| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
volumes
Similar feature was added for named overlay volumes here: https://github.com/containers/podman/pull/12712
Following PR just mimics similar feature for anonymous volumes.
Often users want their anonymous overlayed volumes to be `non-volatile` in nature
that means that same `upper` dir can be re-used by one or more
containers but overall of nature of volumes still have to be overlay
so work done is still on a overlay not on the actual volume.
Following PR adds support for more advanced options i.e custom `workdir`
and `upperdir` for overlayed volumes. So that users can re-use `workdir`
and `upperdir` across new containers as well.
Usage
```console
podman run -it -v /some/path:/data:O,upperdir=/path/persistant/upper,workdir=/path/persistant/work alpine sh
```
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\
| |
| |
| |
| | |
flouthoc/support-additional-build-context-on-remote
remote: enable support for additional `--build-context` on macOS and remote
|
| | |
| |
| |
| | |
Signed-off-by: Aditya R <arajan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Feature of additional build context added here https://github.com/containers/buildah/pull/3978
already exists on `podman` following PR just enables this feature of
`podman-remote` and `podman on macOS` setups.
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] PodmanImage Readme touchup
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
@cevich recently renamed all the files named Dockerfile to Containerfile
in this directory. Touching up the README.md to reflect that.
Also, as I was doing the submit, I noticed a couple of nits in the PR
request template and cleaned those up.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Cleanup the leftovers in `play kube` e2e test used for ginkgo focus option
|
| |/ /
| |
| |
| | |
Signed-off-by: Cosmin Tupangiu <cosmin@redhat.com>
|
| |\ \
| | |
| | | |
podman logs k8s-file: do not reassemble partial log lines
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The backend should not convert partial lines to full log lines. While
this works for most cases it cannot work when the last line is partial
since it will just be lost. The frontend logic can already display
partial lines correctly. The journald driver also works correctly since
it does not such conversion.
Fixes #14458
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Improve robustness of `podman system reset`
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Firstly, reset is now managed by the runtime itself as a part of
initialization. This ensures that it can be used even with
runtimes that would otherwise fail to be created - most notably,
when the user has changed a core path
(runroot/root/tmpdir/staticdir).
Secondly, we now attempt a best-effort removal even if the store
completely fails to be configured.
Third, we now hold the alive lock for the entire reset operation.
This ensures that no other Podman process can start while we are
running a system reset, and removes any possibility of a race
where a user tries to create containers or pull images while we
are trying to perform a reset.
[NO NEW TESTS NEEDED] we do not test reset last I checked.
Fixes #9075
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Use logDriver instead of query.LogDriver for podman play kube
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Quick fix in play.go to use logDriver to set the correct
log driver rather than overwriting query.LogDriver.
[NO NEW TESTS NEEDED]
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
[CI:BUILD] Podman image: Mass cleanup + fix missing storage.conf
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As of Fedora 36, `/etc/containers/storage.conf` with defaults is
installed under `/usr/share/containers/`. This was causing builds
to fail in the necessary `sed` command that enables fuse-overlayfs.
Fix this by using sed on the new location with an output redirect
into the `etc` location.
Also, perform a mass-cleanup of the three files to make them easier
to read/maintain. Including renaming them to `Containerfile`,
since all native build tooling is now used to produce them.
Lastly, take advantage of the `podman-next` copr repository to install
the latest/greatest podman from `main`, rather than building it from
scratch. This will greatly speed up the image build speed.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
test/e2e/save_test.go: fix flake
|
| |/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Save at most three images and sort them by size. The test started to
flake as _all_ local images were saved which is not neccessary.
Fixes: #14468
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Stop machine before force removing files
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
In #13466 the ability to force remove a machine while it's running was
added but it did not first stop the machine, all files get deleted but
the qemu VM would essentially be orphaned.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
fix pod network handling with a host network
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
the function `GetDefaultNamespaceMode` for pods checks if we are sharing each namespace
and if not, returns the default which in the case of a network is slirp.
add a switch case for explicitly checking if the pod's network mode is host
and if so, return specgen.Host for the container
resolves #13763
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
containers/dependabot/go_modules/github.com/containernetworking/cni-1.1.1
Bump github.com/containernetworking/cni from 1.1.0 to 1.1.1
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Bumps [github.com/containernetworking/cni](https://github.com/containernetworking/cni) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/containernetworking/cni/releases)
- [Commits](https://github.com/containernetworking/cni/compare/v1.1.0...v1.1.1)
---
updated-dependencies:
- dependency-name: github.com/containernetworking/cni
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
| |\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
Align docker load and podman load output
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
The comma-separated podman load output isn't conducive for using the
subsequent images. For tarballs with multiple images, the comma
separator must be manually identified and a suitable range identified.
Docker CLI on the other hand, has one image identifier per line:
Loaded image: repo1/name1:latest
Loaded image: repo1/name1:tag1
Loaded image: repo2/name2:tag1
(as of Docker version 20.10.16, build aa7e414).
Switch `podman load` to this format for consistency and usability.
