| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Enable IPv6 port binding
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Two areas needed tweaking to accomplish this: port parsing and
binding ports on the host.
Parsing is an obvious problem - we have to accomodate an IPv6
address enclosed by [] as well as a normal IPv4 address. It was
slightly complicated by the fact that we previously just counted
the number of colons in the whole port definition (a thousand
curses on whoever in the IPv6 standard body decided to reuse
colons for address separators), but did not end up being that
bad.
Libpod also (optionally) binds ports on the host to prevent their
reuse by host processes. This code was IPv4 only for TCP, and
bound to both for UDP (which I'm fairly certain is not correct,
and has been adjusted). This just needed protocols adjusted to
read "tcp4"/"tcp6" and "udp4"/"udp6" based on what we wanted to
bind to.
Fixes #5715
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
Fixed bug where 'podman log <container>' would truncate some lines.
|
|/ /
| |
| |
| | |
Signed-off-by: Will Haines <william.haines@colorado.edu>
|
|\ \
| | |
| | | |
container: fix creating a userns inside of a pod
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
do not set the hostname when joining an UTS namespace, as it could be
owned by a different userns.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when running in a new userns, make sure the resolv.conf and hosts
files bind mounted from another container are accessible to root in
the userns.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Enable, then partially disable, podman-remote testing
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman-remote has not been tested. A principal part of the
problem was #5387 - the YAML I wrote did not have the
intended effect, it did not set TEST_REMOTE_CLIENT=true
and because of my multiple iterations I did not catch this
during testing.
Part 1 of this PR is to fix .cirrus.yml to enable remote tests.
Part 2 -- what I had first noticed and tried to fix -- is that
rootless_test.sh was never running remote because, of course,
envariables are not sent via ssh. I reworked integration_test.sh
and rootless_test.sh to use a command-line decision instead.
Part 3, sigh, is to disable one failing integration test
and *all* system tests, because so many of the latter are
failing. Addressing those failures needs to be done in
subsequent PRs. Issues #6538, #6539, #6540 are filed for
some of the problems I isolated. There will be more.
Also, minor, fixed some stale references to varlink.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
Bump to v2.0.0-RC5
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| |_|/
|/| | |
podman-events: clarify streaming behaviour
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Unless `--since` or `--until` is specified, `podman events` will stream
new events. Clarify this behavior in the `--help` message and man page
to avoid confusion.
Fixes: #6536
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Turn on golint
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Cirrus: Include packages for containers/conmon CI
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This allows the containers/conmon repository to share the same VM
images produced by containers/libpod. Included are several packages
which are downloaded only since they might otherwise interfere with
testing for some repos. This allows stable versions to be at the ready
at testing runtime, avoiding any version updates surprising developers.
Also, re-enable running the VM-image check test which was not working
due to a logic problem in Cirrus-CI configuration. Update the neglected
tests so that they pass on all distros.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Ensure signal validation happens first in pod kill
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes an error in the system tests, which expect that when
you try and kill a nonexistent pod with an incorrect signal, you
receive an error about the signal, not the pod.
At the same time, fix a missing return statement in the bindings,
which could also have caused us grief.
Fixes #6540
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/json-iterator/go-1.1.10
Bump github.com/json-iterator/go from 1.1.9 to 1.1.10
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/json-iterator/go](https://github.com/json-iterator/go) from 1.1.9 to 1.1.10.
- [Release notes](https://github.com/json-iterator/go/releases)
- [Commits](https://github.com/json-iterator/go/compare/v1.1.9...v1.1.10)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/containers/common-0.13.0
Bump github.com/containers/common from 0.12.0 to 0.13.0
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.12.0...v0.13.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] Improve swagger+CORS metadata docs
|
| | |/
| |/|
| | |
| | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Modify py test to start stop system service for each test
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Start stop system service for each test class to make it east to integrate to CI
Adds more tests
Add some common methods shared between images and containers test.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \
| | | |
| | | | |
Ensure Conmon is alive before waiting for exit file
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This came out of a conversation with Valentin about
systemd-managed Podman. He discovered that unit files did not
properly handle cases where Conmon was dead - the ExecStopPost
`podman rm --force` line was not actually removing the container,
but interestingly, adding a `podman cleanup --rm` line would
remove it. Both of these commands do the same thing (minus the
`podman cleanup --rm` command not force-removing running
containers).
