aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAge
* Ensure that start() in StartAndAttach() is lockedMatthew Heon2019-05-14
| | | | | | | | | | | | | StartAndAttach() runs start() in a goroutine, which can allow it to fire after the caller returns - and thus, after the defer to unlock the container lock has fired. The start() call _must_ occur while the container is locked, or else state inconsistencies may occur. Fixes #3114 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #3096 from edsantiago/varlink_usageOpenShift Merge Robot2019-05-14
|\ | | | | varlink: fix usage message, URI is now optional
| * varlink: fix usage message, URI is now optionalEd Santiago2019-05-13
| | | | | | | | | | | | | | 38199f4c made the URI argument to podman-varlink optional. Fix the usage message to indicate this. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #3116 from mheon/fix_libpod_confOpenShift Merge Robot2019-05-14
|\ \ | | | | | | Fix libpod.conf option ordering
| * | Fix libpod.conf option orderingMatthew Heon2019-05-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Adding the journald configuration broke decoding the default libpod.conf, because it was after the [runtimes] table (and was being interpreted as a member of the table, and not the larger config). We can't easily fix this on the TOML side, so our best bet is to move it above the table and add a comment to try and make sure this doesn't happen again. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #3101 from giuseppe/make-events-uppercaseOpenShift Merge Robot2019-05-13
|\ \ \ | |/ / |/| | podman: fix events help string
| * | podman: fix events help stringGiuseppe Scrivano2019-05-13
| | | | | | | | | | | | | | | | | | make it uppercase as all the other ones. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #3083 from openSUSE/systemd-optionalOpenShift Merge Robot2019-05-13
|\ \ \ | | | | | | | | Add `systemd` build tag
| * | | Add `systemd` build tagSascha Grunert2019-05-13
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If the systemd development files are not present on the system which builds podman, then `podman events` will error on runtime creation. Beside this, a warning will be printed when compiling podman. This commit mainly exists because projects which depend on libpod would not need the podman event support and therefore do not need to rely on the systemd headers. Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #3103 from mheon/update_cgroupsOpenShift Merge Robot2019-05-13
|\ \ \ | | | | | | | | Update containerd/cgroups to 4994991857f9b0ae
| * | | Update containerd/cgroups to 4994991857f9b0aeMatthew Heon2019-05-13
| |/ / | | | | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | Merge pull request #3093 from baude/healthcheckfixesOpenShift Merge Robot2019-05-13
|\ \ \ | |_|/ |/| | healthcheck benign error
| * | healthcheck benign errorbaude2019-05-13
| |/ | | | | | | | | | | | | clean up the reporting of a benign error that can occur when a container is first stopped and then removed. Signed-off-by: baude <bbaude@redhat.com>
* | Merge pull request #2705 from adrianreber/ci-testOpenShift Merge Robot2019-05-13
|\ \ | |/ |/| Enabling checkpoint/restore testing on Fedora >= 29 again
| * Upgrade to latest criu and selinux-policyAdrian Reber2019-05-06
| | | | | | | | | | | | This fixes all the current errors concerning checkpoint/restore. Signed-off-by: Adrian Reber <areber@redhat.com>
| * Only run checkpoint/restore tests on Fedora >= 29Adrian Reber2019-05-06
| | | | | | | | | | | | | | | | | | | | Only Fedora 29 and newer has an updated container-selinux and selinux-policy new enough to support CRIU in restoring threaded processes in a container with SELinux enabled. Also skip checkpoint/restore tests if rootless. CRIU requires root. Signed-off-by: Adrian Reber <areber@redhat.com>
* | Merge pull request #3105 from mheon/use_ctr_remove_funcsOpenShift Merge Robot2019-05-12
|\ \ | | | | | | Use standard remove functions for removing pod ctrs
| * | When removing a pod with CGroupfs, set pids limit to 0Matthew Heon2019-05-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using CGroupfs, we see races during pod removal between removing the CGroup and the cleanup process starting (in the CGroup, thus preventing removal). The simplest way to avoid this is to prevent the forking of the cleanup process. Conveniently, we can do this via the CGroup that we already created for Conmon - we just need to update the PID limit to 0, which completely inhibits new forks. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Add fix for an issue breaking our CIMatthew Heon2019-05-10
| | | | | | | | | | | | | | | | | | | | | | | | Buildah no longer updates the create time of single-action images (e.g. `FROM ...` with no other instructions. This isn't a bug (it matches Docker's behavior), but it broke one of our tests. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | Use standard remove functions for removing pod ctrsMatthew Heon2019-05-10
| | | | | | | | | | | | | | | | | | | | | Instead of rewriting the logic, reuse the standard logic we use for removing containers, which is much better tested. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #3068 from h-vetinari/masterOpenShift Merge Robot2019-05-11
|\ \ \ | | | | | | | | Update installation instructions
| * | | Update installation instructionsAxel Obermeier2019-05-07
| | | | | | | | | | | | | | | | Signed-off-by: h-vetinari <h.vetinari@gmx.com>
* | | | Merge pull request #3041 from QiWang19/cpdashOpenShift Merge Robot2019-05-09
|\ \ \ \ | | | | | | | | | | implement cp reads tar file from stdin/to stdout
| * | | | implement cp reads tar file from stdin/stdoutQi Wang2019-05-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | enables podman cp uses - to stream a tar archive from STDIN or to STDOUT. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #3087 from jwhonce/wip/versionOpenShift Merge Robot2019-05-09
|\ \ \ \ \ | |_|_|/ / |/| | | | Add information when running `podman version` on client
| * | | | Add information when running podman version on clientJhon Honce2019-05-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Include service version information and headers Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | | | Merge pull request #3072 from mheon/no_rm_volumeOpenShift Merge Robot2019-05-08
