aboutsummaryrefslogtreecommitdiff
path: root/cmd/podman/run.go
Commit message (Collapse)AuthorAge
* Usage messages: deduplicate '(default true)' et alEd Santiago2019-03-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Remove hardcoded '(default: true)' strings from bool flags, and '(default this-or-that)' from string flags. First because it's unmaintainable duplication that would cause confusion should someone ever change the default and not notice the message. Second, because cobra[1] already prints '(default XXXX)' for all options with non-false non-nil default. So in each of these cases, current podman help behavior is: $ podman login --help ... --tls-verify Require HTTPS ... (default: true) (default true) This PR eliminates that duplication. [1] actually spf13/pflag/flag.go The only nontrivial one of these is start.go, where the default for sigProxy depends on the --attach flag. Solution: change the command-line default to false, and implement the new conditional default in logic. Bonus: removed unnecessary check, because now if sigProxy is set without --attach, we can guarantee that it was done by the user. But please pay close scrutiny to this particular section in case there's something I missed. Signed-off-by: Ed Santiago <santiago@redhat.com>
* rm: fix cleanup raceGiuseppe Scrivano2019-03-13
| | | | | | | | | | | | | we fire the cleanup process asynchronously so we might race with a command like: podman run --rm --name foo ... && podman run --rm --name foo Fix it by ensuring the container is deleted before we exit. This will race with the "cleanup" process, but it is fine as one of the two commands will fail with ErrNoSuchCtr while the other succeeds. Closes: https://github.com/containers/libpod/issues/2619 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* preparation for remote-client create containerbaude2019-03-11
| | | | | | | | | to prepare for being able to remotely run a container, we need to perform a refactor to get code out of main because it is not reusable. the shared location is a good starting spot though eventually some will likely end up in pkg/spec/ at some point. Signed-off-by: baude <bbaude@redhat.com>
* Fix help commands to show short and long description.Daniel J Walsh2019-03-07
| | | | | | Cleanup lots of help information to look good when displayed. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Better usage synopses for subcommandsEd Santiago2019-02-26
| | | | | | | Conceptually simple: include, where applicable, a brief description of command-line options for each subcommand. Signed-off-by: Ed Santiago <santiago@redhat.com>
* OpenTracing support added to start, stop, run, create, pull, and psSebastian Jug2019-02-18
| | | | | | Drop context.Context field from cli.Context Signed-off-by: Sebastian Jug <sejug@redhat.com>
* Merge pull request #2357 from TomSweeneyRedHat/dev/tsweeney/cobrahelp3OpenShift Merge Robot2019-02-17
|\ | | | | Add 3rd chunk of Cobra examples
| * Add 3rd chunk of Cobra examplesTomSweeneyRedHat2019-02-17
| | | | | | | | | | | | | | | | | | | | Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com> Adds the third chunk of Cobra examples to the cli help. As were putting together a release tomorrow, tried to hit the heavy commands with this PR. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | pod infra container is started before a container in a pod is run, started, ↵Peter Hunt2019-02-15
|/ | | | | | | | | | or attached. Prior, a pod would have to be started immediately when created, leading to confusion about what a pod state should be immediately after creation. The problem was podman run --pod ... would error out if the infra container wasn't started (as it is a dependency). Fix this by allowing for recursive start, where each of the container's dependencies are started prior to the new container. This is only applied to the case where a new container is attached to a pod. Also rework container_api Start, StartAndAttach, and Init functions, as there was some duplicated code, which made addressing the problem easier to fix. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* Fix volume handling in podmanDaniel J Walsh2019-02-14
| | | | | | | | | | | | | | | | | | iFix builtin volumes to work with podman volume Currently builtin volumes are not recored in podman volumes when they are created automatically. This patch fixes this. Remove container volumes when requested Currently the --volume option on podman remove does nothing. This will implement the changes needed to remove the volumes if the user requests it. When removing a volume make sure that no container uses the volume. Signed-off-by: Daniel J Walsh dwalsh@redhat.com Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Address review comments on #2319Matthew Heon2019-02-12
| | | | Signed-off-by: Matthew Heon <mheon@redhat.com>
* Retain a copy of container exit file on cleanupMatthew Heon2019-02-12
| | | | | | | | | | | | | | | | | | When cleaning up containers, we presently remove the exit file created by Conmon, to ensure that if we restart the container, we won't have conflicts when Conmon tries writing a new exit file. Unfortunately, we need to retain that exit file (at least until we get a workable events system), so we can read it in cases where the container has been removed before 'podman run' can read its exit code. So instead of removing it, rename it, so there's no conflict with Conmon, and we can still read it later. Fixes: #1640 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Fix manual detach from containers to not wait for exitMatthew Heon2019-02-12
