| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some time in the last month, podman started to depend on a bunch
of external helper binaries: rootlessport, pause, catatonit.
System tests fail without these.
Update the hack/bats script to pass $CONTAINERS_HELPER_BINARIES_DIR
(set to ./bin); podman will then use locally-built helpers. (This
requires https://github.com/containers/common/pull/823 , which as
of this PR is not yet vendored into podman. There is no harm in
merging this while we wait.)
Also: if bats helper is invoked as root, run only once; i.e.,
skip the "rootless" step.
Also (piggybacked): the name of the podman pause image has
changed, from pause to podman-pause. Adjust that in our
teardown so we don't leave droppings.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
infra container: replace pause with catatonit
|
| |
| |
| |
| |
| |
| | |
A temporary workaround until the CI images are updated.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Podman has been using catatonit for a number of years already.
Thanks to @giuseppe, catatonit is now able to run as a pause
process which allows us to replace the pause binary entirely.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts commit 9d2b8d2791c23b83b6155b046099a83483860c56 since
catatonit's new pause functionality can replace the `pause` binary
entirely.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Add option --unsetenv to remove default environment variables
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman adds a few environment variables by default, and
currently there is no way to get rid of them from your container.
This option will allow you to specify which defaults you don't
want.
--unsetenv-all will remove all default environment variables.
Default environment variables can come from podman builtin,
containers.conf or from the container image.
Fixes: https://github.com/containers/podman/issues/11836
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman machine improve port forwarding
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This commits adds port forwarding logic directly into podman. The
podman-machine cni plugin is no longer needed.
The following new features are supported:
- works with cni, netavark and slirp4netns
- ports can use the hostIP to bind instead of hard coding 0.0.0.0
- gvproxy no longer listens on 0.0.0.0:7777 (requires a new gvproxy
version)
- support the udp protocol
With this we no longer need podman-machine-cni and should remove it from
the packaging. There is also a change to make sure we are backwards
compatible with old config which include this plugin.
Fixes #11528
Fixes #11728
[NO NEW TESTS NEEDED] We have no podman machine test at the moment.
Please test this manually on your system.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
secret: honor custom `target=` for secrets with `type=mount` for ctr.
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Honor custom `target` if specified while running or creating containers
with secret `type=mount`.
Example:
`podman run -it --secret token,type=mount,target=TOKEN ubi8/ubi:latest
bash`
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
journald logs: keep reading until the journal's end
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When reading logs from the journal, keep going after the container
exits, in case it gets restarted.
Events logged to the journal via the normal paths don't include
CONTAINER_ID_FULL, so don't bother adding it to the "history" event we
use to force at least one entry for the container to show up in the log.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Error logs --follow if events-backend != journald, event-logger=journald
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes: https://github.com/containers/podman/issues/11255
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
bindings: reuse context for API requests
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
One of the main uses of context.Context is to provide cancellation for
go-routines, including API requests. While all user-facing bindings
already used a context parameter, it was only used to pass the client
information around.
This commit changes the internal DoRequest wrapper to take an additional
context argument, and pass that to the http request. Previously, the context
was derived from context.Background(), which made it impossible to cancel
once started.
All the convenience wrappers already supported the context parameter, so the
only user facing change is that cancelling those context now works as one
would expect.
Signed-off-by: Moritz "WanzenBug" Wanzenböck <moritz@wanzenbug.xyz>
|
|\ \ \ \
| | | | |
| | | | | |
Network test: fix podman-remote-rootless corner case
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Followup to #12229, in which I added a podman unshare for
flake debugging. Turns out that doesn't work in podman-remote.
It was not caught because CI doesn't run podman-remote rootless.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Support template unit files in podman generate systemd
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Add optional checkpoint/restore statistics
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This commit updates the man pages for checkpoint and restore to describe
the '--print-stats' parameter.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds the parameter '--print-stats' to 'podman container restore'.
