| Commit message (Collapse) | Author | Age |
|
|
|
|
|
| |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
#13078 follow-up
|
|\
| |
| | |
[CI:DOCS] podman network: add documentation for netavark
|
|/
|
|
|
|
|
| |
Add some docs about the different network backends. Also remove the CNI
word from network since we refer to either a netavark or CNI config.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
ignition: propagate proxy settings from a host into a vm
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Set proxy settings (such as `HTTP_PROXY`, and others)
for the whole guest OS with setting up `DefaultEnvironment`
with a `systemd` configuration file `default-env.conf`,
a `profile.d` scenario file - `default-env.sh` and
a `environment.d` configuration file `default-env.conf`
The **actual** environment variables are read by podman
at a start, then they are encrypted with base64 into
a single string and after are provided into a VM through
QEMU Firmware Configuration (fw_cfg) Device
Inside a VM a systemd service `envset-fwcfg.service`
reads the providead encrypted string from fw_cfg, decrypts
and then adds to the files
- `/etc/systemd/system.conf.d/default-env.conf`
- `/etc/profile.d/default-env.sh`
- `/etc/environment.d/default-env.conf`
At the end this service execute `systemctl daemon-reload`
to propagate new variables for systemd manager
[NO NEW TESTS NEEDED]
Closes #13168
Signed-off-by: esendjer <esendjer@gmail.com>
|
|\ \
| | |
| | | |
create: Fix key=value annotation in the flag output
|
| | |
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Morten Linderud <morten@linderud.pw>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
eriksjolund/troubleshooting_userns_keep_id_uidmap_gidmap
[CI:DOCS] Add --userns=keep-id, --uidmap, --gidmap troubleshooting
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Add troubleshooting advice: "Container creates a file that is
not owned by the user's regular UID". The solution involves
using the options --uidmap and --gidmap.
* Add troubleshooting advice: "Passed-in devices or files can't be
accessed in rootless container (UID/GID mapping problem)".
The general solution involves using the options --uidmap and
--gidmap. Sometimes --userns=keep-id could be used.
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Temporarily pull machine images from side repo
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Until podman4 is in the fcos trees, we need to pull the machine images
from a side repository. There is a hard coded bit that forces the
side repo download right now. Simple comment or removal of the bit will
revert to normal download behavior.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
enable netavark specific tests
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These are copies of the CNI tests with modifications wherever
neccessary.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \ \ \
| |/ / /
|/| | | |
Fix checkpoint/restore pod tests
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Checkpoint/restore pod tests are not running with an older runc and now
that runc 1.1.0 appears in the repositories it was detected that the
tests were failing. This was not detected in CI as CI was not using runc
1.1.0 yet.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Make sure building with relative paths work correctly.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes: https://github.com/containers/podman/issues/12763
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Add 409 response to swagger godoc
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When attempting to create a network with a name that already exists,
a 409 status code will be returned
[NO NEW TESTS NEEDED]
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Make the hello image leaner
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[NO TESTS NEEDED]
Change from using a bash script to a c file
for running the image. With thanks to discussions
with @afbjorklund, the Containerfile was rigged
up to make the final image be only KB's in size.
Also add USER 1000 to make the image test/run as
non-root, and update the README.md
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] troubleshooting: add doc for ssh into a container
|
| |/
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \
| | |
| | | |
Modify /etc/resolv.conf when connecting/disconnecting
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The `podman network connect` and `podman network disconnect`
commands give containers access to different networks than the
ones they were created with; these networks can also have DNS
servers associated with them. Until now, however, we did not
modify resolv.conf as network membership changed.
With this PR, `podman network connect` will add any new
nameservers supported by the new network to the container's
/etc/resolv.conf, and `podman network disconnect` command will do
the opposite, removing the network's nameservers from
`/etc/resolv.conf`.
Fixes #9603
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
helloimage: header symmetry
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Make the header symmetric by adding a whitespace before the `!` on the
righthand side.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add version guard to libpod API endpoints
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* Ensure meaningful behaviour when called with /v3.x.x semantics
* Change return code to 409 from 500 when client attempts to use an
existing network name
* Update API bats test runner to support /v4.0.0 endpoints by default
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Bump c/common to v0.47.4
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
As the title says.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
|
|\ \ \
| | | |
| | | | |
Do not set the network config dir to cni plugin dir
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I do not know why this code was added but it is wrong. We should never
use a plugin dir as config dir. Also this will fail for netavark. The
correct default will be set in c/common so podman should not touch it.
[NO NEW TESTS NEEDED]
Ref #13183
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| |/ /
|/| | |
[CI:DOCS] Show API doc for several versions
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Right now it is not possible to look at the API version for a specific
version. docs.podman.io always show the latest version from the main
branch. This is not want many users want so they now have the ability to
select a different version.
Fixes #12796
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Add schema for ImageCreate 200 response.
|
| | |
| | |
| | |
| | | |
Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com>
|
|\ \ \
| |_|/
|/| | |
idmap should be able to be specified along with other options
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED] crun is not available everywhere to test idmap.
Kernel might not be recent enough and not all file systems support
idmap option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | |
| | |
| | | |
containers/dependabot/go_modules/github.com/docker/distribution-2.8.0incompatible
Bump github.com/docker/distribution from 2.7.1+incompatible to 2.8.0+incompatible
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.7.1+incompatible to 2.8.0+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.7.1...v2.8.0)
---
updated-dependencies:
- dependency-name: github.com/docker/distribution
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
|\ \ \
| | | |
| | | | |
fix: Multiplication of durations
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
'killContainerTimeout' is already 5 second
[NO NEW TESTS NEEDED]
Signed-off-by: myml <wurongjie1@gmail.com>
|
|\ \ \
| |/ /
|/| | |
move rootless netns slirp4netns process to systemd user.slice
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When running podman inside systemd user units, it is possible that
systemd kills the rootless netns slirp4netns process because it was
started in the default unit cgroup. When the unit is stopped all
processes in that cgroup are killed. Since the slirp4netns process is
run once for all containers it should not be killed. To make sure
systemd will not kill the process we move it to the user.slice.
Fixes #13153
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \
| | | |
| | | | |
compat: endpoint `/build` must set header `content type` as `application/json` in response header.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
reponse
Lot of clients are expecting proper `Content-type: application/json`
configured in response headers of `/build` compat api. Following commit
fixes that.
Fixes issues where code is setting header field after writing header
which is wrong. We must set `content-type` before we write and flush
http header.
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Cleanup: remove obsolete/misleading bug workaround
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Followup to #13129: remove a no-longer-necessary workaround
for a healthcheck bug.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
healthcheck, libpod: Read healthcheck event output from os pipe
|