summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Revert "Move each search dns to its own line"Paul Holzinger2022-02-02
| | | | | | | | | | This reverts commit a1bc8cb52cefd49e8cc54ae14d1864b8a1ec216e. Please see resolv.conf(5) search domains must be on the same line. If you use multiple seach key words only the last one is used. I tested this with alpine and it works correctly when they are on the same line so I am not sure what issues Dan had with it but this is not correct. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13089 from rhatdan/resolv.confOpenShift Merge Robot2022-02-02
|\ | | | | Only change network fields if they were actually changed by the user
| * Move each search dns to its own lineDaniel J Walsh2022-02-02
| | | | | | | | | | | | | | | | | | | | Alpine does not seem to use search correctly when there are multiple search domains on the same line. It only uses the first with the advent. When podman runs within a separate network we are appending on dns.podman as a search, if you add a search domain, then this causes the local search on network to fail. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Only change network fields if they were actually changed by the userDaniel J Walsh2022-02-02
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13065 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #13114 from cevich/minor_cirrusOpenShift Merge Robot2022-02-02
|\ \ | | | | | | [CI:DOCS] Cirrus: Restrict special/limited-use task
| * | Cirrus: Minor - limit release task applicabilityChris Evich2022-02-02
|/ / | | | | | | | | | | | | | | | | | | | | | | This task/test is guaranteed to fail on non-release PRs. Upon reviewing actual practice and the release docs, this task should be limited to PRs with a title containing `release` or `bump` keywords. Also fix a minor comment typo. Ref: https://github.com/containers/podman/pull/13106#pullrequestreview-869855449 Signed-off-by: Chris Evich <cevich@redhat.com>
* | Merge pull request #13104 from giuseppe/fix-podman-stats-commentOpenShift Merge Robot2022-02-02
|\ \ | |/ |/| [CI:DOCS] docs: clarify rootless net stats
| * docs: clarify rootless net statsGiuseppe Scrivano2022-02-01
| | | | | | | | | | | | | | | | follow-up for https://github.com/containers/podman/pull/13101 [CI:DOCS] Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #13079 from TomSweeneyRedHat/dev/tsweeney/hellowOpenShift Merge Robot2022-02-02
|\ \ | | | | | | [CI:DOCS] Add a hello world image to quay.io
| * | [CI:DOCS] Add a hello world image to quay.iotomsweeneyredhat2022-02-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] This commit describes how to run the quay.io/podman/hello image. It also contains the files necessary to build that image localy, and a README.md explaining the image and how to build it. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* | | Merge pull request #13107 from rhatdan/shmOpenShift Merge Robot2022-02-02
|\ \ \ | | | | | | | | Fix size to match Docker selection
| * | | Fix size to match Docker selectionDaniel J Walsh2022-02-01
| |/ / | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13096 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #13110 from giuseppe/enforce-dev-shm-with-noexec-nosuid-nodevOpenShift Merge Robot2022-02-02
|\ \ \ | | | | | | | | libpod: enforce noexec,nosuid,nodev for /dev/shm
| * | | libpod: enforce noexec,nosuid,nodev for /dev/shmGiuseppe Scrivano2022-02-02
| |/ / | | | | | | | | | | | | | | | | | | these mount flags are already used for the /dev/shm mount on the host, but they are not set for the bind mount itself. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #13106 from cevich/not_buildOpenShift Merge Robot2022-02-02
|\ \ \ | |/ / |/| | Cirrus: Add [CI:BUILD] magic that only builds
| * | Cirrus: Add [CI:BUILD] magic that only buildsChris Evich2022-02-01
| | | | | | | | | | | | | | | | | | | | | | | | This is intended for cases where no code changes were made in this repo. but something did change which could affect the toolchain. For example, `Makefile` or packaging changes. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #13105 from lsm5/copr-fix-dependenciesOpenShift Merge Robot2022-02-01
|\ \ \ | | | | | | | | COPR: fix dependencies
| * | | COPR: fix dependenciesLokesh Mandvekar2022-02-01
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers-common rpm now `Recommends: netavark` and `Provides: container-network-stack` which are actually provided by both cni-plugins and netavark. Netavark has a `Recommends: aardvark-dns` already. So, we should only depend on the containers-common package and let it handle everything. Also, dnsname no longer needs to be recommended if we want new users to use netavark / aardvark-dns. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | Merge pull request #13066 from rhatdan/manOpenShift Merge Robot2022-02-01
