| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
| |
* Stop closing net.Listener() twice on interrupt
* Do not report error if closing server twice
Fixes #5311
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
Add basic deadlock detection for container start/remove
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We can easily tell if we're going to deadlock by comparing lock
IDs before actually taking the lock. Add a few checks for this in
common places where deadlocks might occur.
This does not yet cover pod operations, where detection is more
difficult (and costly) due to the number of locks being involved
being higher than 2.
Also, add some error wrapping on the Podman side, so we can tell
people to use `system renumber` when it occurs.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
otherwise it triggers the config file initialization from
vendor/github.com/containers/common/pkg/config before the init() in
main.go can set correctly XDG_RUNTIME_DIR and DBUS_SESSION_BUS_ADDRESS
when they are missing.
commit 96de762eedd1470dfbe73cf424eea848589268d7 introduced the
regression.
Closes: https://github.com/containers/libpod/issues/5314
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
fix port list by container with port
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
1) Help message for podman port was missing [PORT]
2) Add test for 'podman port'. And, actually, an entire
networking test that I'd written some weeks ago but
apparently didn't 'git add'.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
code was erronously misinterpretting the port as a containername.
Fixes: #1791832
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well.
Fixes: #5299
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
* Make context keys package safe
* Add support for PODMAN_HOST and PODMAN_SSHKEY
* Add slight increasing delay when client connections fail
* Remove usages of path.Join(), added JoinURL(). '/' is not OS
dependent.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
Warn user about --password cli option in login
|
| |
| |
| |
| | |
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
|
|\ \
| | |
| | | |
Update to the latest version of buildah
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Add network opts to pods
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Enables most of the network-related functionality from
`podman run` in `podman pod create`. Custom CNI networks can be
specified, host networking is supported, DNS options can be
configured.
Also enables host networking in `podman play kube`.
Fixes #2808
Fixes #3837
Fixes #4432
Fixes #4718
Fixes #4770
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
config: use built-in TOML merge and adhere to label setting
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Set the (default) process labels in `pkg/spec`. This way, we can also
query libpod.conf and disable labeling if needed.
Fixes: #5087
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
fix mandatory parameter in login/logout
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
fix #5146
Insted of using a registry as mandatory parameter, this path allows podman to use the first registry from registries.conf.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Misc typo fixes
|
| |/
| |
| |
| | |
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
|
|\ \
| | |
| | | |
podman-ps: support image IDs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Support printing image IDs via `--format "{{.ImageID}}"`.
Fixes: #5160
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
On panic from handler: log warning and stack trace, report
InternalServerError to client
When using `podman system service` make determining the listening endpoint deterministic.
// When determining _*THE*_ listening endpoint --
// 1) User input wins always
// 2) systemd socket activation
// 3) rootless honors XDG_RUNTIME_DIR
// 4) if varlink -- adapter.DefaultVarlinkAddress
// 5) lastly adapter.DefaultAPIAddress
Fixes #5150
Fixes #5151
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \
| |/
|/| |
Update documentation of commit command to show image reference is optional
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Following
Commit ba1d1304a67b ("make image reference for commit optional")
Updates usage text used by cobra and markdown document used to generate MAN page.
Fixes: #5145
Signed-off-by: Allan Jacquet-Cretides <allan.jacquet@gmail.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We attempted to share all logic for parsing labels and
environment variables, which on the surface makes lots of sense
(both are formatted key=value so parsing logic should be
identical) but has begun to fall apart now that we have added
additional logic to environment variable handling. Environment
variables that are unset, for example, are looked up against
environment variables set for the process. We don't want this for
labels, so we have to split parsing logic.
Fixes #3854
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
Only set --all when a status filter is given to ps
|
| |
| |
| |
| |
| |
| |
| |
| | |
The changes in #5075 turn out to be too aggressive; we should
only be setting --all if a status= filter is given. Otherwise
only running containers are filtered.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
images --format compatible with docker
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch lets valid values of --format be compatible with docker. Replace CreatedTime with CreatedAt, Created with CreatedSince.
Keep CreatedTime and Created are valid as hidden options.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| |_|/
|/| | |
support device-cgroup-rule
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
fix #4876
Add `--device-cgroup-rule` to podman create and run. This enables to add device rules after the container has been created.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add pkg/seccomp to consolidate all seccomp-policy related code which is
currently scattered across multiple packages and complicating the
creatconfig refactoring.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
Refactor and simplify the code in cmd/podman/pull.go to address a couple
of issues w.r.t. how the arguments were passed. Also make sure to
always use the c/image API for parsing instead of working around it.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
v2 api: /libpod/images/{import,load,pull}
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implement the /libpod/images/pull endpoint and correct the swagger docs.
The reference parameter is mandatory and must either be a
c/image/docker/reference or a reference to the "docker://" transport as
the pull endpoint is meant to only support pulling images from a
registry.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
Rewire ListContainers for APIv2 libpod
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
consumers of the api remarked how they would prefer a more strongly typed data structure from list containers oon the libpod side of things. for example, events should be consumable and consistent timestamps. also, for the sake of compatibility, it is helpful to have the json named atttributes for Id to not be ID.
listcontainers on the libpod side no longer strongly uses the the ps cli to obtain information but we do benefit from turning on the ability to list the last X containers, something CLI does not have yet. we also flipped the bit on defaulting to truncated output in the return.
thanks to the efforts of the cockpit team to help us here.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relax the os/arch checks when creating a container and only info-log
mismatches instead of erroring out. There are too many images used
in the wild which do not set their arch correctly correctly. Erroring
out has hit users sufficiently enough to justify relaxing the errors
and only log to at least inform the users and image vendors.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
The validation logic was failing on properly-formatted changes.
There's already validation in Commit itself, so no need to
duplicate.
Fixes #5148
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
| |
This makes the code easier to read but should not change the overall
behavior.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|
|
|
|
|
| |
Fixes #5108
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
Special case memory-swap=-1
|
| |
| |
| |
| |
| |
| |
| | |
We document that memory-swap==-1 means unlimited, but currently we
won't allow the user to specify the -1 value.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Force --all when --filter is passed to podman ps
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When we filter, it should be out of all containers, not just
running ones, by default - this is necessary to ensure Docker
compatability.
Fixes #5050
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman does select the wrong Containerfile if the current working
directory contains a Containerfile but we specify one from a different
location.
Reproducer:
```
> mkdir 1
> echo FROM scratch > Containerfile
> echo FROM golang > 1/Containerfile
> podman build -f 1/Containerfile -t test
STEP 1: FROM scratch
```
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this pr splits off some of the network container create options into a different flag set. the options in question are:
--add-host
--dns
--dns-opt
--dns-search
--ip
--mac-address
--network
--no-hosts
--publish
in the future, these options are going to be added to the pod create flags. this makes that transition easier and provides for less code duplication.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|