| Commit message (Collapse) | Author | Age |
|
|
|
| |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
| |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
| |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The difference between container checkpoint/restore and container
migration is that for migration the container which was checkpointed
must not exist during restore. To simulate migration the container
is remove ('podman rm -fa') before being restored. The migration test
does following steps:
* podman run
* podman container checkpoint -l -e /tmp/checkpoint.tar.gz
* podman rm -fa
* podman container restore -i /tmp/checkpoint.tar.gz
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds an option to the checkpoint command to export a
checkpoint into a tar.gz file as well as importing a checkpoint tar.gz
file during restore. With all checkpoint artifacts in one file it is
possible to easily transfer a checkpoint and thus enabling container
migration in Podman. With the following steps it is possible to migrate
a running container from one system (source) to another (destination).
Source system:
* podman container checkpoint -l -e /tmp/checkpoint.tar.gz
* scp /tmp/checkpoint.tar.gz destination:/tmp
Destination system:
* podman pull 'container-image-as-on-source-system'
* podman container restore -i /tmp/checkpoint.tar.gz
The exported tar.gz file contains the checkpoint image as created by
CRIU and a few additional JSON files describing the state of the
checkpointed container.
Now the container is running on the destination system with the same
state just as during checkpointing. If the container is kept running
on the source system with the checkpoint flag '-R', the result will be
that the same container is running on two different hosts.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
|
|
|
|
| |
This adds a couple of function in structure members needed in the next
commit to make container migration actually work. This just splits of
the function which are not modifying existing code.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|
|
|
| |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\
| |
| | |
podman remote-client commit
|
| |
| |
| |
| |
| |
| |
| | |
add the ability to commit a container to an image using the remote
client.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Manpage: fix podman-varlink and -version mixup
|
|/ /
| |
| |
| | |
Signed-off-by: Marcus Müller <marcus@hostalia.de>
|
|\ \
| | |
| | | |
rootless: some cleanups for rootless_linux.c
|
| | |
| | |
| | |
| | |
| | |
| | | |
avoid checking for EINTR for every syscall that could block.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
after we read from the pause PID file, NUL terminate the buffer to
avoid reading garbage from the stack.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
split rootless local and remote testing
|
| | |
| | |
| | |
| | | |
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Small fix to readme to force tests to run
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|/ / /
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
rootless: skip check fo /etc/containers/registries.conf
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the warning can be confusing when used in rootless mode as the
unprivileged user has no way for setting it up.
Closes: https://github.com/containers/libpod/issues/2955
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix for varlink upgrade connections
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Although an upgraded call is requested, the server has to send at least
one reply (can be an error) and the client has to check the reply,
before assuming an upgraded connection.
Signed-off-by: Harald Hoyer <harald@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Do not set tmpcopyup on /dev
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes #3229
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
use imagecaches for local tests
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
when doing localized tests (not varlink), we can use secondary image
stores as read-only image caches. this cuts down on test time
significantly because each test does not need to restore the images from
a tarball anymore.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \ \ \
| |_|_|_|_|/ /
|/| | | | | | |
Resolve symlinks in cp
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
We can't pause them, so if that's requested, throw an error.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Rootless containers can't be paused (no CGroups, so no freezer).
We could try and emulate this with a SIGSTOP to all PIDs in the
container, but that's inherently racy, so let's avoid it for now.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Should fix CVE-2018-15664 for Podman.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Securejoin ensures that paths are resolved in the container, not
on the host.
Fixes #3211
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
do not run remote tests inside container
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
when running the podman integration tests inside a container, we should
not be running the remote tests.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
add dns flags to docs
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | | |
Added same dns flags from buildah documentation to podman
Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add missing 'container cp' alias and document missing 'container update' command
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
'docker cp' is an alias for 'docker container cp', and podman should have the equivalent alias.
Signed-off-by: Jose Diaz-Gonzalez <email@josediazgonzalez.com>
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
Also reorder the missing update command to better match the container update command (it is in the same management namespace)
Signed-off-by: Jose Diaz-Gonzalez <email@josediazgonzalez.com>
|
|\ \ \ \
| | | | |
| | | | | |
Podman logs man page shouldn't include timestamps
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Change man page to reflect default output. Commands
with timestamps should include `-t` option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Add libpod journald logging
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|