summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* podman container clone -fcdoern2022-04-21
| | | | | | | | add the option -f to force remove the parent container if --destory is specified resolves #13917 Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Merge pull request #13934 from cevich/fix_debugOpenShift Merge Robot2022-04-20
|\ | | | | Fix e2e tests referencing generic env. var.
| * Fix e2e tests referencing generic env. var.Chris Evich2022-04-20
|/ | | | | | | | | | | Use of `$DEBUG` is highly likely to clash. Fortunately this one is in a very specific/special context, so a rename fix should be perfectly adequate. See also https://github.com/containers/automation/pull/96 and https://github.com/containers/podman/issues/13932 Signed-off-by: Chris Evich <cevich@redhat.com>
* Merge pull request #13929 from Luap99/ipv6-slirpOpenShift Merge Robot2022-04-20
|\ | | | | slirp4netns: actually make ipv6 default
| * slirp4netns: actually make ipv6 defaultPaul Holzinger2022-04-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We already have ipv6 enabled as default via the containers.conf setting. However the documentation did not reflect this. Also if no options were set in contianers.conf it would have ipv6 disabled. We can now remove the extra option from containers.conf. Also fix another outdated option description for host.containers.internal and add that the options can also be set in contianers.conf. [NO NEW TESTS NEEDED] Fixes #13914 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #13835 from vrothberg/run-1436OpenShift Merge Robot2022-04-20
|\ \ | | | | | | benchmarking Podman: proof of concept
| * | benchmarking Podman: proof of conceptValentin Rothberg2022-04-20
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a proof of concept for benchmarking Podman. The benchmarks are implemented by means of the end-to-end test suite but hidden behind a `benchmarks` build tag. Running `make localbenchmarks` will run `test/e2e` with the specific build tag and set ginkgo's "focus" to the specific "Podman Benchmark Suite" to only run this spec and skip all others. ginkgo will print a report before terminating listing the CPU and memory stats for each benchmark. New benchmarks can easily be added via the `newBenchmark` function that also supports adding an `init()` function to each benchmark which allows for performing certain setups for the specific benchmark. For instance, benchmarking `podman start` requires creating a container beforehand. Podman may be called more than once in the main function of a benchmark but note that the displayed memory consumption is then a sum of all Podman invocations. The memory consumption is collected via `/usr/bin/time`. A benchmark's report is split into CPU and memory as displayed below: ``` [CPU] podman images: Fastest Time: 0.146s Slowest Time: 0.187s Average Time: 0.180s ± 0.015s [MEM] podman images: Smallest: 41892.0KB Largest: 42792.0KB Average: 42380.7KB ± 286.4KB ``` Note that the benchmarks are not wired into the CI yet. They are meant as a proof of concept. More benchmarks and the plumbing into CI will happen in a later change. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | Merge pull request #13928 from flouthoc/healthcheck-defaultsOpenShift Merge Robot2022-04-20
|\ \ | | | | | | healthcheck: set default healthcheck `Interval` if not specified in image
| * | healthcheck: set default healthcheck Interval if not specified in imageAditya R2022-04-20
| |/ | | | | | | | | | | | | Set appropriate defaults for `--interval` when processing a Containerfile with build format as docker. Signed-off-by: Aditya R <arajan@redhat.com>
* | Merge pull request #13885 from n1hility/fix-wsl-rootlessOpenShift Merge Robot2022-04-20
|\ \ | |/ |/| Respect "Rootful" when starting WSL API Forwarding
| * Respect "Rootful" when starting WSL API ForwardingJason T. Greene2022-04-15
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Merge pull request #13921 from rhatdan/renameOpenShift Merge Robot2022-04-19
|\ \ | | | | | | Add missing events to podman-events man page
| * | Add missing events to podman-events man pageDaniel J Walsh2022-04-19
| | | | | | | | | | | | | | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #13890 from fulminemizzega/mainOpenShift Merge Robot2022-04-19
|\ \ \ | |/ / |/| | [CI:DOCS] Fix selinux docs for kubernetes yaml
| * | Fix typo in generate kube docs for selinux labelingFederico Rizzo2022-04-15
| | | | | | | | | | | | Signed-off-by: Federico Rizzo <fulminemizzega@users.noreply.github.com>
