summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* system: migrate stops the pause processGiuseppe Scrivano2019-05-17
| | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* rootless: join namespace immediately when possibleGiuseppe Scrivano2019-05-17
| | | | | | | | | | | add a shortcut for joining immediately the namespace so we don't need to re-exec Podman. With the pause process simplificaton, we can now attempt to join the namespaces as soon as Podman starts (and before the Go runtime kicks in), so that we don't need to re-exec and use just one process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* rootless: use a pause processGiuseppe Scrivano2019-05-17
| | | | | | | | | | | | | | | | | use a pause process to keep the user and mount namespace alive. The pause process is created immediately on reload, and all successive Podman processes will refer to it for joining the user&mount namespace. This solves all the race conditions we had on joining the correct namespaces using the conmon processes. As a fallback if the join fails for any reason (e.g. the pause process was killed), then we try to join the running containers as we were doing before. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* migrate: not create a new namespaceGiuseppe Scrivano2019-05-17
| | | | | | | this leaves the containers stopped but we won't risk to use the wrong user namespace. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #3104 from giuseppe/initial-cgroup2OpenShift Merge Robot2019-05-17
|\ | | | | rootless: allow resource isolation with cgroup v2
| * rootless: default --cgroup-manager=systemd in unified modeGiuseppe Scrivano2019-05-13
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * create: skip resources validation with cgroup v2Giuseppe Scrivano2019-05-13
| | | | | | | | | | | | | | skip resources validation when cgroup v2 is detected, as we don't support it yet. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * rootless, spec: allow resources with cgroup v2Giuseppe Scrivano2019-05-13
| | | | | | | | | | | | | | We were always raising an error when the rootless user attempted to setup resources, but this is not the case anymore with cgroup v2. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #3098 from mheon/fix_release_notesOpenShift Merge Robot2019-05-17
|\ \ | | | | | | Fix a typo in release notes, and bump README version
| * | Fix a typo in release notes, and bump README versionMatthew Heon2019-05-17
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #3149 from nalind/bump-storageOpenShift Merge Robot2019-05-17
|\ \ \ | |/ / |/| | Bump github.com/containers/storage to v1.12.7
| * | Bump github.com/containers/storage to v1.12.7Nalin Dahyabhai2019-05-17
|/ / | | | | | | Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | Merge pull request #3146 from vrothberg/fix-3145OpenShift Merge Robot2019-05-17
|\ \ | | | | | | remote: version: fix nil dereference
| * | remote: version: fix nil dereferenceValentin Rothberg2019-05-17
|/ / | | | | | | | | | | | | Fix a nil dereference by passing the PodmanCommand to GetRuntime(). Fixes: #3145 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #3091 from cevich/root_rootless_must_dieOpenShift Merge Robot2019-05-17
|\ \ | | | | | | Replace root-based rootless tests
| * | Replace root-based rootless testsChris Evich2019-05-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since CI automation is now executing all tests as a regular user, there is no need for root-based testing to run special rootless tests. Remove them. However, the root-based rootless tests did include one test for exercising the '--rootfs' option which is needed. Add a new general, and more through test to replace it - meaning it will be executed as root and non-root. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | Merge pull request #3140 from mheon/bump-1.3.1OpenShift Merge Robot2019-05-17
|\ \ \ | | | | | | | | Bump to v1.3.1
| * | | Bump gitvalidation epochMatthew Heon2019-05-16
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Bump to v1.3.2-devMatthew Heon2019-05-16
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | Bump to v1.3.1v1.3.1Matthew Heon2019-05-16
|/ / / | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #3141 from mheon/revert_3090OpenShift Merge Robot2019-05-16
|\ \ \ | | | | | | | | Revert "Add VarlinkCall.RequiresUpgrade() type and method"
| * | | Revert "Add VarlinkCall.RequiresUpgrade() type and method"Matthew Heon2019-05-16
|/ / / | | | | | | | | | | | | | | | | | | | | | This reverts commit bd3154fcf6a48b37cfde5d9b1226900cd863c0d9. Commit in question may be breaking upstream CI. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #3135 from mheon/release_notes_1.3.1OpenShift Merge Robot2019-05-16
|\ \ \ | | | | | | | | More release notes for 1.3.1
| * | | More release notesMatthew Heon2019-05-16
| | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3090 from jwhonce/wip/upgrade_linkOpenShift Merge Robot2019-05-16
|\ \ \ \ | | | | | | | | | | Add VarlinkCall.RequiresUpgrade() type and method