| | | | | | | | | | | | | | | | | | | | | | | | | At present, when manually detaching from an attached container (using the detach hotkeys, default C-p C-q), Podman will still wait for the container to exit to obtain its exit code (so we can set Podman's exit code to match). This is correct in the case where attach finished because the container exited, but very wrong for the manual detach case. As a result of this, we can no longer guarantee that the cleanup and --rm functions will fire at the end of 'podman run' - we may be exiting before we get that far. Cleanup is easy enough - we swap to unconditionally using the cleanup processes we've used for detached and rootless containers all along. To duplicate --rm we need to also teach 'podman cleanup' to optionally remove containers instead of cleaning them up. (There is an argument for just using 'podman rm' instead of 'podman cleanup --rm', but cleanup does have different semantics given that we only ever expect it to run when the container has just exited. I think it might be useful to keep the two separate for things like 'podman events'...) Signed-off-by: Matthew Heon <mheon@redhat.com>
* Don't show global flags except for podman commandDaniel J Walsh2019-02-12
| | | | | | | | | Subcommands should not be showing the global flags. This causes the important information to scroll off the screen. Also fixed a typo on runCommmand (Too many 'm's) Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Separate remote and local commandsbaude2019-02-11
| | | | | | | | In the previous CLI, we had an accurate depiction of commands available for the remote client and those available for the local client. Signed-off-by: baude <bbaude@redhat.com>
* Migrate to cobra CLIbaude2019-02-08
| | | | | | | | We intend to migrate to the cobra cli from urfave/cli because the project is more well maintained. There are also some technical reasons as well which extend into our remote client work. Signed-off-by: baude <bbaude@redhat.com>
* Capatilize all usage and descriptionsDaniel J Walsh2019-02-05
| | | | | | | | | We have no consistancy in out option usages and descritions on whether or not the first letter should be capatalized. This patch forces them all to be capatilized. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add podman system prune and info commandsDaniel J Walsh2019-02-05
| | | | | | | | | We are missing the equivalence of the docker system commands This patch set adds `podman system prune` and `podman system info` Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* failed containers with --rm should remove themselvesbaude2018-12-12
| | | | | | | | | | when starting or running a container that has --rm, if the starting container fails (like due to an invalid command), the container should get removed. Resolves: #1985 Signed-off-by: baude <bbaude@redhat.com>
* Move rootless storage config into libpodMatthew Heon2018-12-02
| | | | | | | | | | | | | | Previous commits ensured that we would use database-configured paths if not explicitly overridden. However, our runtime generation did unconditionally override storage config, which made this useless. Move rootless storage configuration setup to libpod, and change storage setup so we only override if a setting is explicitly set, so we can still override what we want. Signed-off-by: Matthew Heon <mheon@redhat.com>
* --interactive shall keep STDIN attached even when not explicitly called outŠimon Lukašík2018-11-03
| | | | | | | | | | | | | | Addressing: podman run -it -a STDERR --rm alpine /bin/ash hanging. As we droped stdin as soon as -a was used. Notice this is contrary to what D-tool does and contrary to what podman help implies: podman run --help | grep interact --interactive, -i Keep STDIN open even if not attached Signed-off-by: Šimon Lukašík <slukasik@redhat.com>
* Sort all command flagsQi Wang2018-10-11
| | | | Signed-off-by: Qi Wang <qiwan@redhat.com>
* Add ContainerStateExited and OCI delete() in cleanup()Matthew Heon2018-10-02
| | | | | | | | | | | | | | | | To work better with Kata containers, we need to delete() from the OCI runtime as a part of cleanup, to ensure resources aren't retained longer than they need to be. To enable this, we need to add a new state to containers, ContainerStateExited. Containers transition from ContainerStateStopped to ContainerStateExited via cleanupRuntime which is invoked as part of cleanup(). A container in the Exited state is identical to Stopped, except it has been removed from the OCI runtime and thus will be handled differently when initializing the container. Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Refactor Wait() to not require a timeoutMatthew Heon2018-09-21
| | | | | | | | | | | We added a timeout for convenience, but most invocations don't care about it. Refactor it into WaitWithTimeout() and add a Wait() that doesn't require a timeout and uses the default. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1527 Approved by: mheon
* rootless: fix create with images not in the storageGiuseppe Scrivano2018-09-21
| | | | | | | | | | | | This chunk was mistakenly removed with ecec1a5430885baf96d2e3d6153c7454c41a4617 Introduce it back as it solves the pull of an image that is not yet in the storage when using create/run. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1521 Approved by: baude
* Merge pull request #1461 from rhatdan/runMatthew Heon2018-09-14
|\ | | | | Remove duplicate code between create.go and run.go
| * Remove duplicate code between create.go and run.goDaniel J Walsh2018-09-13
| | | | | | | | | | | | | | | | | | | | | | Create two new createInit for checking if the cotnainer is initialized correctly. createContainer which creates the actual container and containerConfig Also added libpodruntime.GetContainerRuntime to put common runtime code into separate function. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add --interval flag to podman waitDaniel J Walsh2018-09-13
|/ | | | | | | Waiting uses a lot of CPU, so drop back to checking once/second and allow user to pass in the interval. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* rootless: check uid with Geteuid() instead of Getuid()Giuseppe Scrivano2018-09-04
| | | | | | | | | | | | change the tests to use chroot to set a numeric UID/GID. Go syscall.Credential doesn't change the effective UID/GID of the process. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* rootless, run: support --podGiuseppe Scrivano2018-09-04
