summaryrefslogtreecommitdiff
path: root/cmd/podman
Commit message (Collapse)AuthorAge
* Merge pull request #4493 from mheon/add_removing_stateOpenShift Merge Robot2019-12-02
|\ | | | | Add ContainerStateRemoving
| * Add ContainerStateRemovingMatthew Heon2019-11-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When Libpod removes a container, there is the possibility that removal will not fully succeed. The most notable problems are storage issues, where the container cannot be removed from c/storage. When this occurs, we were faced with a choice. We can keep the container in the state, appearing in `podman ps` and available for other API operations, but likely unable to do any of them as it's been partially removed. Or we can remove it very early and clean up after it's already gone. We have, until now, used the second approach. The problem that arises is intermittent problems removing storage. We end up removing a container, failing to remove its storage, and ending up with a container permanently stuck in c/storage that we can't remove with the normal Podman CLI, can't use the name of, and generally can't interact with. A notable cause is when Podman is hit by a SIGKILL midway through removal, which can consistently cause `podman rm` to fail to remove storage. We now add a new state for containers that are in the process of being removed, ContainerStateRemoving. We set this at the beginning of the removal process. It notifies Podman that the container cannot be used anymore, but preserves it in the DB until it is fully removed. This will allow Remove to be run on these containers again, which should successfully remove storage if it fails. Fixes #3906 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #4558 from rhatdan/resetOpenShift Merge Robot2019-11-29
|\ \ | | | | | | Add podman system reset command
| * | Add podman system reset commandDaniel J Walsh2019-11-29
| | | | | | | | | | | | | | | | | | | | | This command will destroy all data created via podman. It will remove containers, images, volumes, pods. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Do not initialize store on rootless podmanSascha Grunert2019-11-29
|/ / | | | | | | | | | | | | | | | | This fixes a double-locking issue of the container storage when running rootless podman. Closes #4591 Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | Merge pull request #4568 from openSUSE/historyOpenShift Merge Robot2019-11-27
|\ \ | | | | | | Add support for image name history
| * | Add support for image name historySascha Grunert2019-11-27
| | | | | | | | | | | | | | | | | | | | | | | | We leverage the containers/storage image history tracking feature to show the previously used image names when running: `podman images --history` Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #4443 from QiWang19/prune_podOpenShift Merge Robot2019-11-26
|\ \ \ | | | | | | | | Remove containers when pod prune & pod rm.
| * | | Remove containers when pruning a stopped pod.Qi Wang2019-11-26
| |/ / | | | | | | | | | | | | | | | | | | This path allows pod prune & pod rm to remove stopped containers in the pod before deleting the pod. PrunePods and RemovePod should be able to remove containers without force removal of stopped pods. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #4475 from rhatdan/tmpdirOpenShift Merge Robot2019-11-26
|\ \ \ | |/ / |/| | Add missing information to podman.1 man page
| * | Add missing information to podman.1 man pageDaniel J Walsh2019-11-08
| | | | | | | | | | | | | | | | | | | | | | | | Add missing options. Define the use of the TMPDIR environment variable for the storing of container images when they are being pulled to the system. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #4514 from mheon/discard_cleanup_errorsOpenShift Merge Robot2019-11-26
|\ \ \ | | | | | | | | Discard errors from Shutdown in `system renumber`
| * | | Discard errors from Shutdown in `system renumber`Matthew Heon2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Every other Podman command discards errors from Shutdown, which will error if containers are running. Mirror that behavior, just ignore the errors. Signed-off-by: Matthew Heon <mheon@redhat.com>
* | | | podman {pod,} rm/stop: add --ignore flagValentin Rothberg2019-11-25
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add an --ignore flag to podman rm and stop. When specified, Podman will ignore "no such {container,pod}" errors that occur when a specified container/pod is not present in the store (anymore). The motivation behind adding this flag is to write more robust systemd services using Podman. A user might have manually decided to remove a container/pod which would lead to a failure during the `ExecStop` directive of a systemd service referencing that container/pod. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #4512 from kunalkushwaha/prune-filterOpenShift Merge Robot2019-11-22
|\ \ \ | |_|/ |/| | image prune command fixed as per docker image prune.
