aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Bump to v1.4.0v1.4.0Matthew Heon2019-06-07
| | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #3281 from mheon/release_notes_1.4.0_realMatthew Heon2019-06-07
|\ | | | | Update release notes for v1.4.0
| * Update release notes for v1.4.0Matthew Heon2019-06-07
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3280 from mheon/release_notes_1.4.0Matthew Heon2019-06-07
|\ | | | | Update release notes for v1.4.0
| * Update release notes for v1.4.0Matthew Heon2019-06-07
|/ | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3271 from ↵OpenShift Merge Robot2019-06-07
|\ | | | | | | | | giuseppe/rootless-skip-ns-resolution-on-old-kernels rootless: skip NS_GET_PARENT on old kernels
| * rootless: skip NS_GET_PARENT on old kernelsGiuseppe Scrivano2019-06-06
| | | | | | | | | | | | | | | | | | | | | | | | on old kernels the ioctl NS_GET_PARENT is not available. Handle the error code and immediately return the same fd. It should be fine now that we use the namespace resolution using the conmon pid, so the namespace parent resolution is just a safety measure. Closes: https://github.com/containers/libpod/issues/2968 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Merge pull request #2272 from adrianreber/migrationOpenShift Merge Robot2019-06-07
|\ \ | | | | | | Add support to migrate containers
| * | migration: add possibility to restore a container with a new nameAdrian Reber2019-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The option to restore a container from an external checkpoint archive (podman container restore -i /tmp/checkpoint.tar.gz) restores a container with the same name and same ID as id had before checkpointing. This commit adds the option '--name,-n' to 'podman container restore'. With this option the restored container gets the name specified after '--name,-n' and a new ID. This way it is possible to restore one container multiple times. If a container is restored with a new name Podman will not try to request the same IP address for the container as it had during checkpointing. This implicitly assumes that if a container is restored from a checkpoint archive with a different name, that it will be restored multiple times and restoring a container multiple times with the same IP address will fail as each IP address can only be used once. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Also download container images during restoreAdrian Reber2019-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If restoring a container from a checkpoint it was necessary that the image the container is based was already available (podman pull). This commit adds the image download to podman container restore if it does not exist. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Include container migration into tutorialAdrian Reber2019-06-03
| | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Add man-pages for container migrationAdrian Reber2019-06-03
| | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Added bash completion for container migrationAdrian Reber2019-06-03
| | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Add test case for container migrationAdrian Reber2019-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The difference between container checkpoint/restore and container migration is that for migration the container which was checkpointed must not exist during restore. To simulate migration the container is remove ('podman rm -fa') before being restored. The migration test does following steps: * podman run * podman container checkpoint -l -e /tmp/checkpoint.tar.gz * podman rm -fa * podman container restore -i /tmp/checkpoint.tar.gz Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Added support to migrate containersAdrian Reber2019-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds an option to the checkpoint command to export a checkpoint into a tar.gz file as well as importing a checkpoint tar.gz file during restore. With all checkpoint artifacts in one file it is possible to easily transfer a checkpoint and thus enabling container migration in Podman. With the following steps it is possible to migrate a running container from one system (source) to another (destination). Source system: * podman container checkpoint -l -e /tmp/checkpoint.tar.gz * scp /tmp/checkpoint.tar.gz destination:/tmp Destination system: * podman pull 'container-image-as-on-source-system' * podman container restore -i /tmp/checkpoint.tar.gz The exported tar.gz file contains the checkpoint image as created by CRIU and a few additional JSON files describing the state of the checkpointed container. Now the container is running on the destination system with the same state just as during checkpointing. If the container is kept running on the source system with the checkpoint flag '-R', the result will be that the same container is running on two different hosts. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Added helper functions for container migrationAdrian Reber2019-06-03
| | | | | | | | | | | | | | | | | | | | | | | | This adds a couple of function in structure members needed in the next commit to make container migration actually work. This just splits of the function which are not modifying existing code. Signed-off-by: Adrian Reber <areber@redhat.com>
| * | Fix restore options help text and commentsAdrian Reber2019-06-03
| | | | | | | | | | | | Signed-off-by: Adrian Reber <areber@redhat.com>
* | | Merge pull request #3268 from cevich/meta_track_repoOpenShift Merge Robot2019-06-06
|\ \ \ | | | | | | | | Cirrus: Track VM Image calling GCE project
| * | | Cirrus: Track VM Image calling GCE projectChris Evich2019-06-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With multiple `containers` projects updating VM Image metadata, it would be very difficult to discover which Cirrus-CI setup was responsible. Add the GCE project name to the list of metadata labels to update when this container runs. This will give more context as to which images are currently in use. Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3272 from mheon/skip_hc_flakeOpenShift Merge Robot2019-06-06
|\ \ \ \ | |_|_|/ |/| | | Disable a very badly flaking healthcheck test
| * | | Disable a very badly flaking healthcheck testMatthew Heon2019-06-06
|/ / / | | | | | | | | | | | | | | | We'll reenable once the flake is fixed. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #3256 from llchan/rootless-init-pathOpenShift Merge Robot2019-06-05
|\ \ \ | |/ / |/| | Inherit rootless init_path from system libpod.conf
| * | Inherit rootless init_path from system libpod.confLawrence Chan2019-06-03
| | | | | | | | | | | | Signed-off-by: Lawrence Chan <element103@gmail.com>
