| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman update allows users to change the cgroup configuration of an existing container using the already defined resource limits flags
from podman create/run. The supported flags in crun are:
this command is also now supported in the libpod api via the /libpod/containers/<CID>/update endpoint where
the resource limits are passed inthe request body and follow the OCI resource spec format
–memory
–cpus
–cpuset-cpus
–cpuset-mems
–memory-swap
–memory-reservation
–cpu-shares
–cpu-quota
–cpu-period
–blkio-weight
–cpu-rt-period
–cpu-rt-runtime
-device-read-bps
-device-write-bps
-device-read-iops
-device-write-iops
-memory-swappiness
-blkio-weight-device
resolves #15067
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|
|
|
| |
Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
if we are running in a container in the root cgroup, Podman tries to
move itself to a sub-cgroup. This could be a problem in a setup where
the cgroups are not writeable, so just log a debug message and
continue, since anyway it is a best-effort operation.
Closes: https://github.com/containers/podman/issues/15498
[NO NEW TESTS NEEDED]
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|
|
|
|
|
| |
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
|\
| |
| | |
podman image trust overhaul, incl. sigstore
|
| |
| |
| |
| |
| |
| |
| |
| | |
NOTE: This does not edit the use-sigstore-attachments value
in registries.d, similarly to how (podman image trust set) didn't
set the lookaside paths for simple signing.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
the `podman save` command was failing on windows due to the use of a
colon between the drive letter and first directory. the check was
intended for Linux and not windows.
Fixes #15247
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
run,create: add support for `--env-merge` for preprocessing default environment variables
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow end users to preprocess default environment variables before
injecting them into container using `--env-merge`
Usage
```
podman run -it --rm --env-merge some=${some}-edit --env-merge
some2=${some2}-edit2 myimage sh
```
Closes: https://github.com/containers/podman/issues/15288
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \
| |/
|/| |
Simplify ImagesPull for when Quiet flag is on
|
| |
| |
| |
| | |
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
| |
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED]
Signed-off-by: Vladimir Kochnev <hashtable@yandex.ru>
|
|\ \
| | |
| | | |
Improved Windows compatibility
|
| | |
| | |
| | |
| | | |
Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
|
|\ \ \
| | | |
| | | | |
Refactor: About the RawInput process
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Refactor the RawInput process of the `rm` and
`start` subcommands, like the other subcommands
such as `restart, stop, etc`.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|\ \ \
| | | |
| | | | |
podman kube play/down --read from URL
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
`podman kube play` can create pods and containers from YAML
read from a URL poiniting to a YAML file.
For example: `podman kube play https://example.com/demo.yml`.
`podman kube down` can also teardown pods and containers created
from that YAML file by also reading YAML from a URL, provided the
YAML file the URL points to has not been changed or altered since
it was used to create pods and containers
Closes #14955
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Support inspecting image healthcheck using docker supported
`.Config.HealthCheck` by aliasing field to `.HealthCheck`
Now supports
```Console
podman image inspect -f "{{.Config.Healthcheck}}" imagename
```
Closes: https://github.com/containers/podman/issues/14661
Signed-off-by: Aditya R <arajan@redhat.com>
|
|\ \
| | |
| | | |
Add quiet/q flag to podman secret ls
|
| |/
| |
| |
| |
| |
| |
| | |
Add quiet/q flag to podman secret ls, which will print only the secret
ID.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \
| | |
| | | |
podman secret create -d alias --driver, inspect -f alias --format: Docker compatibity
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
podman save: update --compress validation
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Hoang Thanh VO <111461555+ht-vo@users.noreply.github.com>
|
| |_|/
|/| |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
|
|\ \ \
| | | |
| | | | |
Add podman stats --no-trunc option
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is for compatibility with Docker.
Partial fix for https://github.com/containers/podman/issues/14917
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ /
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Fix podman kube generate --help to show correct help message
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add restart --cidfile, --filter
|
| | |
| | |
| | |
| | |
| | | |
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
--cidfile : Read container ID from the specified file and restart the container.
--filter : restart the filtered container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| | |
Accept a --amend flag in `podman manifest create`, and treat
`--insecure` as we would `--tls-verify=false` in `podman manifest`'s
"add", "create", and "push" subcommands.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \
| | |
| | | |
Add compatibility support for --debug flag from docker
|
| |/
| |
| |
| |
| |
| | |
This is another fix for https://github.com/containers/podman/issues/14917
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add "podman kube generate" command
|
| |/
| |
| |
| |
| |
| |
| |
| | |
"podman kube generate" creates Kubernetes YAML from Podman containers,
pods or volumes. Users will still be able to use "podman generate
kube" as an alias of "kube generate".
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
|/
|
|
|
| |
Fixes one of the issues found in https://github.com/containers/podman/issues/14917
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Integrate sd-notify policies into `kube play`. The policies can be
configured for all contianers via the `io.containers.sdnotify`
annotation or for indidivual containers via the
`io.containers.sdnotify/$name` annotation.
The `kube play` process will wait for all containers to be ready by
waiting for the individual `READY=1` messages which are received via
the `pkg/systemd/notifyproxy` proxy mechanism.
Also update the simple "container" sd-notify test as it did not fully
test the expected behavior which became obvious when adding the new
tests.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\
| |
| | |
podman generate spec
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
implement a new command `podman generate spec` which can formulate a json specgen to be consumed by both the pod
and container creation API.
supported flags are
--verbose (default true) print output to the terminal
--compact print the json output in a single line format to be piped to the API
--filename put the output in a file
--clone rename the pod/ctr in the spec so it won't conflict w/ an existing entity
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
podman ssh work, using new c/common interface
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
implement new ssh interface into podman
this completely redesigns the entire functionality of podman image scp,
podman system connection add, and podman --remote. All references to golang.org/x/crypto/ssh
have been moved to common as have native ssh/scp execs and the new usage of the sftp package.
this PR adds a global flag, --ssh to podman which has two valid inputs `golang` and `native` where golang is the default.
Users should not notice any difference in their everyday workflows if they continue using the golang option. UNLESS they have been using an improperly verified ssh key, this will now fail. This is because podman was incorrectly using the
ssh callback method to IGNORE the ssh known hosts file which is very insecure and golang tells you not yo use this in production.
The native paths allows for immense flexibility, with a new containers.conf field `SSH_CONFIG` that specifies a specific ssh config file to be used in all operations. Else the users ~/.ssh/config file will be used.
podman --remote currently only uses the golang path, given its deep interconnection with dialing multiple clients and urls.
My goal after this PR is to go back and abstract the idea of podman --remote from golang's dialed clients, as it should not be so intrinsically connected. Overall, this is a v1 of a long process of offering native ssh, and one that covers some good ground with podman system connection add and podman image scp.
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Add interface for apple hypervisor
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The new apple silicon processesors (m1/m2) are capable of using a performent apple
hypervisor (included in macos). Our "virtual providers" for podman
machine are part of an interface design. This PR provides an
implementation of the interface to begin the work for supporting the
apple hypervisor. It is basically only a skeletal PR.
The actual code for using the hypervisor and launching a machine will
come as several new PRs following the inclusion of this one.
There will likely be code reuse between the applehv and qemu code; but
none of that code is being moved at this time. It will be moved "on
demand" during development.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Bump to Buildah v1.27.0
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|