| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
The `usermod` calls in rootless_tutorial.md were only adding a very narrow range
for subuids and subgids, which will cause failures with containers where a file
is owned by a user or group with a uid/gid > 1001.
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
|\
| |
| | |
benchmarks: push/pull
|
| |
| |
| |
| |
| |
| |
| |
| | |
Polish the push and pull benchmarks. In particular, make sure to not be
network bound during these benchmarks by running a local registry and
pushing a local image that can later on be pulled.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| | |
| | | |
Report correct RemoteURI
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Rather than assuming a filesystem path, the API service URI is recorded
in the libpod runtime configuration and then reported as requested.
Note: All schemes other than "unix" are hard-coded to report URI exists.
Fixes #12023
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add more unit tests
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Improve "code coverage" with more unit-tests.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
podman system reset removed machines incorrectly
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
podman system reset did not clean up machines fully, leaving some config
files, and breaking machines. Now it removes all machines files fully.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
libpod: treat ECONNRESET as EOF
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
when reading from the attach socket, treat ECONNRESET in the same way
as EOF.
[NO NEW TESTS NEEDED]
Closes: https://github.com/containers/podman/issues/11446
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
play kube default log driver
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The default log driver is not used when using play kube
without --log-driver. The LogDriver function needs to
be called in order to use the default log driver.
fixes #13781
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
containers/dependabot/go_modules/github.com/containers/storage-1.40.2
Bump github.com/containers/storage from 1.40.0 to 1.40.2
|
| |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.40.0 to 1.40.2.
- [Release notes](https://github.com/containers/storage/releases)
- [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md)
- [Commits](https://github.com/containers/storage/compare/v1.40.0...v1.40.2)
---
updated-dependencies:
- dependency-name: github.com/containers/storage
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
machine events: only open sockets when needed
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We should only open the socket when needed and not always at init time.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Implement --format for machine inspect
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Fix issue of nil pointer derefence
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Add podman machine events
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | | |
generate systemd: pods: set exit policy
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Unless specified in the create command of the pod, enforce the exit
policy to "stop". With "stop", a pod is stopped when the last container
exits and does not continue running. This behavior integrates much
better into systemd which is now able to tell whether the service
running as pod is actually running/active or not.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| | | |
| | | | |
Additional stats for podman info
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In support of podman machine and its counterpart desktop, we have added
new stats to podman info.
For storage, we have added GraphRootAllocated and GraphRootUsed in
bytes.
For CPUs, we have added user, system, and idle percents based on
/proc/stat.
Fixes: #13876
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
[CI:DOCS] vendor treadmill script: run 'git add vendor'
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Situation encountered just now after buildah #3949 but
before podman #14084: go.mod changed in such a way that
other modules were updated, not just buildah, and those
changes weren't git-added by 'make vendor'. This resulted
in the dirty-tree CI test failing.
Solution: check for untracked vendor files after 'make vendor',
and git-add them. Show a friendly message that we're doing so:
+---> Adding untracked files under containers/image, containers/storage, klauspost/compress, x/sys
In order to do this safely, we run an untracked-files check
under vendor as one of the first sanity checks. If there are
any when we start the script, fail early.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
containers/dependabot/go_modules/github.com/rootless-containers/rootlesskit-1.0.1
Bump github.com/rootless-containers/rootlesskit from 1.0.0 to 1.0.1
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Bumps [github.com/rootless-containers/rootlesskit](https://github.com/rootless-containers/rootlesskit) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/rootless-containers/rootlesskit/releases)
- [Commits](https://github.com/rootless-containers/rootlesskit/compare/v1.0.0...v1.0.1)
---
updated-dependencies:
- dependency-name: github.com/rootless-containers/rootlesskit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Vendor in containers/(common, storage, image)
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Treadmill script: revamp
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Major revamp: instead of stacking a vendor commit on top of
the treadmill changes, do it the other way around: vendor,
then apply treadmill diffs.
Reason: the build-all-new-commits test. Sigh. It fails in the
common case where our treadmill changes include a new struct
element in cmd/podman/images/build.go
Why this is good: well, superficially, it's more intuitive.
Why this is horrible: omg the rebasing games are a nightmare.
When the vendor commit is on top (HEAD), it's ultra-trivial
to drop it, rebase the treadmill changes on main, then add
a new vendor-buildah commit on top. As you can see from the
diffs in this PR, treadmill-as-HEAD introduces all sorts
of complex dance steps in which things can go catastrophically
wrong and you can lose all your treadmill patches. I try very
hard to prevent this, and to offer hints if there's a problem,
and heck in the worst case it's still git so it's still possible
to find lost commits... but it's still much riskier than the
old way.
Alternative I considered: using sed magic to disable the
build-all-new-commits test. So tempting... but that would
also disable the bloat check.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
CI: emergency fix for broken go get
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
go get is deprecated, we should use go install instead.
Also for some reason go get -u golang.org/x/tools/cmd/goimports is
broken at the moment, thus failing CI jobs where we have to install
this. Switching to go install seems to fix it.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| |/ /
|/| | |
pod: add exit policies
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add the notion of an "exit policy" to a pod. This policy controls the
behaviour when the last container of pod exits. Initially, there are
two policies:
- "continue" : the pod continues running. This is the default policy
when creating a pod.
- "stop" : stop the pod when the last container exits. This is the
default behaviour for `play kube`.
In order to implement the deferred stop of a pod, add a worker queue to
the libpod runtime. The queue will pick up work items and in this case
helps resolve dead locks that would otherwise occur if we attempted to
stop a pod during container cleanup.
Note that the default restart policy of `play kube` is "Always". Hence,
in order to really solve #13464, the YAML files must set a custom
restart policy; the tests use "OnFailure".
Fixes: #13464
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |/
| |
| |
| |
| |
| | |
Required for using the newly added pod exit policies.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| | |
| | | |
libpod: unset networks before storing container conf
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since networks must always be read from the db bucket directly we should
unset them in config to avoid caller from accidentally using them.
I already tried this but it didn't work because the networks were unset
after the config was marshalled.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| |/
|/| |
Implement machine inspect for WSL
|
|/
|
|
| |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\
| |
| | |
Use simulated dual-stack binds when using WSL
|
| |
| |
| |
| |
| |
| | |
Resolves a WSL problem where traffic from only one stack is relayed
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] buildah-vendor-treadmill script: yet more checks
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
More safety checks for the treadmill script:
* for --sync:
- issue warning if HEAD is not a vendor commit
- if run-buildah-bud-tests fails, leave the working dir
for user to investigate. And offer a long helpful warning.
- tweak .cirrus.yml so buildah-bud tests run early, so
we can fail early. (Remember, the top commit will never
ever ever ever be merged)
* for --pick:
- check branch merge-base (of your vendor-update branch),
compare against that of the treadmill PR. If treadmill
is newer, bail, and suggest rebasing. This would've
saved us some time in #14005.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
libpod: host netns keep same /etc/resolv.conf
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a container is run in the host network namespace we have to keep
the same resolv.conf content and not use the systemd-resolve detection
logic.
But also make sure we still allow --dns options.
Fixes #14055
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always
be owned by the root user in the container. This worked correct for
/etc/hostname and /etc/hosts but not for /etc/resolv.conf.
A container run with --userns keep-id would have the reolv.conf file
owned by the current container user which is wrong.
Consolidate some common code in a new helper function to make the code more
cleaner.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
enable errcheck linter
|