summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Add mutex invariant to SHM semaphores.Matthew Heon2019-01-04
| | | | | | | | | | | | Check value of semaphores when incrementing to ensure we never go beyond 1, preserving mutex invariants. Also, add cleanup code to the lock tests, ensuring that we never leave the locks in a bad state after a test. We aren't destroying and recreating the SHM every time, so we have to be careful not to leak state between test runs. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Initial skeleton of in-memory locksMatthew Heon2019-01-04
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Merge pull request #2045 from vrothberg/initOpenShift Merge Robot2019-01-04
|\ | | | | add init support
| * add container-init supportValentin Rothberg2019-01-04
|/ | | | | | | | | | | | | | | | | | | Add support for executing an init binary as PID 1 in a container to forward signals and reap processes. When the `--init` flag is set for podman-create or podman-run, the init binary is bind-mounted to `/dev/init` in the container and "/dev/init --" is prepended to the container's command. The default base path of the container-init binary is `/usr/libexec/podman` while the default binary is catatonit [1]. This default can be changed permanently via the `init_path` field in the `libpod.conf` configuration file (which is recommended for packaging) or temporarily via the `--init-path` flag of podman-create and podman-run. [1] https://github.com/openSUSE/catatonit Fixes: #1670 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #2071 from baude/vendorcsOpenShift Merge Robot2019-01-03
|\ | | | | vendor in new containers/storage
| * vendor in new containers/storagebaude2019-01-03
| | | | | | | | | | | | | | | | | | vendor in latest containers/storage which contains a fix for when a filesystem that overlayfs is on is ENOSPC. adding pgzip/compress as a new dep for c/s Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2072 from rhatdan/completionsOpenShift Merge Robot2019-01-03
|\ \ | |/ |/| Fix completions
| * Fix completionsDaniel J Walsh2019-01-03
|/ | | | | | | | | Currently completions do not work. podman generate kube and podman play kube completions broke this. Also fixed podman import to work properly. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #2065 from TomSweeneyRedHat/dev/tsweeney/troublefix1OpenShift Merge Robot2019-01-02
|\ | | | | Touch up some troubleshooting nits
| * Touch up some troubleshooting nitsTomSweeneyRedHat2019-01-02
|/ | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #2068 from mheon/log_container_commandOpenShift Merge Robot2019-01-02
|\ | | | | Log container command before starting the container
| * Log container command before starting the containerMatthew Heon2019-01-02
| | | | | | | | | | | | | | Runc does not produce helpful error messages when the container's command is not found, so print the command ourselves. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #2067 from mheon/fix_garbage_portsOpenShift Merge Robot2019-01-02
|\ \ | |/ |/| Use sprintf to generate port numbers while committing
| * Use sprintf to generate port numbers while committingMatthew Heon2019-01-02
|/ | | | | | | | | Casting integers to strings is definitely not correct, so let the standard library handle matters. Fixes #2066 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #2052 from rhatdan/sparseOpenShift Merge Robot2018-12-31
|\ | | | | Add troubleshooting for sparse files
| * Add troubleshooting for sparse filesDaniel J Walsh2018-12-30
|/ | | | | | | | | | A common failure with people building container images is the creation of large sparse files, particularly useradd creating the lastlog file. This PR Documents the failures. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #2058 from adrianreber/enable-crOpenShift Merge Robot2018-12-28
|\ | | | | Re-enable checkpoint/restore CI tests on Fedora
| * Re-enable checkpoint/restore CI tests on FedoraAdrian Reber2018-12-28
| | | | | | | | | | | | | | | | Now that the correct distribution CRIU packages are installed the checkpoint/restore tests should no longer fail. This re-enables the disabled tests on Fedora. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Merge pull request #2059 from rhatdan/ociruntimeOpenShift Merge Robot2018-12-28
|\ \ | | | | | | podman build is not using the default oci-runtime
| * | podman build is not using the default oci-runtimeDaniel J Walsh2018-12-28
| |/ | | | | | | | | | | | | | | | | | | Currently if the user installs runc in an alternative path podman run uses it but podman build does not. This patch will pass the default oci runtime to be used by podman down to the image builder. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2060 from rhatdan/devicesOpenShift Merge Robot2018-12-28
|\ \ | |/ |/| Fix handling of symbolic links
| * Fix handling of symbolic linksDaniel J Walsh2018-12-28
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #2051 from rhatdan/shmOpenShift Merge Robot2018-12-24
|\ | | | | Fixes to handle /dev/shm correctly.