| | | | | | | | | | move re-exec later on, so that we can check whether we need to join the infra container user namespace or we need to create another one. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #1372 Approved by: mheon
* don't print help message for usage errorsValentin Rothberg2018-08-31
| | | | | | | | | | | | | | | | | Don't print potentially verbose help messages in case of usage errors, but print only the usage error followed by a pointer to the command's help. This aligns with Docker. ``` $ podman run -h flag needs an argument: -h See 'podman run --help'. ``` Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1379 Approved by: rhatdan
* run/create: reserve `-h` flag for hostnameValentin Rothberg2018-08-30
| | | | | | | | | | | Move the `-h` short flag from `--help` to `--hostname` for podman-run, podman-create and podman-pod-create to be compatible with Docker. Fixes: #1367 Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1373 Approved by: rhatdan
* switch projectatomic to containersDaniel J Walsh2018-08-16
| | | | | | | | | | Need to get some small changes into libpod to pull back into buildah to complete buildah transition. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1270 Approved by: mheon
* Cleanup descriptions and help informationDaniel J Walsh2018-07-27
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1167 Approved by: baude
* Need to wait for container to exit before completing run/start completesDaniel J Walsh2018-07-13
| | | | | | | | | | | | | This fixes a race condition where conmon is still writing the exit file and the container is exiting. Also we should not be ignoring the -a stdin flag if the user specifies --interactive mode. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1086 Approved by: baude
* Refactor podman/utils with a single container start and attach functionMarco Vedovati2018-07-06
| | | | | | | | | | | Use a single function startAttachCtr() to handle both container start with attach and attach to running containers, as the code handling the attach is common for the 2 use cases. Signed-off-by: Marco Vedovati <mvedovati@suse.com> Closes: #1025 Approved by: rhatdan
* Add `podman container cleanup` to CLIDaniel J Walsh2018-06-29
| | | | | | | | | | | | | When we run containers in detach mode, nothing cleans up the network stack or the mount points. This patch will tell conmon to execute the cleanup code when the container exits. It can also be called to attempt to cleanup previously running containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #942 Approved by: mheon
* Option handling has become large and should be a shared functionDaniel J Walsh2018-06-22
| | | | | | | | | | | Everytime we add a new option for create, we end up having to also add it to run, this makes it error prone. Moving these to the same function makes it easier to develop and prevents user mistakes. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #975 Approved by: mheon
* podman: use a different store for the rootless caseGiuseppe Scrivano2018-06-15
| | | | | | | | | so that the user has rw access to it. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #871 Approved by: mheon
* podman: accept option --rootfs to use exploded imagesGiuseppe Scrivano2018-06-15
| | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com> Closes: #871 Approved by: mheon
* Aliases do not work with IsSetDaniel J Walsh2018-06-12
| | | | | | | | | Have to specify all names. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #933 Approved by: baude
* libpod: Execute poststop hooks locallyW. Trevor King2018-06-04
| | | | | | | | | | | | Instead of delegating to the runtime, since some runtimes do not seem to handle these reliably [1]. [1]: https://github.com/projectatomic/libpod/issues/730#issuecomment-392959938 Signed-off-by: W. Trevor King <wking@tremily.us> Closes: #864 Approved by: rhatdan
* podman create, start, getattachsocketbaude2018-05-21
| | | | | | | | | First pass at implement API endpoints for create and start. Signed-off-by: baude <bbaude@redhat.com> Closes: #805 Approved by: baude
* Major fixes to systemd cgroup handlingMatthew Heon2018-05-11
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #507 Approved by: baude
* Make invalid state nonfatal when cleaning up in runMatthew Heon2018-05-04
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #726 Approved by: baude
* Begin wiring in USERNS Support into podmanDaniel J Walsh2018-05-04
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #690 Approved by: mheon
* varlink imagesbaude2018-04-26
| | | | | | | | | | | | | implement varlink image functions for working with libpod with the exception of a couple due to incompletions on the libpod side of things (build). also, created a first pass at a libpodpy package which will stand as a client to working with libpod's varlink methods using python. Signed-off-by: baude <bbaude@redhat.com> Closes: #669 Approved by: baude
* Vendor in latest containers/image and contaners/storageumohnani82018-04-19
| | | | | | | | | Made necessary changes to functions to include contex.Context wherever needed Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #640 Approved by: baude
* regression: tls verify should be set on registries.conf if insecurebaude2018-04-18
| | | | | | | | | | | In the case where podman needs to pull an image, if that registry that the image resides on is known to be insesure (as defined in /etc/containers/registries.conf), tls-verify should be altered on the fly. Signed-off-by: baude <bbaude@redhat.com> Closes: #626 Approved by: mheon
* Allow podman to exit exit codes of removed containersMatthew Heon2018-04-17
| | | | | | | | | | | | | | | We can read the exit file created by conmon to get the exit code instead of querying libpod. Also, do not error on cleanup if the container is already gone, as a completely removed container is definitely cleaned up. Resolves: #527 Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #632 Approved by: rhatdan