| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of being interpreted as an argument to the boolean flag,
the 'true' is being intepreted as the Podman command to be run -
so we're trying to run `podman true`, which does not exist. This
causes the cleanup command to fail when `--log-level=debug` is
set, so containers are not cleaned up or removed.
This problem is easily reproduced with any command combining the
`--rm`, `-d`, and `--log-level=debug` flags - the command will
execute and exit, but the container will not be removed.
Separate, but worth looking into later: the errors we get on
trying `podman true` with any flags are terrible - if you just
type `podman true` you get a quite sane "Unrecognized command"
error, but if you try `podman true --rm` you get an "unknown flag
--rm" error - which makes very little sense given the command
itself doesn't exist.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
| |
The `ancestor` option was missing an equal sign. Therefore
the completion did not work as expected.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
|
|
|
|
| |
remove mistaken use of target being used for tag
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
when formatting mount options into a string for the compat container create, the options need to be comma delimited.
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
| |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, we always computed pause path from the Rootless
runtime directory. Problem: this does not match the behavior of
Libpod when the directory changes. Libpod will continue to use
the previous directory, cached in the database; Pause pidfiles
will swap to the new path. This is problematic when the directory
needs to exist to write the pidfile, and Libpod is what creates
the directory.
There are two potential solutions - allow the pause pidfile to
move and just make the directory when we want to write it, or use
the cached Libpod paths for a guaranteed location. This patch
does the second, because it seems safer - we will never miss a
previously-existing pidfile because the location is now
consistent.
Fixes #8539
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
| |
* existing code caused an unnecessary 301 redirect
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
move the conmon process to the conmon cgroup also on exec.
The previous implementation would fail to move the conmon process as
the systemd unit already exists so its creation would fail.
When the unit cannot be created, attempt to directly join the cgroup
instead.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Docker defines an option of "default" which means to
use the default network. We should support this with
the same code path as --network="".
This is important for compatibility with the Docker API.
Fixes: https://github.com/containers/podman/issues/8544
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
|
|
|
|
|
| |
Currently asking for login password, even if not supported by
the ssh server. So wait with prompt until actually requested.
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |
|
|
|
|
|
| |
Previously close rawSouce in the middle makes future use of rawSource invalid.
Move the rawSource.Close() to the end of each loop.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
When creating a container, do not clear the input-image name before
looking up image names. Also add a regression test.
Fixes: #8558
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
<MH: Fixed cherry-pick conflicts>
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
| |
/containers/create compat endpoint does not set the name correctly (#7857)
Signed-off-by: Milivoje Legenovic <m.legenovic@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We can't mount sysfs as rootless unless we manage the network
namespace. Problem: slirp4netns is now creating and managing a
network namespace separate from the OCI runtime, so we can't
mount sysfs in many circumstances. The `crun` OCI runtime will
automatically handle this by falling back to a bind mount, but
`runc` will not, so we didn't notice until RHEL gating tests ran
on the new branch.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Installing a duplicate shutdown handler fails, but if a handler
with the same name is already present, we should be set to go.
There's no reason to print a user-facing error about it.
This comes up almost nowhere because Podman never makes more than
one Libpod runtime, but there is one exception (`system reset`)
and the error messages, while harmless, were making people very
confused (we got several bug reports that `system reset` was
nonfunctional).
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
| |
Before querying for a container's cgroup path, make sure that the
container is synced. Also make sure to error out if the container
isn't running.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman pre-1.8 also included a field with this name, which was a
String. Podman 2.2.0 added a new field reusing the name but as a
Struct. This completely broke JSON decode for pre-1.8 containers
in Podman 2.2, resulting in completely broken behavior.
Re-name the JSON field and add a note that the old name should
not be re-used to prevent this problem from re-occurring. This
will still result in containers from 2.2.0 being broken
(specifically, containers with image volumes will have them
disappear) but this is the lesser of two evils.
Fixes #8613
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] The --net=container flag to Buildah is deprecated
|
| |/
|
|
|
|
|
|
|
|
|
| |
It's very confusing that `podman run --net=container` joins the
network namespace of another container - but
`podman build --net=container` creates a private network
namespace. We've standardized on `--net=private` for this, and
will eventually remove `podman build --net=container` as an
alias for `--net=private`.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
Cirrus: Update for v2.2 branch
|
| |/
|
|
| |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\
| |
| | |
Bump to v2.2.0
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Update release notes for v2.2.0
|
| | |
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] Fix option names --subuidname and --subgidname
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Options --subuid and --subgid does not exists
Fixes: https://github.com/containers/podman/issues/8510
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
[CI:DOCS] Fix extra quotation mark in manpages.
|
| |/ /
| |
| |
| | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | | |
Document docker transport is the only supported remote transport
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The goal is to improve errors when users use the wrong transport
in certain cases we stutter, in other cases we don't give enough
information.
Remove stutters when failing to pull remote images, because of
lack of support.
Fix errors returned by reference.Parse to wrap in image that was being
checked.
Fixes: https://github.com/containers/podman/issues/7116
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Revert "Allow multiple --network flags for podman run/create"
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As described in issue #8507 this commit contains a breaking
change which is not wanted in v2.2.
We can discuss later if we want this in 3.0 or not.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \ \ \
| |_|_|/
|/| | | |
Ensure that --net=host/pod/container conflicts with -p
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Setting port mappings only works when CNI is configuring our
network (or slirp4netns, in the rootless case). This is not the
case with `--net=host`, `--net=container:`, and joining the
network namespace of the pod we are part of. Instead of allowing
users to do these things and then be confused why they do
nothing, let's match Docker and return a warning that your port
mappings will do nothing.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
[CI:DOCS] Update Tutorials.rst
|
| | |\ \ \
| |/ / /
|/| | | |
|
| |\ \ \ \
| |_|_|/
|/| | | |
Add APIv2 tests for kube generate
|
| |/ / /
| | |
| | |
| | | |
Signed-off-by: Edward Shen <weshen@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Fix problems with network remove
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
First, make sure we are only trying to remove the network
interface if we are root.
Second, if we cannot get the interface name (e.g macvlan config)
then we should not fail. Just remove the config file.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\ \ \ \
| | | | |
| | | | | |
Add support for persistent volume claims in kube files
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In k8s a persistent volume claim (PVC) allow pods to define a volume
by referencing the name of a PVC. The PVC basically contains criterias
that k8s then use to select which storage source it will use for the
volume.
Podman only provide one abtracted storage, the named volumes, and
create them if they don't exists yet. So this patch simply use a
volume with the name of the PVC.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Replace the simple map of names to paths with a map of names to a struct
to allow passing more parameters. Also move the code to parse the volumes
to its own file to avoid making the playKubePod() function overly complex.
Finally rework the kube volumes test to also be ready to support more
volume types.
Signed-off-by: Alban Bedel <albeu@free.fr>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
runtime: set XDG_* env variables if missing
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
regression introduced when moving to Podman 2.0.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1877228
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
REST API v2 - ping - fix typo in header
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Riyad Preukschas <riyad@informatik.uni-bremen.de>
|
