| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
podman machine: use gvproxy for host.containers.internal
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let the gvproxy dns server handle the host.containers.internal entry.
Support for this is already added to gvproxy. [1]
To make sure the container uses the dns response from gvproxy we should
not add host.containers.internal to /etc/hosts in this case.
[NO TESTS NEEDED] podman machine has no tests :/
Fixes #11642
[1] https://github.com/containers/gvisor-tap-vsock/commit/1108ea45162281046d239047a6db9bc187e64b08
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
Add podman machine init --now option
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Once we have this option, the new documentation from users becomes
a little simpler.
brew install podman
podman machine init --now
podman run ...
--now option is based off of `systemctl enable XYZ.service --now`
[NO TESTS NEEDED] The infrastructure has not been setup yet to test
podman machine init.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
compat API: /images/json prefix image id with sha256
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Docker adds the `sha256:` prefix to the image ID, so our compat endpoint
has to do this as well.
Fixes #11623
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] Add link to skopeo delete in podman rmi
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add a note pointing to skopeo delete for when
users want to delete an image in a remote registry.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
vendor c/common@main
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Finalizes the linked BZ to fix passing down custom authfiles during auto
updates. Also fixes the if-newer pull policy.
[NO TESTS NEEDED] for now validated manually. There's a TODO to add a
new system test that I did not find time for before PTO.
BZ: bugzilla.redhat.com/show_bug.cgi?id=2000943
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
remote untag: support digests
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
Fix a bug when remotely untagging an image via tag@digest.
The digest has been lost in the remote client and hence led
to a wrong behaviour on the server.
Fixes: #11557
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| |/
|/|
| |
| | |
giuseppe/raise-move-process-to-scope-only-with-cgroupv2
utils: raise warning only on cgroupv2
|
| | |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
if it is not running on cgroup v2, print only a debug message since
rootless users cannot create the cgroup.
commit 9c1e27fdd536f6026efe3da4360755a3e9135ca8 introduced the regression.
[NO TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
System tests: cleanup, and remove obsolete skips
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* 070-build:
- remove workaround for #9567, which is closed.
- add many more cases to the ignorefile test,
to test complicated special cases of Buildah PR 3486.
* 160-volumes:
- remove a skip_if_remote, volumes now work on remote
- use a random name for tarball, and clean up when
done using it. This fixes a gating-test failure
(test runs as root, then rootless, and rootless
can't clobber root's file).
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | | |
Remove unused code from libpod
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The libpod package should only compile on linux. The remote client
should never try to import this package.
Since these files do not add any value we should remove them, this
prevents people from accidentally importing this package because it would
fail to compile on windows/macos.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
[NO TESTS NEEDED] Add username flag for machine ssh
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
allow users to specify what username to use when ssh-ing into the vm.
If the username flag is set, the username will be the flag value. If the
flag is not set and the the vm name is specified, the default user of
the vm will be used. if the flag is not set, and the vm name is not
specified, then the username of the default connection will be used.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
CNI: add ipvlan driver support and macvlan modes
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add support for the ipvlan cni plugin. This allows us to create,
inspect and list ipvlan networks correctly.
Fixes #10478
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
Support setting the macvlan mode with `podman network create -d macvlan
--opt mode=bridge`. This will correctly set the specified macvlan mode
in the cni conflist file.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
Add no-trunc support to podman-events
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Standardize on no-trunc through the code.
Alias notruncate where necessary.
Standardize on the man page display of no-trunc.
Fixes: https://github.com/containers/podman/issues/8941
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Fix up build the docs site
|
| | | |
| | |
| | |
| | |
| | |
| | | |
[NO TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
[CI:DOCS] markdown cleanup
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* podman-inspect: make references be live links, not a static
list. Also, remove container- and image-inspect, because
those are NOPs.
* podman-pull: add a missing right-paren
* podman-search, podman: remove unwanted indentation from
some file descriptions. Markdown indentation renders as
one very very long line, requiring the user to use a
horizontal scroll bar to read the text. I searched
using grep '^ ' and eyeball-looking for text that
doesn't look like one-line code examples, and see
no more, but eyeball checks are fragile.
One bug remains: MyST renders mailto: links uglily. I can find
no way to fix this other than patching the source code.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \ \
| |_|/ /
|/| | | |
runtime: move pause process to scope
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
make sure the pause process is moved to its own scope as well as what
we do when we join an existing user+mount namespace.
Closes: https://github.com/containers/podman/issues/11560
[NO TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
when running on a systemd with systemd, always try to move the pause
process to its own scope.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
we already know the path to the pause PID file, no need to calculate
it again.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Do not allow network modes to be used as network names
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
`podman network create` should not allow users to create networks with a
name which is already used for a network mode in `podman run --network`.
Fixes #11448
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
Only add 127.0.0.1 entry to /etc/hosts with --net=none
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The check for net=none was wrong. It just assumed when we do not create
the netns but have one set that we use the none mode. This however also
applies to a container which joins the pod netns.
To correctly check for the none mode use `config.NetMode.IsNone()`.
Fixes #11596
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| |/
|/| |
[CI:DOCS] Use a new markdown converter for sphinx
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recommonmark has many issues and is deprecated. The recommended
alternative is MyST-Parser. [1]
The myst parser looks great, it also correctly parses tables and adds the
correct links.
To test locallay run:
```
cd docs
rm -rf build/
\# install build deps
sudo dnf install python3-sphinx && pip install myst-parser
make html
python -m http.server 8000 --directory build/html
\# Now check in your browser if it looks good to you
```
[1] https://github.com/readthedocs/recommonmark/issues/221
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
fix inverted condition
|
| |/
|
|
|
|
| |
[NO TESTS NEEDED]
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| |\
| |
| | |
Wire network interface into libpod
|
| | |
| |
| |
| |
| |
| |
| | |
Drivers should return the list of supported network drivers by this
plugin. This is useful for podman info.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Rootless cni with ipv6 needs the `ip6_tables` module loaded, normally
the cni plugins will load this module but as rootless it does not have
the necessary permission to do so. Therefore we load it manually.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We do not use the ocicni code anymore so let's get rid of it. Only the
port struct is used but we can copy this into libpod network types so
we can debloat the binary.
The next step is to remove the OCICNI port mapping form the container
config and use the better PortMapping struct everywhere.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make use of the new network interface in libpod.
This commit contains several breaking changes:
- podman network create only outputs the new network name and not file
path.
- podman network ls shows the network driver instead of the cni version
and plugins.
- podman network inspect outputs the new network struct and not the cni
conflist.
- The bindings and libpod api endpoints have been changed to use the new
network structure.
The container network status is stored in a new field in the state. The
status should be received with the new `c.getNetworkStatus`. This will
migrate the old status to the new format. Therefore old containers should
contine to work correctly in all cases even when network connect/
disconnect is used.
New features:
- podman network reload keeps the ip and mac for more than one network.
- podman container restore keeps the ip and mac for more than one
network.
- The network create compat endpoint can now use more than one ipam
config.
The man pages and the swagger doc are updated to reflect the latest
changes.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
When configs are loaded from disk we need to check if they contain a
ipv6 subnet and set ipv6 enables to true in this case.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The default network should not be validated against used subnets, we have to ensure
that this network can always be created even when a subnet is already used on the host.
This could happen if you run a container on this net, then the cni interface will be
created on the host and "block" this subnet from being used again.
Therefore the next podman command tries to create the default net again and it would
fail because it thinks the network is used on the host.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
