summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Implement Podman Container Clonecdoern2022-02-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | podman container clone takes the id of an existing continer and creates a specgen from the given container's config recreating all proper namespaces and overriding spec options like resource limits and the container name if given in the cli options this command utilizes the common function DefineCreateFlags meaning that we can funnel as many create options as we want into clone over time allowing the user to clone with as much or as little of the original config as they want. container clone takes a second argument which is a new name and a third argument which is an image name to use instead of the original container's the current supported flags are: --destroy (remove the original container) --name (new ctr name) --cpus (sets cpu period and quota) --cpuset-cpus --cpu-period --cpu-rt-period --cpu-rt-runtime --cpu-shares --cpuset-mems --memory --run resolves #10875 Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* Merge pull request #13075 from n1hility/mac-forward-helperOpenShift Merge Robot2022-02-16
|\ | | | | Mac API forwarding using a privileged docker socket claim helper
| * Update to podman4 copr streamJason T. Greene2022-02-16
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * Introduce podman machine init --root=t|f and podman machine set --root=t|fJason T. Greene2022-02-16
| | | | | | | | | | | | Switch default to rootless for mac and windows Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
| * Initial implementation of mac forwarding using a privileged docker sock ↵Jason T. Greene2022-02-16
| | | | | | | | | | | | claim helper Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Merge pull request #13243 from patrycja-guzik/docs2OpenShift Merge Robot2022-02-16
|\ \ | | | | | | [CI:DOCS] Unify ls --filter docs for networks and pods
| * | Unify ls --filter docs for networks and podsPatrycja Guzik2022-02-15
| | | | | | | | | | | | | | | | | | Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com> #13078 follow-up
* | | Merge pull request #13244 from vrothberg/merge-filter-testsOpenShift Merge Robot2022-02-16
|\ \ \ | |_|/ |/| | e2e: merge after/since image-filter tests
| * | e2e: merge after/since image-filter testsValentin Rothberg2022-02-16
|/ / | | | | | | | | | | | | Merge the two tests to speed up testing. Both built the exact same images. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #13239 from baude/e2esincebeforeOpenShift Merge Robot2022-02-16
|\ \ | |/ |/| Fix images since/after tests
| * Changes of docker descriptionsBrent Baude2022-02-15
| | | | | | | | | | | | | | | | | | It looks like some descriptions have changed on the docker registry where we had been searching for images that include 'alpine'. We are now seeing an image in the initial list that has 'alpine' in its description. Signed-off-by: Brent Baude <bbaude@redhat.com>
| * Fix images since/after testsBrent Baude2022-02-15
|/ | | | | | | | For the since and after imagve filter tests, instead of using the read-only cache of images, we just use the empty r/w store. We then build three images that are strictly predictable. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #13237 from Luap99/net-docsOpenShift Merge Robot2022-02-15
|\ | | | | [CI:DOCS] podman network: add documentation for netavark
| * podman network: add documentation for netavarkPaul Holzinger2022-02-15
|/ | | | | | | Add some docs about the different network backends. Also remove the CNI word from network since we refer to either a netavark or CNI config. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13209 from esendjer/mainOpenShift Merge Robot2022-02-14
|\ | | | | ignition: propagate proxy settings from a host into a vm
| * ignition: propagate proxy settings from a host into a vmesendjer2022-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Set proxy settings (such as `HTTP_PROXY`, and others) for the whole guest OS with setting up `DefaultEnvironment` with a `systemd` configuration file `default-env.conf`, a `profile.d` scenario file - `default-env.sh` and a `environment.d` configuration file `default-env.conf` The **actual** environment variables are read by podman at a start, then they are encrypted with base64 into a single string and after are provided into a VM through QEMU Firmware Configuration (fw_cfg) Device Inside a VM a systemd service `envset-fwcfg.service` reads the providead encrypted string from fw_cfg, decrypts and then adds to the files - `/etc/systemd/system.conf.d/default-env.conf` - `/etc/profile.d/default-env.sh` - `/etc/environment.d/default-env.conf` At the end this service execute `systemctl daemon-reload` to propagate new variables for systemd manager [NO NEW TESTS NEEDED] Closes #13168 Signed-off-by: esendjer <esendjer@gmail.com>
* | Merge pull request #13223 from Foxboron/morten/fix-annotationOpenShift Merge Robot2022-02-14
|\ \ | | | | | | create: Fix key=value annotation in the flag output
| * | create: Fix key=value annotation in the flag outputMorten Linderud2022-02-14
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Morten Linderud <morten@linderud.pw>
* | | Merge pull request #13084 from ↵OpenShift Merge Robot2022-02-14
|\ \ \ | | | | | | | | | | | | | | | | eriksjolund/troubleshooting_userns_keep_id_uidmap_gidmap [CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshooting
| * | | [CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshootingErik Sjölund2022-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add troubleshooting advice: "Container creates a file that is not owned by the user's regular UID". The solution involves using the options --uidmap and --gidmap. * Add troubleshooting advice: "Passed-in devices or files can't be accessed in rootless container (UID/GID mapping problem)". The general solution involves using the options --uidmap and --gidmap. Sometimes --userns=keep-id could be used. Co-authored-by: Tom Sweeney <tsweeney@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | | | Merge pull request #13220 from baude/podman4fcosOpenShift Merge Robot2022-02-14
|\ \ \ \ | |_|/ / |/| | | Temporarily pull machine images from side repo
| * | | Temporarily pull machine images from side repoBrent Baude2022-02-11
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Until podman4 is in the fcos trees, we need to pull the machine images from a side repository. There is a hard coded bit that forces the side repo download right now. Simple comment or removal of the bit will revert to normal download behavior. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #13144 from lsm5/e2e-netavarkOpenShift Merge Robot2022-02-11
|\ \ \ | | | | | | | | enable netavark specific tests
| * | | enable netavark specific testsLokesh Mandvekar2022-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | These are copies of the CNI tests with modifications wherever neccessary. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* | | | Merge pull request #13214 from adrianreber/2022-02-11-fix-testsOpenShift Merge Robot2022-02-11
|\ \ \ \ | |/ / / |/| | | Fix checkpoint/restore pod tests
| * | | Fix checkpoint/restore pod testsAdrian Reber2022-02-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Checkpoint/restore pod tests are not running with an older runc and now that runc 1.1.0 appears in the repositories it was detected that the tests were failing. This was not detected in CI as CI was not using runc 1.1.0 yet. Signed-off-by: Adrian Reber <areber@redhat.com>
* | | | Merge pull request #13210 from rhatdan/buildOpenShift Merge Robot2022-02-11
|\ \ \ \ | |_|/ / |/| | | Make sure building with relative paths work correctly.