With '--print-stats' Podman will measure how long Podman itself, the OCI
runtime and CRIU requires to restore a checkpoint and print out these
information. CRIU already creates process restore statistics which are
just read in addition to the added measurements. In contrast to just
printing out the ID of the restored container, Podman will now print
out JSON:
# podman container restore --latest --print-stats
{
"podman_restore_duration": 305871,
"container_statistics": [
{
"Id": "47b02e1d474b5d5fe917825e91ac653efa757c91e5a81a368d771a78f6b5ed20",
"runtime_restore_duration": 140614,
"criu_statistics": {
"forking_time": 5,
"restore_time": 67672,
"pages_restored": 14
}
}
]
}
The output contains 'podman_restore_duration' which contains the
number of microseconds Podman required to restore the checkpoint. The
output also includes 'runtime_restore_duration' which is the time
the runtime needed to restore that specific container. Each container
also includes 'criu_statistics' which displays the timing information
collected by CRIU.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|/ / / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This adds the parameter '--print-stats' to 'podman container checkpoint'.
With '--print-stats' Podman will measure how long Podman itself, the OCI
runtime and CRIU requires to create a checkpoint and print out these
information. CRIU already creates checkpointing statistics which are
just read in addition to the added measurements. In contrast to just
printing out the ID of the checkpointed container, Podman will now print
out JSON:
# podman container checkpoint --latest --print-stats
{
"podman_checkpoint_duration": 360749,
"container_statistics": [
{
"Id": "25244244bf2efbef30fb6857ddea8cb2e5489f07eb6659e20dda117f0c466808",
"runtime_checkpoint_duration": 177222,
"criu_statistics": {
"freezing_time": 100657,
"frozen_time": 60700,
"memdump_time": 8162,
"memwrite_time": 4224,
"pages_scanned": 20561,
"pages_written": 2129
}
}
]
}
The output contains 'podman_checkpoint_duration' which contains the
number of microseconds Podman required to create the checkpoint. The
output also includes 'runtime_checkpoint_duration' which is the time
the runtime needed to checkpoint that specific container. Each container
also includes 'criu_statistics' which displays the timing information
collected by CRIU.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Enable 'podman run --memory-swappiness=0'
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
'--memory-swappiness=0' used to work. This patch fixes the regression
issue, which was caused by the change of infra container creation
process.
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
|
|\ \ \ \
| | | | |
| | | | | |
--authfile command line argument for image sign command.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Adds the --authfile command line argument to allow users to use
alternative authfile paths when signing images.
Replaces: https://github.com/containers/podman/pull/10975
Fixes: https://github.com/containers/podman/issues/10866
Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Fix network mode in play kube
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We need to use the config network mode when no network mode was set. To
do so we have to keep the nsmode empty, MakeContainer() will use the
correct network mode from the config when needed.
Fixes #12248
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Podman Image SCP transfer patch
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixed syntax so that podman image scp transfer works with no user specified.
This command can only be executed as root so to obtain the default user, I searched for
the SUDO_USER environmental variable. If that is not found, we error out and inform the user
to set this variable and make sure they are running as root
Signed-off-by: cdoern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Always create working directory when using compat API
|
| | |_|_|_|/
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Docker/Moby always create the working directory, and some tools
rely on that behavior (example, woodpecker/drone).
Fixes #11842
Signed-off-by: Michael Scherer <misc@redhat.com>
|
|\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
play kube: don't force-pull infra image
|
|/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Do not force-pull the infra image in `play kube` but let the backend
take care of that when creating the pod(s) which may build a local
`podman-pause` image instead of using the default infra image.
Fixes: #12254
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Cirrus: Update to Ubuntu 21.10 + Disable F33
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
With F35 released, F33 is officially dead. Move it out of the way
temporarily until F35 VM images are ready.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
[ci:docs] Add Static Build download instructions to README
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
[NO NEW TEST NEEDED]
Signed-off-by: Gábor Lipták <gliptak@gmail.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
libpod: create /etc/mtab safely
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
make sure the /etc/mtab symlink is created inside the rootfs when /etc
is a symlink.
Closes: https://github.com/containers/podman/issues/12189
[NO NEW TESTS NEEDED] there is already a test case
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \ \ \ \ \
| |_|_|/ / / /
|/| | | | | | |
rootless: adjust error message
|