summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Attempt manual removal of CNI IP allocations on refreshMatthew Heon2020-03-19
| | | | | | | | | | | | | | We previously attempted to work within CNI to do this, without success. So let's do it manually, instead. We know where the files should live, so we can remove them ourselves instead. This solves issues around sudden reboots where containers do not have time to fully tear themselves down, and leave IP address allocations which, for various reasons, are not stored in tmpfs and persist through reboot. Fixes #5433 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #5088 from mheon/begin_exec_reworkOpenShift Merge Robot2020-03-19
|\ | | | | Begin exec rework
| * Add inspect for exec sessionsMatthew Heon2020-03-18
| | | | | | | | | | | | | | This produces detailed information about the configuration of an exec session in a format suitable for the new HTTP API. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Add structure for new exec session tracking to DBMatthew Heon2020-03-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As part of the rework of exec sessions, we need to address them independently of containers. In the new API, we need to be able to fetch them by their ID, regardless of what container they are associated with. Unfortunately, our existing exec sessions are tied to individual containers; there's no way to tell what container a session belongs to and retrieve it without getting every exec session for every container. This adds a pointer to the container an exec session is associated with to the database. The sessions themselves are still stored in the container. Exec-related APIs have been restructured to work with the new database representation. The originally monolithic API has been split into a number of smaller calls to allow more fine-grained control of lifecycle. Support for legacy exec sessions has been retained, but in a deprecated fashion; we should remove this in a few releases. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * Populate ExecSession with all required fieldsMatthew Heon2020-03-18
| | | | | | | | | | | | | | | | | | As part of the rework of exec sessions, we want to split Create and Start - and, as a result, we need to keep everything needed to start exec sessions in the struct, not just the bare minimum for tracking running ones. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5561 from jwhonce/wip/entitiesOpenShift Merge Robot2020-03-19
|\ \ | | | | | | [CI:DOCS] Add guidelines for writing podman V2 CLI commands
| * | Add guildline for writing podman V2 CLI commandsJhon Honce2020-03-19
| | | | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #5558 from mheon/bump-1.8.2OpenShift Merge Robot2020-03-19
|\ \ \ | |/ / |/| | Bump to v1.8.2
| * | Bump to v1.8.3-devMatthew Heon2020-03-19
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | Bump to v1.8.2v1.8.2Matthew Heon2020-03-19
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #5557 from baude/removebinaryOpenShift Merge Robot2020-03-19
|\ \ \ | | | | | | | | [CI:DOCS]remove podmanv2 binary
| * | | [CI:DOCS]remove podmanv2 binaryBrent Baude2020-03-19
|/ / / | | | | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Merge pull request #5556 from mheon/release_notes_182_finalOpenShift Merge Robot2020-03-19
|\ \ \ | |/ / |/| | [CI:DOCS] Update release notes for v1.8.2 final release
| * | Update release notes for v1.8.2 final releaseMatthew Heon2020-03-19
| | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #5546 from jwhonce/wip/entitiesOpenShift Merge Robot2020-03-19
|\ \ \ | | | | | | | | V2 podman command
| * | | V2 podman commandJhon Honce2020-03-18
| | | | | | | | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #5554 from baude/compatfixOpenShift Merge Robot2020-03-19
|\ \ \ \ | |_|/ / |/| | | fix reported compat issues
| * | | fix reported compat issuesBrent Baude2020-03-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | honor -1 in in list containers for compatibility mode. it is commonly used to indicate no limit. change the json id parameter to Id in container create. Fixes: #5553 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5465 from edsantiago/man_page_option_checkerOpenShift Merge Robot2020-03-19
|\ \ \ \ | | | | | | | | | | New test: man page cross-ref against --help
| * | | | New test: man page cross-ref against --helpEd Santiago2020-03-18
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New hack/xref-helpmsgs-manpages script, added to CI 'gate' task, runs 'podman [subcommand] --help' and cross-references against man pages in docs/source/markdown/podman*.1.md See #5453 and #5460 for instances of the problems the script has found. The careful reader will find an alarming number of special-case bypasses. These are a tradeoff I am making: to get perfect coverage with no handwaving, it would be necessary to make drastic changes to some man pages, and I believe those would be counterproductive. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #5551 from rhatdan/windowsOpenShift Merge Robot2020-03-19
|\ \ \ \ | | | | | | | | | | Don't include SUBDIR in windows.zip
| * | | | Don't include SUBDIR in windows.zipDaniel J Walsh2020-03-19
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | The zip file should returne podman.exe plus the documentation directory. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #5445 from sujil02/podFilter-newOpenShift Merge Robot2020-03-19
|\ \ \ \ | |_|_|/ |/| | | Filter pods through pod list api
| * | | Filter pods through pod list apiSujil022020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactored current filter pods flow through the shared pod functions so filter pod functionalities can be shared between api and cmd. Signed-off-by: Sujil02 <sushah@redhat.com>
* | | | Merge pull request #5550 from giuseppe/rootless-hidepidOpenShift Merge Robot2020-03-19
|\ \ \ \ | |_|/ / |/| | | rootless: fix usage with hidepid=1