| * | filter added to image pruge command.Kunal Kushwaha2019-11-22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | filter option accepts two filters. - label - until label supports "label=value" or "label=key=value" format until supports all golang compatible time/duration formats. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
| * | warning added before image prune commandKunal Kushwaha2019-11-12
| | | | | | | | | | | | | | | | | | | | | Warning message added before executing image prune Added a force option, to execute without user input. Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
* | | Merge pull request #4523 from vrothberg/systemd-improvementsOpenShift Merge Robot2019-11-19
|\ \ \ | | | | | | | | podman rm/stop --cidfile
| * | | podman rm/stop --cidfileValentin Rothberg2019-11-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a --cidfile flag to podman rm/stop to pass a container ID via a file. Podman run already provides the functionaly to store the ID in a specified file which we now complete with rm/stop. This allows for a better life-cycle management in systemd services. Note that --cdifile can be specified multiple times to rm/stop. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4505 from vrothberg/archOpenShift Merge Robot2019-11-16
|\ \ \ \ | | | | | | | | | | container create: os/arch check
| * | | | container create: os/arch checkValentin Rothberg2019-11-12
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | Unless explicitely overridden, check if the image's OS and architecture and throw an errors in case of a mismatch. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #4368 from haircommander/pod-annotationsOpenShift Merge Robot2019-11-15
|\ \ \ \ | |_|/ / |/| | | Add pod annotations to container
| * | | Add pod annotations to containerPeter Hunt2019-11-08
| | | | | | | | | | | | | | | | | | | | | | | | We have the annotations SandboxID, let's use them. This also allows kata containers to be created in pods and share a VM with the infra container. Note: as of now, this sharing only works if the pod has an infra container Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | codespell: spelling correctionsDmitry Smirnov2019-11-13
| |/ / |/| | | | | | | | Signed-off-by: Dmitry Smirnov <onlyjob@member.fsf.org>
* | | Merge pull request #4408 from slimjim2234/masterOpenShift Merge Robot2019-11-08
|\ \ \ | | | | | | | | Fixed issue #4391; podman info --format '{{ json . }}'
| * | | Fixed the JSON go template format for the 'info' actionJimmy Crumpler2019-11-01
| | | | | | | | | | | | | | | | Signed-off-by: Jimmy Crumpler <slimjim2234@gmail.com>
* | | | Merge pull request #4337 from QiWang19/check_auth_pathOpenShift Merge Robot2019-11-08
|\ \ \ \ | | | | | | | | | | fix bug check nonexist authfile
| * | | | fix bug check nonexist authfileQi Wang2019-11-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use GetDefaultAuthFile() from buildah. For podman command(except login), if authfile does not exist returns error. close #4328 Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | | Merge pull request #4427 from rst0git/docs-rm-vOpenShift Merge Robot2019-11-08
|\ \ \ \ \ | |_|_|/ / |/| | | | docs: Update "podman container rm -v" description
| * | | | docs: Update "podman container rm -v" descriptionRadostin Stoyanov2019-11-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In commit 52df1fa (Fix volume handling in podman) was implemented the --volume option for podman remove. However, its behaviour changed after 83db80c (Only remove image volumes when removing containers). This commit updates the description of this option to reflect the new behaviour. Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
* | | | | Split up create config handling of namespaces and securityPeter Hunt2019-11-07
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | As it stands, createconfig is a huge struct. This works fine when the only caller is when we create a container with a fully created config. However, if we wish to share code for security and namespace configuration, a single large struct becomes unweildy, as well as difficult to configure with the single createConfigToOCISpec function. This PR breaks up namespace and security configuration into their own structs, with the eventual goal of allowing the namespace/security fields to be configured by the pod create cli, and allow the infra container to share this with the pod's containers. Signed-off-by: Peter Hunt <pehunt@redhat.com>
* | | | Merge pull request #4451 from giuseppe/set-macOpenShift Merge Robot2019-11-07
|\ \ \ \ | | | | | | | | | | podman: add support for specifying MAC
| * | | | podman: add support for specifying MACJakub Filak2019-11-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I basically copied and adapted the statements for setting IP. Closes #1136 Signed-off-by: Jakub Filak <jakub.filak@sap.com>
