| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
| |
StartAndAttach() runs start() in a goroutine, which can allow it
to fire after the caller returns - and thus, after the defer to
unlock the container lock has fired.
The start() call _must_ occur while the container is locked, or
else state inconsistencies may occur.
Fixes #3114
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
varlink: fix usage message, URI is now optional
|
| |
| |
| |
| |
| |
| |
| | |
38199f4c made the URI argument to podman-varlink optional.
Fix the usage message to indicate this.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Fix libpod.conf option ordering
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adding the journald configuration broke decoding the default
libpod.conf, because it was after the [runtimes] table (and was
being interpreted as a member of the table, and not the larger
config). We can't easily fix this on the TOML side, so our best
bet is to move it above the table and add a comment to try and
make sure this doesn't happen again.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
podman: fix events help string
|
| | |
| | |
| | |
| | |
| | |
| | | |
make it uppercase as all the other ones.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add `systemd` build tag
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the systemd development files are not present on the system which
builds podman, then `podman events` will error on runtime creation.
Beside this, a warning will be printed when compiling podman.
This commit mainly exists because projects which depend on libpod
would not need the podman event support and therefore do not need to
rely on the systemd headers.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \ \
| | | |
| | | | |
Update containerd/cgroups to 4994991857f9b0ae
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| |_|/
|/| | |
healthcheck benign error
|
| |/
| |
| |
| |
| |
| |
| | |
clean up the reporting of a benign error that can occur when a container
is first stopped and then removed.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \
| |/
|/| |
Enabling checkpoint/restore testing on Fedora >= 29 again
|
| |
| |
| |
| |
| |
| | |
This fixes all the current errors concerning checkpoint/restore.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Only Fedora 29 and newer has an updated container-selinux and
selinux-policy new enough to support CRIU in restoring threaded
processes in a container with SELinux enabled.
Also skip checkpoint/restore tests if rootless. CRIU requires root.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \
| | |
| | | |
Use standard remove functions for removing pod ctrs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When using CGroupfs, we see races during pod removal between
removing the CGroup and the cleanup process starting (in the
CGroup, thus preventing removal).
The simplest way to avoid this is to prevent the forking of the
cleanup process. Conveniently, we can do this via the CGroup that
we already created for Conmon - we just need to update the PID
limit to 0, which completely inhibits new forks.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Buildah no longer updates the create time of single-action images
(e.g. `FROM ...` with no other instructions. This isn't a bug (it
matches Docker's behavior), but it broke one of our tests.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Instead of rewriting the logic, reuse the standard logic we use
for removing containers, which is much better tested.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Update installation instructions
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: h-vetinari <h.vetinari@gmx.com>
|
|\ \ \ \
| | | | |
| | | | | |
implement cp reads tar file from stdin/to stdout
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
enables podman cp uses - to stream a tar archive from STDIN or to STDOUT.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
Add information when running `podman version` on client
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* Include service version information and headers
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Do not remove volumes when --rm removes a container
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
This duplicates Docker behavior for the `--rm` flag.
Fixes #3071
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
add varlink bridge
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
allow the user to define a remote host and remote username for their
remote podman sessions. this is then feed to the varlink "bridge" as
the ssh credentials and endpoint.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
Improve robustness of pod removal
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Ensure that, if an error occurs somewhere along the way when we
remove a pod, it's preserved until the end and returned, even as
we continue to remove the pod.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Removing a pod must first removal all containers in the pod.
Libpod requires the state to remain consistent at all times, so
references to a deleted pod must all be cleansed first.
Pods can have many containers in them. We presently iterate
through all of them, and if an error occurs trying to clean up
and remove any single container, we abort the entire operation
(but cannot recover anything already removed - pod removal is not
an atomic operation).
Because of this, if a removal error occurs partway through, we
can end up with a pod in an inconsistent state that is no longer
usable. What's worse, if the error is in the infra container, and
it's persistent, we get zombie pods - completely unable to be
removed.
When we saw some of these same issues with containers not in
pods, we modified the removal code there to aggressively purge
containers from the database, then try to clean up afterwards.
Take the same approach here, and make cleanup errors nonfatal.
Once we've gone ahead and removed containers, we need to see
pod deletion through to the end - we'll log errors but keep
going.
Also, fix some other small things (most notably, we didn't make
events for the containers removed).
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
Add simple test to confirm bad command-line arguments
|
|/ / / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
podman-run|create man updates
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
the healthcheck commands were not being specified in the man pages for
run and create.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
enable integration tests for remote-client
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
first pass at enabling a swath of integration tests for the
remote-client.
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
fix podman-remote ps --ns
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
the namespace for the remote client was being incorrectly derived from
the "remote" client.
fixes: #2938
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
When refreshing after a reboot, force lock allocation
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |/ / /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
After a reboot, when we refresh Podman's state, we retrieved the
lock from the fresh SHM instance, but we did not mark it as
allocated to prevent it being handed out to other containers and
pods.
Provide a method for marking locks as in-use, and use it when we
refresh Podman state after a reboot.
Fixes #2900
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
remote-podman checkpoint and restore add to container submenu
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
the remote-podman checkpoint and restore commands were done some time
ago but for some reason not added to the container subcommand
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
add unit tests for generate systemd
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
it looks like i forgot to add the unit tests for generate systemd
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Cirrus: Add check for make varlink_api_generate
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|