| * Fixes to handle /dev/shm correctly.Daniel J Walsh2018-12-24
|/ | | | | | | | | | | | | | | | | | We had two problems with /dev/shm, first, you mount the container read/only then /dev/shm was mounted read/only. This is a bug a tmpfs directory should be read/write within a read-only container. The second problem is we were ignoring users mounted /dev/shm from the host. If user specified podman run -d -v /dev/shm:/dev/shm ... We were dropping this mount and still using the internal mount. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #2049 from baude/rootlessusestopOpenShift Merge Robot2018-12-24
|\ | | | | rootless tests using stop is more reliable
| * rootless tests using stop is more reliablebaude2018-12-23
| | | | | | | | | | | | | | | | | | | | | | when testing rootless containers, it is more reliable to stop a container with a zero timeout than kill a container. We made this change in non-rootless tests as well. When IO or CPU are taxed, it avoids a situation where the kill signal is sent but the container has not been able to update its status when a subsequent action occurs. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2044 from rhatdan/listOpenShift Merge Robot2018-12-23
|\ \ | |/ |/| Allow alias for list, ls, ps to work
| * Allow alias for list, ls, ps to workDaniel J Walsh2018-12-23
| | | | | | | | | | | | | | | | Allow multiple alias for listing containers and images. Also fix documentation for umount and unmount Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2048 from isimluk/use-idtools-parserOpenShift Merge Robot2018-12-23
|\ \ | |/ |/| Refactor: use idtools.ParseIDMap instead of bundling own version
| * Refactor: use idtools.ParseIDMap instead of bundling own versionŠimon Lukašík2018-12-23
|/ | | | | | | | | | | ParseIDMap function was extracted to idtools in https://github.com/containers/storage/pull/236 it is already used in containers/storage and buildah, it should be used in libpod as well. Signed-off-by: Šimon Lukašík <isimluk@fedoraproject.org>
* Merge pull request #2023 from rhatdan/configOpenShift Merge Robot2018-12-22
|\ | | | | Switch all references to image.ContainerConfig to image.Config
| * Switch all referencs to image.ContainerConfig to image.ConfigDaniel J Walsh2018-12-21
| | | | | | | | | | | | This will more closely match what Docker is doing. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2042 from cevich/new_criu_imagesOpenShift Merge Robot2018-12-22
|\ \ | |/ |/| Use new VM images with updated CRIU
| * cirrus: Use updated images including new cruiChris Evich2018-12-21
|/ | | | | | | Also add two minor tweaks which were preventing images from building properly. Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #2033 from rhatdan/devicesOpenShift Merge Robot2018-12-21
|\ | | | | Allow users to specify a directory for additonal devices
| * Allow users to specify a directory for additonal devicesDaniel J Walsh2018-12-21
| | | | | | | | | | | | | | Podman will search through the directory and will add any device nodes that it finds. If no devices are found we return an error. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Change all 'can not' to 'cannot' for proper usageDaniel J Walsh2018-12-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Invalid index for arrayDaniel J Walsh2018-12-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2035 from rhatdan/vendorOpenShift Merge Robot2018-12-21
|\ \ | |/ |/| Vendor in latest psgo code
| * Vendor in latest psgo code to fix race conditionsDaniel J Walsh2018-12-21
| | | | | | | | | | | | | | | | | | | | When running podman top, the processes collected can exit befor psgo gets information on the processes. This can cause some weird errors and creates some CI flakes. psgo now properly ignores this situation rather then returning errors Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #2028 from giuseppe/fix-rootless-exportOpenShift Merge Robot2018-12-21
|\ \ | |/ |/| rootless: fix export when using fuse-overlayfs
| * test: add test for rootless exportGiuseppe Scrivano2018-12-21
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * export: fix usage with rootless containersGiuseppe Scrivano2018-12-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix usage of export when rootless containers are used without vfs. We join the conmon process namespaces as the container is running in a different one. There can be a problem if the user specify a different path for the conmon process, and then the file is deleted. In this case podman won't be able to find the conmon process to join. Closes: https://github.com/containers/libpod/issues/2027 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * rootless: add function to join user and mount namespaceGiuseppe Scrivano2018-12-21
| | | | | | | | | | | | | | | | | | | | Add the possibility to join directly the user and mount namespace without looking up the parent of the user namespace. We need this in order to be able the conmon process, as the mount namespace is kept alive only there. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * libpod: always store the conmon pid fileGiuseppe Scrivano2018-12-21
| | | | | | | | | | | | | | we need this information to later be able to join the conmon process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #1998 from adrianreber/with-criu-againOpenShift Merge Robot2018-12-21
|\ \ | |/ |/| Use existing CRIU packages for testing instead of building from git
| * Use existing CRIU packages in CI setupAdrian Reber2018-12-21
|/ | | | | | | | | | | | For all in testing involved distribution a new enough CRIU exists as a package. Fedora provides CRIU packages directly. For CentOS/RHEL there is a COPR with the latest CRIU version and for Ubuntu there is a PPA for the latest CRIU version. Let's use these packages and fall back to building from git if necessary. Signed-off-by: Adrian Reber <adrian@lisas.de>
* Merge pull request #2037 from baude/blkioskipOpenShift Merge Robot2018-12-20
|\ | | | | skip test for blkio.weight when kernel does not support it
| * skip test for blkio.weight when kernel does not support itbaude2018-12-20
|/ | | | Signed-off-by: baude <bbaude@redhat.com>
* Merge pull request #1757 from kunalkushwaha/contrib-perftestOpenShift Merge Robot2018-12-20
|\ | | | | perf test a stress test to profile CPU load of podman