[NO NEW TESTS NEEDED]
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
[CI:DOCS] changed megabyte to mebibyte
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
In podman run --help, the message said megabyte, gigabyte, etc. In reality podman takes mebibytes, gibibytes, etc.
[CI:DOCS]
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| |/ / / / / / / /
|/| | | | | | | | |
Makefile: Handle unexpected empty var. values
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fixes #14021
Substitution values built from `$(shell ...)` output can easily be empty
due to the shell's default `pipefail` behavior. This can also hide
non-zero exit codes, similarly resulting in empty values being set.
While not a perfect fix, the situation is improved by using the
`err_if_empty` function in all cases where empty values would be
unexpected. Remove the definitions for `GIT_BRANCH` and
`GIT_BRANCH_CLEAN` which don't seem to actually be used anywhere
(including in code).
Add a simple release-test to verify `podman info` outputs a non-empty
value for "GitCommit".
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| |_|_|_|/ / / / /
|/| | | | | | | | |
Move Attach under the OCI Runtime interface
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
With conmon-rs on the horizon, we need to disentangle Libpod from
legacy Conmon to the greatest extent possible. There are
definitely opportunities for codesharing between the two, but we
have to assume the implementations will be largely disjoint given
the different architectures.
Fortunately, most of the work has already been done in the past.
The conmon-managed OCI runtime mostly sits behind an interface,
with a few exceptions - the most notable of those being attach.
This PR thus moves Attach behind the interface, to ensure that we
can have attach implementations that don't use our existing unix
socket streaming if necessary.
Still to-do is conmon cleanup. There's a lot of code that removes
Conmon-specific files, or kills the Conmon PID, and all of it
will need to be refactored behind the interface.
[NO NEW TESTS NEEDED] Just moving some things around.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \ \ \ \ \ \
| |_|_|_|_|/ / / /
|/| | | | | | | | |
shell completion for paths inside the image/container
|
| | | |_|_|/ / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Add shell completion for paths inside the container or image. Currently
podman run IMAGE [TAB] only uses the default shell completion which
suggests paths on the host. This is fine for some cases but often the
user wants a path which only exists in the image/container.
This commits adds support for that. Both podman create/run can now
complete the paths from the image, podman cp ctr:... now completes paths
from the actual container.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
[CI:DOCS] Document protocol usage for --publish
|
| | | |_|/ / / / /
| |/| | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
This also unifies the documentation of `--publish` for `podman create`, `podman run`, and `podman pod create`.
Signed-off-by: Daniel Rudolf <github.com@daniel-rudolf.de>
|
| |\ \ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
Support setting image_volume_mode in containers.conf
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Fixes: https://github.com/containers/podman/issues/14230
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| |_|_|/ / / / / /
|/| | | | | | | | |
pkg/specgen: parse default network mode on server
|
| | | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
When podman-remote is used we should not resolve the default network
mode on the client. Defaults should be set on the server. In this case
this is important because we have different defaults for root/rootless.
So when the client is rootless and the server is root we must pick the
root default.
Note that this already worked when --network was set since we did not
parsed the flag in this case. To reproduce you need --network=default.
Also removed a unused function.
[NO NEW TESTS NEEDED] I tested it manually but I am not sure how I can
hook a test like this up in CI. The client would need to run as rootless
and the server as root or the other way around.
Fixes #14368
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
healthcheck: wait for systemd operations
|
| | | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Make sure to wait for the systemd operations to finish when
starting/stopping healtcheck timers and services. Also make
sure to stop the timer before the service to avoid a race
with the timer.
[NO NEW TESTS NEEDED] since it is a non-functional change and existing
tests are expected to pass.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
podman pod create --uidmap patch
|
| | | |_|_|_|_|/ / / /
| |/| | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
podmans remote API does not marshal infra's spec due to
the fact that if it did, all of those options would be available to
the users on the command line. This means we need to manually map "backwards"
some container spec items -> pod spec items before calling PodCreate, this was
one of them that was forgotten
resolves #14233
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
podman stats: work with network connect/disconnect
|
| | | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Hardcoding the interface name is a bad idea. We have no control over the
actual interface name since the user can change it.
The correct thing is to read them from the network status. Since the
contianer can have more than one interface we have to add the RX/TX
values. The other values are currently not used.
For podman 5.0 we should change it so that the API can return the
statistics per interface and the client should sum the TX/RX for the
command output. This is what docker is doing.
Fixes #13824
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \ \ \ \ \ \ \
| | | | | | | | | | | |
| | | | | | | | | | | | |
podman machine ssh: set correct exit code
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Currenlty this ssh warning is printed everytime:
`Warning: Permanently added '[localhost]:33915' (ED25519) to the list of known hosts.`
Since this is very anoying and makes it harder to capture the actual
command output we should silence this. With log level error we will only
see the important messages from ssh.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | |
| | | | | | | | | | | | |
Forward the ssh exit code to the podman caller. This is useful for
scripts. Use the same logic as podman unshare.
Fixes #14401
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