| * | | rootless: fix usage with hidepid=1Giuseppe Scrivano2020-03-19
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | when /proc is mounted with hidepid=1 a process doesn't see processes from the outer user namespace. This causes an issue reading the cmdline from the parent process. To address it, always read the command line from /proc/self instead of using /proc/PARENT_PID. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #5542 from rhatdan/vendorOpenShift Merge Robot2020-03-18
|\ \ \ | | | | | | | | Vendor in containers/buildah v1.14.3
| * | | Vendor in containers/buildah v1.14.3Daniel J Walsh2020-03-18
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Merge pull request #5540 from jwhonce/issues/5531OpenShift Merge Robot2020-03-18
|\ \ \ \ | | | | | | | | | | Reduce CPU usage when --timeout=0
| * | | | Reduce CPU usage when --timeout=0Jhon Honce2020-03-18
| | |_|/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add second go routine for when a Timer is not needed. * goimports updated some project files Fixes #5531 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | Merge pull request #5544 from baude/apiv2serveswaggerOpenShift Merge Robot2020-03-18
|\ \ \ \ | | | | | | | | | | serve swagger when present
| * | | | serve swagger when presentBrent Baude2020-03-18
| | |/ / | |/| | | | | | | | | | | | | | | | | | register the swagger endpoint and add some error handling for when the swagger file does not exist Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5543 from edsantiago/swagger_fixesOpenShift Merge Robot2020-03-18
|\ \ \ \ | |/ / / |/| | | swagger: more consistency fixes
| * | | swagger: more consistency fixesEd Santiago2020-03-18
|/ / / | | | | | | | | | | | | | | | Some new 'manifests' entries have the wrong {name} parameter Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #5480 from vrothberg/auto-updatesOpenShift Merge Robot2020-03-18
|\ \ \ | |/ / |/| | auto update containers in systemd units
| * | auto updatesValentin Rothberg2020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to auto-update containers running in systemd units as generated with `podman generate systemd --new`. `podman auto-update` looks up containers with a specified "io.containers.autoupdate" label (i.e., the auto-update policy). If the label is present and set to "image", Podman reaches out to the corresponding registry to check if the image has been updated. We consider an image to be updated if the digest in the local storage is different than the one of the remote image. If an image must be updated, Podman pulls it down and restarts the container. Note that the restarting sequence relies on systemd. At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT" environment variables and stores it verbatim in the container's label. This variable is now set by all systemd units generated by `podman-generate-systemd` and is set to `%n` (i.e., the name of systemd unit starting the container). This data is then being used in the auto-update sequence to instruct systemd (via DBUS) to restart the unit and hence to restart the container. Note that this implementation of auto-updates relies on systemd and requires a fully-qualified image reference to be used to create the container. This enforcement is necessary to know which image to actually check and pull. If we used an image ID, we would not know which image to check/pull anymore. Fixes: #3575 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | pkg/systemd: add dbus supportValentin Rothberg2020-03-17
| | | | | | | | | | | | | | | | | | | | | Move the dbus-connection code from libpod's healthcheck to pkg/systemd to allow for sharing the logic. Needed for the auto-updates work. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #5532 from baude/filetimeoutflakeOpenShift Merge Robot2020-03-18
|\ \ \ | | | | | | | | fix timeout file flake
| * | | Fix vendoring on masterMatthew Heon2020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It looks like something snuck in and now make vendor fails on master. This should make things happy. Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | fix timeout file flakeBrent Baude2020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | this is a temporary fix for the flake that has been troubling us. once conmon is in fedora 30 and 31 stable, we can remove this fix. the images will just need to be rebuilt. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #5533 from mheon/bump-1.8.2-rc1OpenShift Merge Robot2020-03-18
|\ \ \ \ | | | | | | | | | | Bump to v1.8.2-RC1
| * | | | Bump to v1.8.2-devMatthew Heon2020-03-17
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
| * | | | Bump to v1.8.2-rc1v1.8.2-rc1Matthew Heon2020-03-17
| | |_|/ | |/| | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | Merge pull request #5536 from giuseppe/avoid-conmon-zombieOpenShift Merge Robot2020-03-18
|\ \ \ \ | |/ / / |/| | | podman: avoid conmon zombie on exec
| * | | podman: avoid conmon zombie on execGiuseppe Scrivano2020-03-18
| | |/ | |/| | | | | | | | | | | | | | | | conmon forks itself, so make sure we reap the first process and not leave a zombie process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #5528 from mheon/fix_master_vendorOpenShift Merge Robot2020-03-17
|\ \ \ | |_|/ |/| | Fix vendoring on master
| * | Fix vendoring on masterMatthew Heon2020-03-17
| | | | | | | | | | | | | | | | | | | | | It looks like something snuck in and now make vendor fails on master. This should make things happy. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #5529 from mheon/release_notes_182_rc1OpenShift Merge Robot2020-03-17
|\ \ \ | |/ / |/| | [CI:DOCS] Update release notes for v1.8.2-RC1
| * | Update release notes for v1.8.2-rc1Matthew Heon2020-03-17
|/ / | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5524 from rhatdan/vendorOpenShift Merge Robot2020-03-17
|\ \ | | | | | | Update containers/storage to v1.16.5