|\ \ \ | | | | | | | | Clarify remote client means Mac and Windows
| * | | Clarify remote client means Mac and WindowsDaniel J Walsh2022-01-28
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13085 from ydayagi/mainOpenShift Merge Robot2022-02-01
|\ \ \ \ | |_|_|/ |/| | | play kube envVar.valueFrom.fieldRef
| * | | play kube envVar.valueFrom.fieldRefYaron Dayagi2022-01-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for env vars values from pod spec fields see https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.19/#envvarsource-v1-core relates to issue https://github.com/containers/podman/issues/12756 Signed-off-by: Yaron Dayagi <ydayagi@redhat.com>
* | | | Merge pull request #12814 from cevich/netavarkOpenShift Merge Robot2022-02-01
|\ \ \ \ | |_|_|/ |/| | | Cirrus: Add e2e task w/ upstream netavark
| * | | Cirrus: Also download aardvark-dns binaryChris Evich2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This involves a minor code-change so the download/install can run in a loop for the two different repositories and binaries. Given everything is exactly the same except the URLs and names. Signed-off-by: Chris Evich <cevich@redhat.com>
| * | | Cirrus: Add e2e task w/ upstream netavarkChris Evich2022-01-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR adds the CI mechanisms to obtain the latest upstream netavark binary, and set a magic env-var to indicate e2e tests should execute podman with `--network-driver=netavark`. A future commit implement this functionality within the e2e tests. Due to the way the new environment is enabled, the standard task name is too long for github to display without adding ellipsis. Force the custom task name `Netavark Integration` to workaround this. At some future point, when netavark is more mainstream/widely supported, this custom task and upstream binary install can simply be removed - i.e. netavark will simply be used by default in the normal e2e tasks. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #13101 from giuseppe/report-slirp4netns-statsOpenShift Merge Robot2022-02-01
|\ \ \ \ | | | | | | | | | | libpod: report slirp4netns network stats
| * | | | libpod: report slirp4netns network statsGiuseppe Scrivano2022-02-01
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | by default slirp4netns uses the tap0 device. When slirp4netns is used, use that device by default instead of eth0. Closes: https://github.com/containers/podman/issues/11695 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #13100 from fj-tsubasa/oom-kill-disable-manOpenShift Merge Robot2022-02-01
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Add notes to "--oom-kill-disable" not supported on cgroups V2
| * | | | Add notes to "--oom-kill-disable" not supported on cgroups V2Tsubasa Watanabe2022-01-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clarify "--oom-kill-disable" is not supported on cgroups V2 in documentation. Signed-off-by: Tsubasa Watanabe <w.tsubasa@fujitsu.com>
* | | | | Merge pull request #13064 from rhatdan/pauseOpenShift Merge Robot2022-02-01
|\ \ \ \ \ | | | | | | | | | | | | Fix use of infra image to clarify default
| * | | | | Fix use of infra image to clarify defaultDaniel J Walsh2022-01-31
|/ / / / / | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13091 from lsm5/fix-nightly-ci-buildsOpenShift Merge Robot2022-01-31
|\ \ \ \ \ | | | | | | | | | | | | CI: fix nightly builds
| * | | | | CI: fix nightly buildsLokesh Mandvekar2022-01-31
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Nightly builds were failing on CI ever since the Makefile change to have install target independent of build targets. See: e4636ebdc84ca28cf378873435cc9a27c81756f8 This commit ensures everything is built before installation. [NO NEW TESTS NEEDED] Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | | Merge pull request #13078 from patrycja-guzik/podman-image-ls-filtersOpenShift Merge Robot2022-01-31
|\ \ \ \ \ | |/ / / / |/| | | | [CI:DOCS] Adapt podman images ls filters docs to be aligned with prune filters docs
| * | | | Adapt podman images ls filters docs to be aligned with prune filters docsPatrycja Guzik2022-01-29
|/ / / / | | | | | | | | | | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
* | | | Merge pull request #13061 from flouthoc/podman-vm-delegate-subsystemOpenShift Merge Robot2022-01-28
|\ \ \ \ | |_|_|/ |/| | | ignition, machine: delegate `cpu,io,memory,pid cgroup controllers` to machine's non-root users.