Without a running Conmon instance, the container process is still
running (assuming you killed Conmon with SIGKILL and it had no
chance to kill the container it managed), but you can still kill
the container itself with `podman stop` - Conmon is not involved,
only the OCI Runtime. (`podman rm --force` and `podman stop` use
the same code to kill the container). The problem comes when we
want to get the container's exit code - we expect Conmon to make
us an exit file, which it's obviously not going to do, being
dead. The first `podman rm` would fail because of this, but
importantly, it would (after failing to retrieve the exit code
correctly) set container status to Exited, so that the second
`podman cleanup` process would succeed.
To make sure the first `podman rm --force` succeeds, we need to
catch the case where Conmon is already dead, and instead of
waiting for an exit file that will never come, immediately set
the Stopped state and remove an error that can be caught and
handled.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/stretchr/testify-1.6.1
Bump github.com/stretchr/testify from 1.6.0 to 1.6.1
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
V2 enable ubuntu
|
| | |
| | |
| | |
| | | |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We experienced regression when using the latest `v1.2.0-dev` bats in
Ubuntu 20.04 (see github.com/containers/libpod/pull/6418). Using
bats v1.1.0 worked in the Ubuntu test VM.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
Add updates required for ubuntu and run integration tests
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Add parallel operation to `podman stop`
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is the other command that benefits greatly from being run in
parallel, due to the potential 15-second timeout for containers
that ignore SIGTERM.
While we're at it, also clean up how stop timeout is set. This
needs to be an optional parameter, so that the value set when the
container is created with `--stop-timeout` will be respected.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
Adds docker py regression test.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Adds test to validate podman image endpoints.
Adds readme on how to run python tests
Adds contants file.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \
| | |
| | | |
Fix handling of systemd.
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Systemd enablement has to happen on the server side, since we need
check if the image is running systemd.
Also need to make sure user setting the StopSignal is not overriden on the
server side. But if not set and using systemd, we set it correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add parallel execution code for container operations
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This code will run container operations in parallel, up to a
given maximum number of threads. Currently, it has only been
enabled for local `podman rm` as a proof of concept.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/seccomp/containers-golang-0.5.0
Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/seccomp/containers-golang](https://github.com/seccomp/containers-golang) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/seccomp/containers-golang/releases)
- [Commits](https://github.com/seccomp/containers-golang/compare/v0.4.1...v0.5.0)
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Ensure that containers in pods properly set hostname
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We were picking up defaults from the client's containers.conf,
which broke pod namespaces. The server-side code already checks
containers.conf when not explicitly overridden by the user, or by
the container being part of a pod (the last bit being our bug).
This only manifested on systems with a containers.conf installed,
so RHEL 8 and Fedora 32 (which means our F32 CI VMs likely should
have caught it, but didn't, which is concerning).
This prevents defaults for these flags being shown, but they were
incorrect anyways for `podman-remote`, so I'm not terribly
concerned.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When we moved to the new Namespace types in Specgen, we made a
distinction between taking a namespace from a pod, and taking it
from another container. Due to this new distinction, some code
that previously worked for both `--pod=$ID` and
`--uts=container:$ID` has accidentally become conditional on only
the latter case. This happened for Hostname - we weren't properly
setting it in cases where the container joined a pod.
Fortunately, this is an easy fix once we know to check the
condition.
Also, ensure that `podman pod inspect` actually prints hostname.
Fixes #6494
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|