| * | Correct play kube docs for selinux labelingFederico Rizzo2022-04-15
| | | | | | | | | | | | Signed-off-by: Federico Rizzo <fulminemizzega@users.noreply.github.com>
* | | Merge pull request #13839 from cdoern/swapOpenShift Merge Robot2022-04-19
|\ \ \ | | | | | | | | Translate Memory Limit to Swap in API
| * | | Translate Memory Limit to Swap in APIcdoern2022-04-18
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | in specgen, CLI path uses the given memory limit to define the swap value (if not already specified) add a route to this piece of code from within the api handlers resolves #13145 Signed-off-by: cdoern <cdoern@redhat.com>
* | | Merge pull request #13910 from edsantiago/ultra_minor_message_fixOpenShift Merge Robot2022-04-18
|\ \ \ | | | | | | | | [CI:DOCS] manpage vs --help checker: better error messages
| * | | manpage vs --help checker: better error messagesEd Santiago2022-04-18
|/ / / | | | | | | | | | | | | | | | Use quotes to indicate the command, and remove some duplication Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #13898 from baude/machinelistquietOpenShift Merge Robot2022-04-18
|\ \ \ | | | | | | | | Add --quiet to machine ls
| * | | Add --quiet to machine lsBrent Baude2022-04-16
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The podman machine ls command would benefit from a --quiet flag which would only print the machine names without the extra information. It also implies --noheader as well. This can be helpful for scripting with the podman cli. Signed-off-by: Brent Baude <bbaude@redhat.com> [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #13865 from rhatdan/VENDOROpenShift Merge Robot2022-04-16
|\ \ \ | | | | | | | | Update vendor of storage,common
| * | | Update vendor of storage,commonDaniel J Walsh2022-04-14
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #13838 from bwduncan/patch-1OpenShift Merge Robot2022-04-16
|\ \ \ \ | | | | | | | | | | [CI:DOCS] Update troubleshooting.md
| * | | | Update troubleshooting.mdbwduncan2022-04-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Consistent code block highlighting - Minor spelling, formatting. Signed-off-by: Bruce Duncan <bwduncan@gmail.com>
* | | | | Merge pull request #13583 from rhatdan/ipcOpenShift Merge Robot2022-04-16
|\ \ \ \ \ | |_|_|/ / |/| | | | Add support for ipc namespace modes "none, private, sharable"
| * | | | Add support for ipc namespace modes "none, private, sharable"Daniel J Walsh2022-04-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: #13265 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | Merge pull request #13849 from baude/defaultvolumessOpenShift Merge Robot2022-04-15
|\ \ \ \ \ | | | | | | | | | | | | Mount $HOME:$HOME by default in podman machine init
| * | | | | Add container.conf default volume to initBrent Baude2022-04-14
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | containers.conf now has a default volumes field for podman machine. this pr inserts those values as the default volumes in init. Signed-off-by: Brent Baude <bbaude@redhat.com> [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | | Merge pull request #13641 from nicrowe00/logfileOpenShift Merge Robot2022-04-15
|\ \ \ \ \ | | | | | | | | | | | | Add log rotation based on log size
| * | | | | Add log rotation based on log sizeNiall Crowe2022-04-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add new functions to logfile.go for rotating and truncating the events log file once the log file and its contents exceed the maximum size limit while keeping 50% of the log file's content Also add tests to verify log rotation and truncation Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | | | Merge pull request #13868 from cdoern/cloneSwapOpenShift Merge Robot2022-04-15
|\ \ \ \ \ \ | |_|_|_|_|/ |/| | | | | Fix Memory Swappiness passing in Container Clone
| * | | | | Fix Memory Swappiness passing in Container Clonecdoern2022-04-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `DefineCreateFlags` was excluding clone from using the memory-swappiness flag leading the value to be zero when our deafult is -1. Rearrange the if/else to give clone these memory related options resolves #13856 Signed-off-by: cdoern <cdoern@redhat.com>
* | | | | | Merge pull request #13616 from giuseppe/passwd-entryOpenShift Merge Robot2022-04-14
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | run, create: add --passwd-entry
| * | | | | run, create: add --passwd-entryGiuseppe Scrivano2022-04-14