| * | | ignition, machine: delegate cpu,io cgroup controllers to machine's default usersAditya R2022-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Makes sure that ignition setups up systemd config so cgroup controllers like `cpu, io` are also delegated to `non-root` along with `memory, pid`. This allows general users of `podman` on `macOS` and `podman-remote` to do operations which are dependent on `cpu, io` cgroup controllers. [NO TESTS NEEDED] [NO NEW TESTS NEEDED] We don't have a CI infra to test this, please pull the tree and run `podman info` inside the machine to confirm. Signed-off-by: Aditya R <arajan@redhat.com>
* | | | Merge pull request #12712 from flouthoc/volume_overlay_advancedOpenShift Merge Robot2022-01-28
|\ \ \ \ | | | | | | | | | | volume: add support for non-volatile `upperdir`,`workdir` for overlay volumes
| * | | | volume: add support for non-volatile upperdir,workdir for overlay volumesAditya Rajan2022-01-28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Often users want their overlayed volumes to be `non-volatile` in nature that means that same `upper` dir can be re-used by one or more containers but overall of nature of volumes still have to be `overlay` so work done is still on a overlay not on the actual volume. Following PR adds support for more advanced options i.e custom `workdir` and `upperdir` for overlayed volumes. So that users can re-use `workdir` and `upperdir` across new containers as well. Usage ```console $ podman run -it -v myvol:/data:O,upperdir=/path/persistant/upper,workdir=/path/persistant/work alpine sh ``` Signed-off-by: Aditya R <arajan@redhat.com>
* | | | | Merge pull request #13048 from cevich/fix_get_ci_vmOpenShift Merge Robot2022-01-28
|\ \ \ \ \ | |_|/ / / |/| | | | [CI:DOCS] Cirrus: Fix get_ci_vm.sh initial setup
| * | | | Cirrus: Fix get_ci_vm.sh initial setupChris Evich2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to some recent changes in the Makefile, the setup part of the script is now breaking with the error: ``` install: cannot stat 'bin/rootlessport': No such file or directory make: *** [Makefile:767: install.bin] Error 1 ``` The root-cause seems to be the `install` targets not properly specifying their build dependencies. This may lead to other problems WRT automation, but for now I'm just patching this tool to workaround the issue. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #13052 from Luap99/issues2OpenShift Merge Robot2022-01-28
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] github: label issues based on os fix regex
| * | | | | github: label issues based on os fix regexPaul Holzinger2022-01-27
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Good news the github action works, however I noticed that we cannot use a multiline regex so we have to use serviceIsRemote to detect if this is a remote client. Also change the os regex so that it matches both the output of podman version and podman info. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | | Merge pull request #13050 from Luap99/issuesOpenShift Merge Robot2022-01-27
|\ \ \ \ \ | | | | | | | | | | | | [CI:DOCS] github: label issues based on os
| * | | | | github: label issues based on osPaul Holzinger2022-01-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We get a lot of issues for podman-remote on macos. Since the fact that this is a remote client is often overlooked by us lets add windows, macos and remote label automatically based on a regex which should match the output of podman version. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | | Merge pull request #13049 from edsantiago/batsDaniel J Walsh2022-01-27
|\ \ \ \ \ \ | | | | | | | | | | | | | | System tests: emergency skip of checkpoint tests
| * | | | | | System tests: emergency skip of checkpoint testsEd Santiago2022-01-27
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | ...on kernel 5.17, because it's broken Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #13042 from Luap99/subnetsOpenShift Merge Robot2022-01-27
|\ \ \ \ \ \ | |/ / / / / |/| | | | | network create: allow multiple subnets
| * | | | | network create: allow multiple subnetsPaul Holzinger2022-01-27
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman network create --subnet, --gateway and --ip-range can now be specified multiple times to join the network to more than one subnet. This is very useful if you want to use a dual stack network and assign a fixed ipv4 and ipv6 subnet. The order of the options is important here, the first --gateway/--ip-range will be assigned to the first subnet and so on. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | | Merge pull request #13035 from rhatdan/docs1OpenShift Merge Robot2022-01-27
|\ \ \ \ \ | | | | | | | | | | | | CI:DOCS: Add troublshooting info on podman machine remove followed by podman machine init