| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
We now default to setting storage options to "nodev", when running
privileged containers, we need to turn this off so the processes can
manipulate the image.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
| |
This allows us to modify the containers mount option on a per/container basis
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
rootless: store only subset of storage.conf
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
do not store the entire file but only the subset of what we have
modified. Also, we were not writing the correct data. Since it is
not trivial to serialize storage.conf correctly and all the various
supported options, serialize only what we care about.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| | |
| | | |
vendor: update selinux
|
| | |/
| |
| |
| |
| |
| |
| | |
inherit a change for not failing a recursive relabelling if the file
is removed between the directory is read and the lsetxattr syscall.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \
| |/
|/| |
rootless: fix cleanup
|
| |/
|
|
|
|
|
|
|
|
|
|
|
| |
The conmon exit command is running inside of a namespace where the
process is running with uid=0. When it launches again podman for the
cleanup, podman is not running in rootless mode as the uid=0.
Export some more env variables to tell podman we are in rootless
mode.
Closes: https://github.com/containers/libpod/issues/1859
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
test: cleanup CNI network used by the tests
|
| |/
|
|
|
|
|
|
| |
issue introduced with:
https://github.com/containers/libpod/pull/1871
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
Improve podman run --mount test
|
| | |
| |
| |
| |
| |
| |
| | |
In some test env, mount with shared options is not included relatime
in the mountinfo file. So remove this from the test case.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Update the test case name to make it easier to filter --mount related
test cases with -ginkgo.focus.
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
| |\ \
| | |
| | | |
Actually set version for podman module / pypodman
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The environment variable wasn't set, giving 0.0.0
It is a still a problem if you use python3 to build,
rather than make. You *need* to set $PODMAN_VERSION,
or your module and packages won't have the version.
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |\ \ \
| | | |
| | | | |
exec: always make explicit the tty value
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
otherwise runc will take by default the value used for creating the
container. Setting it explicit overrides its default value and we
won't end up trying to use a terminal when not available.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1625876
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add some tests for --ip flag with run and create command
|
| | | |_|/
| |/| |
| | | |
| | | | |
Signed-off-by: Yiqiao Pu <ypu@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
set root propagation based on volume properties
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Set the root propagation based on the properties of volumes and default
mounts. To remain compatibility, follow the semantics of Docker. If a
volume is shared, keep the root propagation shared which works for slave
and private volumes too. For slave volumes, it can either be shared or
rshared. Do not change the root propagation for private volumes and
stick with the default.
Fixes: #1834
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
libpod should know if the network is disabled
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
/etc/resolv.conf and /etc/hosts should not be created and mounted when the
network is disabled.
We should not be calling the network setup and cleanup functions when it is
disabled either.
In doing this patch, I found that all of the bind mounts were particular to
Linux along with the generate functions, so I moved them to
container_internal_linux.go
Since we are checking if we are using a network namespace, we need to check
after the network namespaces has been created in the spec.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Add history field to image inspect
|
| | | |/ / /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Vendor in latest containers/buildah
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Pulls in fix for COPY --from when using --layers
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
add podman container|image exists
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Add an exists subcommand to podman container and podman image that allows
users to verify the existence of a container or image by ID or name. The return
code can be 0 (success), 1 (failed to find), or 125 (failed to work with runtime).
Issue #1845
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
implement --format for version command
|
| | | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | | |
Signed-off-by: Tomas Tomecek <ttomecek@redhat.com>
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
podman_tutorial.md typo: arguement -> argument
|
| |/ / / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Steve Phillips <steve@tryingtobeawesome.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
Load NAT modules to fix tests involving CRIU
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
CRIU uses iptables to lock and unlock the network during checkpoint and
restore. If Podman is running in Podman the automatic loading of modules
does not work and thus this commit pre-loads the necessary modules to
make sure the checkpoint test cases are not failing.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Added option to keep container running after checkpointing
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds the '--leave-running, -R' to the container-checkpoint man
page. As the information for '--all, -a' and '--latest, -l' was also
still missing it is included in this commit.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
CRIU supports to leave processes running after checkpointing:
-R|--leave-running leave tasks in running state after checkpoint
runc also support to leave containers running after checkpointing:
--leave-running leave the process running after checkpointing
With this commit the support to leave a container running after
checkpointing is brought to Podman:
--leave-running, -R leave the container running after writing checkpoint to disk
Now it is possible to checkpoint a container at some point in time
without stopping the container. This can be used to rollback the
container to an early state:
$ podman run --tmpfs /tmp --name podman-criu-test -d docker://docker.io/yovfiatbeb/podman-criu-test
$ curl 10.88.64.253:8080/examples/servlets/servlet/HelloWorldExample
3
$ podman container checkpoint -R -l
$ curl 10.88.64.253:8080/examples/servlets/servlet/HelloWorldExample
4
$ curl 10.88.64.253:8080/examples/servlets/servlet/HelloWorldExample
5
$ podman stop -l
$ podman container restore -l
$ curl 10.88.64.253:8080/examples/servlets/servlet/HelloWorldExample
4
So after checkpointing the container kept running and was stopped after
some time. Restoring this container will restore the state right at the
checkpoint.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For upcoming changes to the Checkpoint() functions this commit switches
checkpoint options from a boolean to a struct, so that additional
options can be passed easily to Checkpoint() without changing the
function parameters all the time.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
generate kubernetes YAML from a libpod container
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
scope out new kube subcommand where we can add generate. you can now generate kubernetes
YAML that will allow you to run the container in a kubernetes environment. When
The YAML description will always "wrap" a container in a simple v1.Pod description.
Tests and further documentation will be added in additional PRs.
This function should be considered very much "under heavy development" at
this point.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Allow users to expose ports from the pod to the host
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
we need to allow users to expose ports to the host for the purposes
of networking, like a webserver. the port exposure must be done at
the time the pod is created.
strictly speaking, the port exposure occurs on the infra container.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Improve speed of containers.list()
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Clean up code in containers.py
* Pass pylint tests
* Pass tox tests
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
pypodman: Don't use $HOST and $USER variables for remote
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also, don't use $PORT. These are too generic.
Make sure to read $LOGNAME _after_ the config.
Prefix all the remote variables with PODMAN_
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
rootless: create user conf files when they don't exist
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