| * | | Make sure building with relative paths work correctly.Daniel J Walsh2022-02-10
| | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/12763 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13205 from jwhonce/wip/network_versionOpenShift Merge Robot2022-02-11
|\ \ \ \ | |_|/ / |/| | | Add 409 response to swagger godoc
| * | | Add 409 response to swagger godocJhon Honce2022-02-10
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | When attempting to create a network with a name that already exists, a 409 status code will be returned [NO NEW TESTS NEEDED] Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #13202 from TomSweeneyRedHat/dev/tsweeney/newhelloOpenShift Merge Robot2022-02-10
|\ \ \ | |/ / |/| | Make the hello image leaner
| * | Make the hello image leanertomsweeneyredhat2022-02-10
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] Change from using a bash script to a c file for running the image. With thanks to discussions with @afbjorklund, the Containerfile was rigged up to make the final image be only KB's in size. Also add USER 1000 to make the image test/run as non-root, and update the README.md Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* | Merge pull request #13197 from giuseppe/doc-cannot-write-loginuidOpenShift Merge Robot2022-02-10
|\ \ | | | | | | [CI:DOCS] troubleshooting: add doc for ssh into a container
| * | troubleshooting: add doc for ssh into a containerGiuseppe Scrivano2022-02-10
| |/ | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #13191 from mheon/resolvconf_fixesOpenShift Merge Robot2022-02-10
|\ \ | | | | | | Modify /etc/resolv.conf when connecting/disconnecting
| * | Modify /etc/resolv.conf when connecting/disconnectingMatthew Heon2022-02-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The `podman network connect` and `podman network disconnect` commands give containers access to different networks than the ones they were created with; these networks can also have DNS servers associated with them. Until now, however, we did not modify resolv.conf as network membership changed. With this PR, `podman network connect` will add any new nameservers supported by the new network to the container's /etc/resolv.conf, and `podman network disconnect` command will do the opposite, removing the network's nameservers from `/etc/resolv.conf`. Fixes #9603 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #13178 from vrothberg/sym-helloOpenShift Merge Robot2022-02-10
|\ \ \ | | | | | | | | helloimage: header symmetry
| * | | helloimage: header symmetryValentin Rothberg2022-02-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Make the header symmetric by adding a whitespace before the `!` on the righthand side. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | Merge pull request #13189 from jwhonce/wip/network_versionOpenShift Merge Robot2022-02-10
|\ \ \ \ | | | | | | | | | | Add version guard to libpod API endpoints
| * | | | Add version guard to libpod API endpointsJhon Honce2022-02-09
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Ensure meaningful behaviour when called with /v3.x.x semantics * Change return code to 409 from 500 when client attempts to use an existing network name * Update API bats test runner to support /v4.0.0 endpoints by default Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #13192 from TomSweeneyRedHat/dev/tsweeney/bumpcommonOpenShift Merge Robot2022-02-10
|\ \ \ \ | |_|_|/ |/| | | Bump c/common to v0.47.4
| * | | Bump c/common to v0.47.4tomsweeneyredhat2022-02-09
|/ / / | | | | | | | | | | | | | | | As the title says. Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
* | | Merge pull request #13184 from Luap99/cni-dirOpenShift Merge Robot2022-02-09
|\ \ \ | | | | | | | | Do not set the network config dir to cni plugin dir
| * | | Do not set the network config dir to cni plugin dirPaul Holzinger2022-02-09
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I do not know why this code was added but it is wrong. We should never use a plugin dir as config dir. Also this will fail for netavark. The correct default will be set in c/common so podman should not touch it. [NO NEW TESTS NEEDED] Ref #13183 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | Merge pull request #13182 from Luap99/api-docOpenShift Merge Robot2022-02-09
|\ \ \ | |/ / |/| | [CI:DOCS] Show API doc for several versions
| * | Show API doc for several versionsPaul Holzinger2022-02-09
|/ / | | | | | | | | | | | | | | | | | | | | Right now it is not possible to look at the API version for a specific version. docs.podman.io always show the latest version from the main branch. This is not want many users want so they now have the ability to select a different version. Fixes #12796 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13142 from tmds/ImageCreate_200_schemaOpenShift Merge Robot2022-02-09
|\ \ | | | | | | [CI:DOCS] Add schema for ImageCreate 200 response.
| * | [NO NEW TEST NEEDED] Add schema for ImageCreate 200 response.Tom Deseyn2022-02-09
| | | | | | | | | | | | Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com>
* | | Merge pull request #13170 from rhatdan/idmapOpenShift Merge Robot2022-02-09
|\ \ \ | |_|/ |/| | idmap should be able to be specified along with other options
| * | idmap should be able to be specified along with other optionsDaniel J Walsh2022-02-08
|/ / | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] crun is not available everywhere to test idmap. Kernel might not be recent enough and not all file systems support idmap option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>