|\ \ \ \ \ | | | | | | | | | | | | Do not remove volumes when --rm removes a container
| * | | | | Do not remove volumes when --rm removes a containerMatthew Heon2019-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This duplicates Docker behavior for the `--rm` flag. Fixes #3071 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #3042 from baude/bridgeOpenShift Merge Robot2019-05-08
|\ \ \ \ \ \ | | | | | | | | | | | | | | add varlink bridge
| * | | | | | add varlink bridgebaude2019-05-08
| | |/ / / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | allow the user to define a remote host and remote username for their remote podman sessions. this is then feed to the varlink "bridge" as the ssh credentials and endpoint. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3082 from mheon/pod_removal_reliabilityOpenShift Merge Robot2019-05-08
|\ \ \ \ \ \ | |/ / / / / |/| | | | | Improve robustness of pod removal
| * | | | | Preserve errors returned by removing podsMatthew Heon2019-05-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ensure that, if an error occurs somewhere along the way when we remove a pod, it's preserved until the end and returned, even as we continue to remove the pod. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | Improve robustness of pod removalMatthew Heon2019-05-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Removing a pod must first removal all containers in the pod. Libpod requires the state to remain consistent at all times, so references to a deleted pod must all be cleansed first. Pods can have many containers in them. We presently iterate through all of them, and if an error occurs trying to clean up and remove any single container, we abort the entire operation (but cannot recover anything already removed - pod removal is not an atomic operation). Because of this, if a removal error occurs partway through, we can end up with a pod in an inconsistent state that is no longer usable. What's worse, if the error is in the infra container, and it's persistent, we get zombie pods - completely unable to be removed. When we saw some of these same issues with containers not in pods, we modified the removal code there to aggressively purge containers from the database, then try to clean up afterwards. Take the same approach here, and make cleanup errors nonfatal. Once we've gone ahead and removed containers, we need to see pod deletion through to the end - we'll log errors but keep going. Also, fix some other small things (most notably, we didn't make events for the containers removed). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | | Merge pull request #3085 from cevich/snuffleupagusOpenShift Merge Robot2019-05-08
|\ \ \ \ \ \ | |_|_|/ / / |/| | | | | Add simple test to confirm bad command-line arguments
| * | | | | Add negative command-line testChris Evich2019-05-08
|/ / / / / | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>
* | | | | Merge pull request #3076 from baude/healthcheckmanOpenShift Merge Robot2019-05-07
|\ \ \ \ \ | | | | | | | | | | | | podman-run|create man updates
| * | | | | podman-run|create man updatesbaude2019-05-07
| | |_|/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | the healthcheck commands were not being specified in the man pages for run and create. Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #2977 from baude/makeitrainOpenShift Merge Robot2019-05-07
|\ \ \ \ \ | | | | | | | | | | | | enable integration tests for remote-client
| * | | | | enable integration tests for remote-clientbaude2019-05-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | first pass at enabling a swath of integration tests for the remote-client. Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3080 from baude/remotepsnamespaceOpenShift Merge Robot2019-05-07
|\ \ \ \ \ \ | |/ / / / / |/| | | | | fix podman-remote ps --ns
| * | | | | fix podman-remote ps --nsbaude2019-05-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the namespace for the remote client was being incorrectly derived from the "remote" client. fixes: #2938 Signed-off-by: baude <bbaude@redhat.com>
* | | | | | Merge pull request #3073 from mheon/force_lock_reallocOpenShift Merge Robot2019-05-07
|\ \ \ \ \ \ | |/ / / / / |/| | | | | When refreshing after a reboot, force lock allocation
| * | | | | Remove tests for deprecated podman-refresh commandMatthew Heon2019-05-06
| | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@pm.me>
| * | | | | When refreshing after a reboot, force lock allocationMatthew Heon2019-05-06
| | |/ / / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After a reboot, when we refresh Podman's state, we retrieved the lock from the fresh SHM instance, but we did not mark it as allocated to prevent it being handed out to other containers and pods. Provide a method for marking locks as in-use, and use it when we refresh Podman state after a reboot. Fixes #2900 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | | | Merge pull request #3074 from baude/checkoutpointmenuOpenShift Merge Robot2019-05-07
|\ \ \ \ \ | |_|/ / / |/| | | | remote-podman checkpoint and restore add to container submenu
| * | | | remote-podman checkpoint and restore add to container submenubaude2019-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the remote-podman checkpoint and restore commands were done some time ago but for some reason not added to the container subcommand Signed-off-by: baude <bbaude@redhat.com>
* | | | | Merge pull request #3070 from baude/generatesystemdtestsOpenShift Merge Robot2019-05-06
|\ \ \ \ \ | |/ / / / |/| | | | add unit tests for generate systemd
| * | | | add unit tests for generate systemdbaude2019-05-06
| | |/ / | |/| | | | | | | | | | | | | | | | | | it looks like i forgot to add the unit tests for generate systemd Signed-off-by: baude <bbaude@redhat.com>
* | | | Merge pull request #3048 from cevich/varlink_api_checkOpenShift Merge Robot2019-05-06
|\ \ \ \ | |_|/ / |/| | | Cirrus: Add check for make varlink_api_generate
| * | | Fix API.mdChris Evich2019-05-03
| | | | | | | | | | | | | | | | Signed-off-by: Chris Evich <cevich@redhat.com>