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It allows to customize the entry that is written to the `/etc/passwd` file when --passwd is used. Closes: https://github.com/containers/podman/issues/13185 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | Merge pull request #13874 from vrothberg/test-for-CVE-2022-1227OpenShift Merge Robot2022-04-14
|\ \ \ \ \ | | | | | | | | | | | | add a regression test for CVE-2022-1227
| * | | | | add a regression test for CVE-2022-1227Valentin Rothberg2022-04-14
|/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | Will also be included in the upcoming backports. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | | Merge pull request #13866 from edsantiago/batsOpenShift Merge Robot2022-04-14
|\ \ \ \ \ | | | | | | | | | | | | System tests: Usage checks: better error messages
| * | | | | System tests: Usage checks: better error messagesEd Santiago2022-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Current error messages are really awful, and cause great suffering every time someone adds a new subcommand. Let's see if these are better. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | | | Merge pull request #13857 from rhatdan/logsOpenShift Merge Robot2022-04-14
|\ \ \ \ \ \ | | | | | | | | | | | | | | Fix --tail log on restart problem
| * | | | | | Fix --tail log on restart problemDaniel J Walsh2022-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --tail=1 is not working f you restart a container with journald logging. We see the exit status and then call into the logging a second time causing all of the logs to print. Removing the tail log on exited seems to fix the problem. Fixes: https://github.com/containers/podman/issues/13098 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #13872 from vrothberg/revert-sizeOpenShift Merge Robot2022-04-14
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | Revert "images --size"
| * | | | | | Revert "images --size"Valentin Rothberg2022-04-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit e133a06d2f4a3e94bfbd60b647046f2f515c9c24. @nalind found a proper fix in c/storage [1] to address the performance issue. So we really don't need the flag anymore. Note the flag has never made it into any release. [1] https://github.com/containers/storage/commit/d76b3606fc9ca975bf436379f91105f0fac1555f Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | | | | | Merge pull request #13867 from rhatdan/commonOpenShift Merge Robot2022-04-14
|\ \ \ \ \ \ \ | | | | | | | | | | | | | | | | Update containers/common to main branch
| * | | | | | | Update containers/common to main branchDaniel J Walsh2022-04-13
| | |_|/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Want to add support for Machine.Volumes Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | | | Merge pull request #13863 from mheon/stopped_can_attachOpenShift Merge Robot2022-04-14
|\ \ \ \ \ \ \ | |/ / / / / / |/| | | | | | Allow HTTP attach to stopped containers
| * | | | | | Allow HTTP attach to stopped containersMatthew Heon2022-04-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There's a potential race condition where we attempt to attach to a container immediately after it's been stopped, but before the cleanup process has run on it. The existing code doesn't allow an attach to containers in the Stopped state (cleanup process has not run) but does allow an attach to containers in the Exited state (cleanup process has run). This doesn't make very much sense and there's no technical reason to restrict attach to only Exited containers, so allow attaching to Stopped containers. [NO NEW TESTS NEEDED] Testing this is very racy - we need to get in before the cleanup process runs, which isn't really deterministic when we're invoked from a script - like the CI tests. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | | | | Merge pull request #13844 from Luap99/compat-netmodeOpenShift Merge Robot2022-04-13
|\ \ \ \ \ \ \ | |_|_|/ / / / |/| | | | | | compat api: use network mode bridge as default
| * | | | | | compat api: use network mode bridge as defaultPaul Holzinger2022-04-13
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For better docker compatibility we should use the bridge network mode as default for rootless. This was already done previously but commit 535818414c2a introduced this regression in v4.0. Since the apiv2 test are only run rootful we cannot catch this problem in CI. Signed-off-by: Paul Holzinger <pholzing@redhat.com>