summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Properly set Running state when starting containersMatthew Heon2018-11-07
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Fix misspellingMatthew Heon2018-11-07
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Retrieve container PID from conmonMatthew Heon2018-11-07
| | | | | | | Instead of running a full sync after starting a container to pick up its PID, grab it from Conmon instead. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* If a container ceases to exist in runc, set exit statusMatthew Heon2018-11-07
| | | | | | | | | When we scan a container in runc and see that it no longer exists, we already set ContainerStatusExited to indicate that it no longer exists in runc. Now, also set an exit code and exit time, so PS output will make some sense. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* EXPERIMENTAL: Do not call out to runc for syncMatthew Heon2018-11-07
| | | | | | | | | | | | | | | When syncing container state, we normally call out to runc to see the container's status. This does have significant performance implications, though, and we've seen issues with large amounts of runc processes being spawned. This patch attempts to use stat calls on the container exit file created by Conmon instead to sync state. This massively decreases the cost of calling updateContainer (it has gone from an almost-unconditional fork/exec of runc to a single stat call that can be avoided in most states). Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Actually save changes from post-stop syncMatthew Heon2018-11-07
| | | | | | | | | | After stopping containers, we run updateContainerStatus to sync our state with runc (pick up exit code, for example). Then we proceed to not save this to the database, requiring us to grab it again on the next sync. This should remove the need to read the exit file more than once. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Merge pull request #1762 from mheon/fix_python_testsOpenShift Merge Robot2018-11-07
|\ | | | | Temporarily fix the Python tests to fix some PRs
| * Temporarily fix the Python tests to fix some PRsMatthew Heon2018-11-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Python podman bindings have issues around kill - specifically attempting to make it act like stop, when it should not. We provide no guarantee of what state a container if in after kill - it should be stopped, but we might have sent something that's not SIGKILL. If you want a container or pod stopped, guaranteed, use Stop(). The Python code attempted to ensure a container was actually stopped after kill was run, which runs counter the above. This was holding up some PRs that caused changes in how libpod obtains its state, so for now, change pod kill to pod stop until the proper changes in the Python code can be made. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Merge pull request #1616 from cevich/cirrus_add_systemtestOpenShift Merge Robot2018-11-07
|\ \ | |/ |/| Cirrus-CI: Add option to run system-tests
| * Cirrus-CI: Add option to run system-testsChris Evich2018-10-31
| | | | | | | | | | | | | | | | | | | | | | | | Normally, we would not run system-tests as part of PR-level CI, they're simply too heavy-weight and complex. However, in some instances it may be desirable to provide a quick feedback loop, prior to release packaging and official testing. Enable this by executing the system-tests when a magic string is present in the PR description: ``***CIRRUS: SYSTEM TEST***`` Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #1768 from baude/pausecontainertestsOpenShift Merge Robot2018-11-07
|\ \ | | | | | | Fix cleanup for "Pause a bunch of running containers"
| * | Fix cleanup for "Pause a bunch of running containers"baude2018-11-06
|/ / | | | | | | | | | | | | | | When running integration tests in our CI, we observe a problem where paused containers are not able to be stopped; and therefore cannot be cleaned up. This leaves dangling mounts and sometimes zombied conmon processes. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #1743 from jwhonce/issue/1702OpenShift Merge Robot2018-11-05
|\ \ | | | | | | Add ChangeAction to parse sub-options from --change
| * | Add ChangeAction to parse sub-options from --changeJhon Honce2018-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Covers both commit and import commands * Cleaned up export command * Removed unneeded calls to super().__init__() Fixes #1702 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #1754 from isimluk/attach-shall-not-lock-me-outOpenShift Merge Robot2018-11-04
|\ \ \ | | | | | | | | `--interactive` shall keep STDIN attached even when not explicitly set
| * | | --interactive shall keep STDIN attached even when not explicitly called outŠimon Lukašík2018-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Addressing: podman run -it -a STDERR --rm alpine /bin/ash hanging. As we droped stdin as soon as -a was used. Notice this is contrary to what D-tool does and contrary to what podman help implies: podman run --help | grep interact --interactive, -i Keep STDIN open even if not attached Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
* | | | Merge pull request #1753 from isimluk/fix-podmanOpenShift Merge Robot2018-11-03
|\ \ \ \ | |/ / / |/| | | Do never override podman with docker
| * | | Do never override podman with dockerŠimon Lukašík2018-11-03
|/ / / | | | | | | | | | Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
* | | Merge pull request #1748 from jwhonce/issue/1655OpenShift Merge Robot2018-11-01
|\ \ \ | | | | | | | | Fix long image name handling
| * | | Fix long image name handlingJhon Honce2018-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fixed issue where podman printed '<none>' and pypodman skipped the image * Fixed issue where port was printed in place of tags Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #1737 from baude/parakillOpenShift Merge Robot2018-11-01
|\ \ \ \ | | | | | | | | | | Make kill, pause, and unpause parallel.