| * | | | Add VarlinkCall.RequiresUpgrade() type and methodJhon Honce2019-05-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Type varlinkapi.VarlinkCall currently only used as receiver for RequiresUpgrade() future helpers could be added to this type. RequiresUpgrade() verifies caller has given correct options to the call for the given operation. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #3121 from giuseppe/rootless-error-cniOpenShift Merge Robot2019-05-16
|\ \ \ \ \ | |_|_|/ / |/| | | | network: raise a clearer error when using CNI
| * | | | network: raise a clearer error when using CNIGiuseppe Scrivano2019-05-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | print a clearer error message when an unprivileged user attempts to create a network using CNI. Closes: https://github.com/containers/libpod/issues/3118 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #2969 from weirdwiz/masterOpenShift Merge Robot2019-05-16
|\ \ \ \ \ | | | | | | | | | | | | Add unshare to podman
| * | | | | Add unshare to podmanDivyansh Kamboj2019-05-16
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This command lets the user run a command in a new user namespace like `unshare -u`. It uses the implementation of unshare in buildah. ( fixes #1388 ) Signed-off-by: Divyansh Kamboj <kambojdivyansh2000@gmail.com>
* | | | | Merge pull request #3123 from mheon/release_notes_1.3.1OpenShift Merge Robot2019-05-16
|\ \ \ \ \ | | |_|/ / | |/| | | Release notes for 1.3.1
| * | | | Release notes for 1.3.1Matthew Heon2019-05-15
|/ / / / | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3127 from mheon/fix_start_raceOpenShift Merge Robot2019-05-16
|\ \ \ \ | | | | | | | | | | Ensure that start() in StartAndAttach() is locked
| * | | | Kill os.Exit() in tests, replace with assertsMatthew Heon2019-05-15
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Minor capitalization fix in ReadmeMatthew Heon2019-05-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Need this to re-trigger CI Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Add debug mode to Ginkgo, collect debug logs in CirrusMatthew Heon2019-05-15
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | Ensure that start() in StartAndAttach() is lockedMatthew Heon2019-05-14
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | StartAndAttach() runs start() in a goroutine, which can allow it to fire after the caller returns - and thus, after the defer to unlock the container lock has fired. The start() call _must_ occur while the container is locked, or else state inconsistencies may occur. Fixes #3114 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3089 from baude/splittestOpenShift Merge Robot2019-05-15
|\ \ \ \ | | | | | | | | | | split remote tests from distro tests
| * | | | split remote tests from distro testsbaude2019-05-13
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | We want the remote tests for our distributions to be tested in a different VM than the local tests. This allows for faster CI runs and easier debug as well as seperation of flakes. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3124 from mheon/remove_pod_lockOpenShift Merge Robot2019-05-15
|\ \ \ \ | | | | | | | | | | When removing pods, free their locks
| * | | | When removing pods, free their locksMatthew Heon2019-05-14
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | Without this we leak allocated locks, which is definitely not a good thing. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3128 from baude/eventssetdefaultOpenShift Merge Robot2019-05-15
|\ \ \ \ | |/ / / |/| | | set default event logger based on build tags
| * | | set default event logger based on build tagsbaude2019-05-14
|/ / / | | | | | | | | | | | | | | | | | | once the default event logger was removed from libpod.conf, we need to set the default based on whether the systemd build tag is used or not. Signed-off-by: baude <bbaude@redhat.com>
* | | Merge pull request #3096 from edsantiago/varlink_usageOpenShift Merge Robot2019-05-14
|\ \ \ | |_|/ |/| | varlink: fix usage message, URI is now optional
| * | varlink: fix usage message, URI is now optionalEd Santiago2019-05-13
| | | | | | | | | | | | | | | | | | | | | 38199f4c made the URI argument to podman-varlink optional. Fix the usage message to indicate this. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #3116 from mheon/fix_libpod_confOpenShift Merge Robot2019-05-14
|\ \ \ | | | | | | | | Fix libpod.conf option ordering
| * | | Fix libpod.conf option orderingMatthew Heon2019-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding the journald configuration broke decoding the default libpod.conf, because it was after the [runtimes] table (and was being interpreted as a member of the table, and not the larger config). We can't easily fix this on the TOML side, so our best bet is to move it above the table and add a comment to try and make sure this doesn't happen again. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | Merge pull request #3101 from giuseppe/make-events-uppercaseOpenShift Merge Robot2019-05-13
|\ \ \ \ | |/ / / |/| | | podman: fix events help string
| * | | podman: fix events help stringGiuseppe Scrivano2019-05-13
| | |/ | |/| | | | | | | | | | | | | make it uppercase as all the other ones. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #3083 from openSUSE/systemd-optionalOpenShift Merge Robot2019-05-13
|\ \ \ | | | | | | | | Add `systemd` build tag