| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Rework port code for generalized clean up and to address
issue #269 where additional portbindings between host
and containers we being introduced by error.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #308
Approved by: mheon
|
| |
|
|
|
|
|
|
|
| |
sysfs should be mounted rw for a privileged container.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #279
Approved by: rhatdan
|
| |
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #135
Approved by: mheon
|
| |\
| |
| | |
Set default configuration container type annotation to sandbox
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This allows podman to provide sufficient hints to
start containers with Intel Clear Containers:
https://github.com/clearcontainers/runtime/blob/master/docs/architecture/architecture.md#oci-annotations
Signed-off-by: Naadir Jeewa <naadir@randomvariable.co.uk>
|
| |/
|
|
|
|
|
|
|
|
| |
When network == none, the container should only have a
loopback interface and that's it.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #176
Approved by: baude
|
| |
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #255
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Set up nbetworking ports for the following use cases:
* bind the same port between host and container
* bind a specific host port to a different container port
* bind a random host port to a specific container port
Signed-off-by: baude <bbaude@redhat.com>
Closes: #214
Approved by: baude
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Each of these options are destructive in nature, meaning if the user
adds one of them, all current ones are removed from the produced
resolv.conf.
* dns-server allows the user to specify dns servers.
* dns-opt allows the user to specify special resolv.conf options
* dns-search allows the user to specify search domains
The add-host option is not destructive and truly just adds the host
to /etc/hosts.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #231
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If user does not specify seccomp file or seccomp file does not exist,
then use the default seccomp settings.
Still need to not hard code /etc/crio/seccomp.json, should move this to
/usr/share/seccomp/seccomp.json
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #233
Approved by: baude
|
| |
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #220
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
| |
Remove existing code for sharing namespaces and replace with use
of this API
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #220
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
| |
memory, memory-reservation, memory-swap, memory-swappiness, kernel-memory,
cpu-period, cou-quota, cpu-shares, cpus, cpuset-cpus, cpuset-mems,
blkio-weight, blkio-weight-device, sysctl, and ulimit
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #221
Approved by: mheon
|
| |
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #206
Approved by: TomSweeneyRedHat
|
| |
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #204
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
| |
We should be pulling information out of the image to set the
defaults to use when setting up the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #110
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
|
| |
Allow for the user to specify network=host|bridge. If network
is not specified, the default will be bridge. While "none" is now
a valid option, it is not included in this.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #164
Approved by: rhatdan
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
podman run/create have the ability to set the stop timeout flag.
We need to stop it in the database.
Also Allowing negative time for stop timeout makes no sense, so switching
to timeout of uint, allows user to specify huge timeout values.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #158
Approved by: TomSweeneyRedHat
|
| |
|
|
|
|
|
|
|
|
|
| |
Stop Signal from kpod create/run was not fully plumbed in,
This will pass the stopsignal into the container database on
create and run of containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #156
Approved by: mheon
|
| |
|
|
|
|
|
|
|
|
| |
Also add --quiet option to kpod create/run since
this will help with writing tests.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #140
Approved by: TomSweeneyRedHat
|
| |
|
|
|
|
|
|
|
|
|
| |
Need to pull in the latest containers/storage and containers/image to fix lots of
issues. Also want to update runtime-tools to take advantage of newer generate
code.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #152
Approved by: rhatdan
|
|
|
The decision is in, kpod is going to be named podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #145
Approved by: umohnani8
|