* | | | | Merge pull request #4468 from nalind/image-digestsOpenShift Merge Robot2019-11-07
|\ \ \ \ \ | | | | | | | | | | | | podman images --digest: always list a digest
| * | | | | podman images --digest: always list a digestNalin Dahyabhai2019-11-06
| |/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When we're asked to display image digests, always provide them if we have values that we can provide. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
* | | | | Merge pull request #4441 from rhatdan/detachOpenShift Merge Robot2019-11-07
|\ \ \ \ \ | |/ / / / |/| | | | Allow users to disable detach keys
| * | | | Allow users to disable detach keysDaniel J Walsh2019-11-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If user specifies --detach-keys="", this will disable the feature. Adding define.DefaultDetachKeys to help screen to help identify detach keys. Updated man pages with additonal information. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | | help message: don't parse the config for cgroup-manager defaultValentin Rothberg2019-11-06
| |_|/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not generate an entire `config.Config` for displaying the default value for the --cgroup-manager flag and just default to systemd. Not using the `config.Config` is okay as 1) the value may change at runtime in any case (rootless, DBUS access, etc.), 2) it avoids to redundantly parse the system config files and to generate the hard-coded default config, and 3) the log-level and other attributes are not yet set during init() causing undesirable side effects. Fixes: #4456 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | namespaces: by default create cgroupns on cgroups v2Giuseppe Scrivano2019-11-05
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | change the default on cgroups v2 and create a new cgroup namespace. When a cgroup namespace is used, processes inside the namespace are only able to see cgroup paths relative to the cgroup namespace root and not have full visibility on all the cgroups present on the system. The previous behaviour is maintained on a cgroups v1 host, where a cgroup namespace is not created by default. Closes: https://github.com/containers/libpod/issues/4363 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* / / Validate contextdir on buildTomSweeneyRedHat2019-11-01
|/ / | | | | | | | | | | | | | | | | | | | | We never verified that the context directory passed into the build command was a valid directory. When we then slapped a default Containerfile name onto it, things went south fast if the user had passed us a file and not a directory. Fixes: #4383 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* | Merge pull request #4404 from jwhonce/wip/panicOpenShift Merge Robot2019-11-01
|\ \ | | | | | | Refactor test to prevent panic
| * | Refactor test to prevent panicJhon Honce2019-10-31
| | | | | | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | logs: support --tail 0Giuseppe Scrivano2019-10-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | change the default to -1, so that we can change the semantic of "--tail 0" to not print any existing log line. Closes: https://github.com/containers/libpod/issues/4396 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | | Merge pull request #4352 from vrothberg/config-packageOpenShift Merge Robot2019-10-31
|\ \ \ | | | | | | | | refactor libpod config into libpod/config
| * | | add libpod/configValentin Rothberg2019-10-31
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the `RuntimeConfig` along with related code from libpod into libpod/config. Note that this is a first step of consolidating code into more coherent packages to make the code more maintainable and less prone to regressions on the long runs. Some libpod definitions were moved to `libpod/define` to resolve circular dependencies. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | / Fix cp from pipeAleksey Chudov2019-10-30
| |/ |/| | | | | Signed-off-by: Aleksey Chudov <aleksey.chudov@gmail.com>
* | Merge pull request #4369 from baude/golandautocodecorrectionsOpenShift Merge Robot2019-10-30
|\ \ | |/ |/| goland autocorrections
| * goland autocorrectionsbaude2019-10-29
| | | | | | | | | | | | | | just ran the autocorrect code corrections from goland and it found a few nits. Signed-off-by: baude <bbaude@redhat.com>
* | Set default seccomp.json file for podman play kubeDaniel J Walsh2019-10-29
| | | | | | | | | | | | | | Currently podman play kube is not using the system default seccomp.json file. This PR will use the default or override location for podman play. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | images: distinguish between tags and digestsNalin Dahyabhai2019-10-29
| | | | | | | | | | | | | | | | Generate an image's RepoDigests list using all applicable digests, and refrain from outputting a digest in the tag column of the "images" output. Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>