* | | Merge pull request #3265 from baude/noremotecOpenShift Merge Robot2019-06-05
|\ \ \ | | | | | | | | remove -c for podman remote global options
| * | | remove -c for podman remote global optionsbaude2019-06-04
| | | | | | | | | | | | | | | | | | | | | | | | it conflicts with commit Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3259 from cevich/cull_f28OpenShift Merge Robot2019-06-05
|\ \ \ \ | |/ / / |/| | | Cirrus: Disable testing on F28 (EOL)
| * | | Cirrus: Disable testing on F28 (EOL)Chris Evich2019-06-04
| | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | Merge pull request #3231 from baude/remoteclientconfOpenShift Merge Robot2019-06-04
|\ \ \ \ | | | | | | | | | | podman-remote.conf enablement
| * | | | podman-remote.conf enablementbaude2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability for the podman remote client to use a configuration file which describes its connections. users can now define a connection the configuration and then call it by name like: podman-remote -c connection1 and the destination and user will be derived from the configuration file. if no -c is provided, we look for a connection in the configuration file designated as 'default'. If the configuration file has only one connection, it will be deemed the 'default'. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #3260 from TomSweeneyRedHat/dev/tsweeney/buildah1.8.3OpenShift Merge Robot2019-06-04
|\ \ \ \ \ | |_|/ / / |/| | | | Vendor Buildah v1.8.3
| * | | | Vendor Buildah v1.8.3TomSweeneyRedHat2019-06-04
|/ / / / | | | | | | | | | | | | | | | | | | | | Vendor in Buildah v1.8.3 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | Merge pull request #3225 from haraldh/virtwriterOpenShift Merge Robot2019-06-04
|\ \ \ \ | | | | | | | | | | pkg/varlinkapi/virtwriter/virtwriter.go: simplify func Reader
| * | | | pkg/varlinkapi/virtwriter/virtwriter.go: simplify func ReaderHarald Hoyer2019-06-03
| | | | | | | | | | | | | | | | | | | | Signed-off-by: Harald Hoyer <harald@redhat.com>
* | | | | Merge pull request #3249 from baude/testtimingOpenShift Merge Robot2019-06-04
|\ \ \ \ \ | | | | | | | | | | | | fix timing issues with some tests
| * | | | | fix timing issues with some testsbaude2019-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | some integration tests are inherently problematic due to timing issues. one such case is running a valid health check on container that runs nginx. while the container may be running, nginx may not have finished executing itself and therefore the healthcheck fails. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3251 from giuseppe/join-block-signalsOpenShift Merge Robot2019-06-04
|\ \ \ \ \ \ | | | | | | | | | | | | | | rootless: block signals on re-exec
| * | | | | | rootless: block signals on re-execGiuseppe Scrivano2019-06-03
| |/ / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we are allowed to use only signal safe functions between a fork of a multithreaded application and the next execve. Since setenv(3) is not signal safe, block signals. We are already doing it for creating a new namespace. This is mostly a cleanup since reexec_in_user_namespace_wait is used only only to join existing namespaces when we have not a pause.pid file. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | | | Merge pull request #3156 from TomSweeneyRedHat/dev/tsweeney/podmanimageOpenShift Merge Robot2019-06-04
|\ \ \ \ \ \ | |_|_|_|/ / |/| | | | | Create Dockerfiles for podmanimage
| * | | | | Create Dockerfiles for podmanimageTomSweeneyRedHat2019-06-01
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Dockerfiles necessary to create the stable, testing and upstream container images on quay.io/user/podman. Once this is commited, I will set up those images such that they will be built with every git commit. stable - Latest Fedora release image testing - Latest release on bohdi Fedora testing upstream - Latest version in upstream podman Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | | | | Merge pull request #3217 from edsantiago/cirrus_cleanupOpenShift Merge Robot2019-06-03
|\ \ \ \ \ | |_|_|_|/ |/| | | | cirrus: minor cleanup and refactoring
| * | | | cirrus: minor cleanup and refactoringEd Santiago2019-06-03
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ...with the goal of (very soon) reusing this code, in #2947, to run system tests in CI. This is the cleanest way I can think of to do so without duplication or a large maintenance burden. Changes are: - replace references to 'ginkgo' with 'integration'. That target is already in Makefile, and is not only more readable, it's also more abstract. There is no reason for this level of code to know about ginkgo. - allow rootless_test.sh to accept an argument, that being the name of the test suite to run (default: integration). #2947 will enable 'system'. - allow integration_test.sh to serve multiple purposes, by checking its filename. #2947 will add a symlink, system_test.sh, which will then cascade down to invoke system tests. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | | Merge pull request #3081 from baude/remotecommitOpenShift Merge Robot2019-06-03
|\ \ \ \ | |_|/ / |/| | | podman remote-client commit
| * | | podman remote-client commitbaude2019-05-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | add the ability to commit a container to an image using the remote client. Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3250 from marcusmueller/podman_man_page_mixupOpenShift Merge Robot2019-06-03
|\ \ \ \ | |_|/ / |/| | | Manpage: fix podman-varlink and -version mixup
| * | | manpage: podman-tool table: un-confuse version and varlinkMarcus Müller2019-06-02
|/ / / | | | | | | | | | Signed-off-by: Marcus Müller <marcus@hostalia.de>
* | | Merge pull request #3244 from giuseppe/cleanups-rootless-joinOpenShift Merge Robot2019-06-01
|\ \ \ | | | | | | | | rootless: some cleanups for rootless_linux.c
| * | | rootless: use TEMP_FAILURE_RETRY macroGiuseppe Scrivano2019-05-31
| | | | | | | | | | | | | | | | | | | | | | | | avoid checking for EINTR for every syscall that could block. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: fix return typeGiuseppe Scrivano2019-05-31
| | | | | | | | | | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
| * | | rootless: make sure the buffer is NUL terminatedGiuseppe Scrivano2019-05-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | after we read from the pause PID file, NUL terminate the buffer to avoid reading garbage from the stack. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | | Merge pull request #3236 from baude/testsplitrootlessOpenShift Merge Robot2019-06-01
|\ \ \ \ | |/ / / |/| | | split rootless local and remote testing