | When evicting containers, perform a normal remove firstMatthew Heon2019-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This ensures that containers that didn't require an evict will be dealt with normally, and we only break out evict for containers that refuse to be removed by normal means. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #4165 from mtrmac/c-image-4OpenShift Merge Robot2019-10-04
|\ \ \ \ | |_|/ / |/| | | Update c/image to v4.0.0 + Buildah to 1.11.3
| * | | Update c/image to v4.0.1 and buildah to 1.11.3Miloslav Trmač2019-10-04
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This requires updating all import paths throughout, and a matching buildah update to interoperate. I can't figure out the reason for go.mod tracking github.com/containers/image v3.0.2+incompatible // indirect ((go mod graph) lists it as a direct dependency of libpod, but (go list -json -m all) lists it as an indirect dependency), but at least looking at the vendor subdirectory, it doesn't seem to be actually used in the built binaries. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
* | | Merge pull request #4180 from cevich/update_download_linksOpenShift Merge Robot2019-10-04
|\ \ \ | | | | | | | | Docs: Update links, add links to latest
| * | | Docs: Update links, add links to latestChris Evich2019-10-03
| | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | Cirrus: Fix log URIs & add optional $ALSO_FILENAMEChris Evich2019-10-03
| | |/ | |/| | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #4194 from ↵OpenShift Merge Robot2019-10-04
|\ \ \ | | | | | | | | | | | | | | | | containers/dependabot/go_modules/gopkg.in/yaml.v2-2.2.4 Bump gopkg.in/yaml.v2 from 2.2.3 to 2.2.4
| * | | Bump gopkg.in/yaml.v2 from 2.2.3 to 2.2.4dependabot-preview[bot]2019-10-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.3 to 2.2.4. - [Release notes](https://github.com/go-yaml/yaml/releases) - [Commits](https://github.com/go-yaml/yaml/compare/v2.2.3...v2.2.4) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4186 from cevich/log_runc_crunOpenShift Merge Robot2019-10-04
|\ \ \ \ | |_|_|/ |/| | | Cirrus: Simplify package NVR logging
| * | | Cirrus: Simplify package NVR loggingChris Evich2019-10-03
| | |/ | |/| | | | | | | | | | | | | Also include runc/crun version for Fedora Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #3549 from marcov/evict-containerOpenShift Merge Robot2019-10-04
|\ \ \ | |_|/ |/| | Add ability to evict a container
| * | rm: add containers eviction with `rm --force`Marco Vedovati2019-09-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add ability to evict a container when it becomes unusable. This may happen when the host setup changes after a container creation, making it impossible for that container to be used or removed. Evicting a container is done using the `rm --force` command. Signed-off-by: Marco Vedovati <mvedovati@suse.com>