| * | | | Make kill, pause, and unpause parallel.baude2018-11-01
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Operations like kill, pause, and unpause -- which can operation on one or more containers -- can greatly benefit from parallizing its main job (eq kill). In the case of pauseand unpause, an --all option as was added. pause --all will pause all **running** containers. And unpause --all will unpause all **paused** containers. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #1738 from baude/pararestartOpenShift Merge Robot2018-11-01
|\ \ \ \ | |/ / / |/| | | Make restart parallel and add --all
| * | | Make restart parallel and add --allbaude2018-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When attempting to restart many containers, we can benefit from making the restarts parallel. For convenience, two new options are added: --all attempts to restart all containers --run-only when used with --all will attempt to restart only running containers Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #1746 from baude/renamebaudeOpenShift Merge Robot2018-11-01
|\ \ \ \ | |_|/ / |/| | | replace quay.io/baude to quay.io/libpod
| * | | replace quay.io/baude to quay.io/libpodbaude2018-11-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | images used for our integration suite have moved from my work account to a group organization called libpod. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #1624 from cevich/update_fedoraOpenShift Merge Robot2018-11-01
|\ \ \ \ | | | | | | | | | | Cirrus: Enable updating F28 image
| * | | | Cirrus: Enable updating F28 imageChris Evich2018-10-31
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously this was disabled as some package was breaking networking on GCE after updating + rebooting. This is fixed now, so we should update packages when building the fedora test VM image. https://pagure.io/cloud-sig/issue/292 Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #1603 from cevich/fix_cirrus_image_buildOpenShift Merge Robot2018-11-01
|\ \ \ \ | | | | | | | | | | Fix Cirrus/Packer VM image building
| * | | | Cirrus: Skip rebuilding images unless instructedChris Evich2018-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Given frequent merges, it doesn't make sense to rebuild the VM testing images every time. Instead, monitor the PR title and description for a magic string, only triggering builds on a match: ***CIRRUS: REBUILD IMAGES*** Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Disable image build job abort on pushChris Evich2018-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Normally cirrus will abort jobs if another push is made to a branch. However, with image builds, other VMs are created/managed by packer. Therefor if cirrus aborts a task, it's possible some packer managed VMs will be left behind. Disable this behavior for image-building only. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Cirrus: Add a readmeChris Evich2018-10-31
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | | Ubuntu VM image build: try update twiceChris Evich2018-10-31
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | Occasionally, short-term temporary connectivity problems prevent ubuntu from updating on GCE. As a workaround, attempt these commands twice. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #1741 from jwhonce/wip/humanizeOpenShift Merge Robot2018-11-01
|\ \ \ \ | |_|/ / |/| | | Change humanize to use MB vs MiB.
| * | | Change humanize to use MB vs MiB.Jhon Honce2018-11-01
|/ / / | | | | | | | | | | | | | | | Fixes #1653 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #1740 from baude/ppc64leOpenShift Merge Robot2018-11-01
|\ \ \ | | | | | | | | allow ppc64le to pass libpod integration tests
| * | | allow ppc64le to pass libpod integration testsbaude2018-10-31
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | this pr allows the libpod integration suite to pass on the ppc64le architecture. in some cases, I had to skip tests. eventually, these tests need to be fixed so that they properly pass. of note for this PR is: * changed the ppc64le default container os to be overlay (over vfs) as vfs seems non-performant on ppc64le * still run vfs for rootless operations * some images names for ppc64le had to change because they don't exist. * this should help getting our CI to run on the platform Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #1736 from giuseppe/rootless-drop-run-postfixOpenShift Merge Robot2018-10-31
|\ \ \ | |/ / |/| | rootless: do not add an additional /run to runroot
| * | rootless: do not add an additional /run to runrootGiuseppe Scrivano2018-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | we are currently using something like /run/user/UID/run as runroot, as it is already done by Buildah. This ends up with /run/user/UID/run/runc for the runc directory. Change to drop the additional /run so that runc will use /run/user/UID/runc. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #1731 from afbjorklund/versionOpenShift Merge Robot2018-10-31
|\ \ \ | |_|/ |/| | Fix setting of version information
| * | Fix setting of version informationAnders F Björklund2018-10-31
| | | | | | | | | | | | | | | | | | | | | It was setting the wrong variable (CamelCase) in the wrong module ("main", not "libpod")... Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* | | Merge pull request #1735 from giuseppe/slirp4netns-not-blockOpenShift Merge Robot2018-10-31
|\ \ \ | |_|/ |/| | rootless: avoid hang on failed slirp4netns
| * | rootless: avoid hang on failed slirp4netnsGiuseppe Scrivano2018-10-31
|/ / | | | | | | | | | | | | | | If for any reason slirp4netns fails at startup, podman waits indefinitely. Check every second if the process is still running so that we avoid to hang. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #1704 from giuseppe/attach-cuid-too-longOpenShift Merge Robot2018-10-30
|\ \ | | | | | | attach: fix attach when cuid is too long
| * | runtime: do not allow runroot longer than 50 charactersGiuseppe Scrivano2018-10-30
| | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | attach: fix attach when cuid is too longGiuseppe Scrivano2018-10-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | conmon creates a symlink to avoid using a too long UNIX path. Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1641800 There is still one issue when the path length of the symlink has the same length of the attach socket parent directory since conmon fails to create the symlink, but that must be addressed in conmon first. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #1715 from baude/getusergroupOpenShift Merge Robot2018-10-30
|\ \ \ | | | | | | | | get user and group information using securejoin and runc's user library
| * | | get user and group information using securejoin and runc's user librarybaude2018-10-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | for the purposes of performance and security, we use securejoin to contstruct the root fs's path so that symlinks are what they appear to be and no pointing to something naughty. then instead of chrooting to parse /etc/passwd|/etc/group, we now use the runc user/group methods which saves us quite a bit of performance. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #1728 from baude/trunccommandOpenShift Merge Robot2018-10-30
|\ \ \ \ | | | | | | | | | | truncate command output in ps by default
| * | | | truncate command output in ps by defaultbaude2018-10-30
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | when the PS command was reworked for performance and formatting improvements, i forgot to truncate the command field. Long container commands was throwing the formatting off. we now truncated to 17 characters plus the elipses. Signed-off-by: baude <bbaude@redhat.com>