| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't use reexec for the rootlessport process, instead make it a
separate binary to reduce the memory usage. The problem with reexec is
that it will import all packages that podman uses and therefore loads a
lot of stuff into the heap. The rootlessport process however only needs
the rootlesskit library.
The memory usage is a concern since the rootlessport process will spawn
two process per container which has ports forwarded. The processes stay
until the container dies. On my laptop the current reexec version uses
47800 KB RSS. The new separate binary only uses 4540 KB RSS. This is
more than a 90% improvement.
The Makefile has been updated to compile the new binary and install it
to the libexec directory.
Fixes #10790
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Don't hardcode /usr/bin/podman in unit files: instead, use
template files with a path replaced at install time.
Because 'make' can be invoked repeatedly, with different
PREFIX, do not leave the generated files behind in our
work directory: wipe them immediately after install.
To get this to work, fix a longstanding bug in podman.spec.in,
a PREFIX that should've been DESTDIR.
Side note: #7023 made contrib/systemd/user a symlink
to .../system but did not update paths in Makefile.
The unrelated-looking path change you see here is
a belated correction for that.
Fixes: #10787
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
|
| |
We no longer need to install /etc/cni/net.d/87-podman-bridge.conflist
so install.cni isn't needed either.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
|
|
|
| |
* Add podman-restart systemd unit file and add it to podman RPM package
* Fix podman start to filter all containers + unit test
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|
|
|
|
|
| |
Keep master branch version ahead of that on any other branch.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Distro builds on Fedora and Kubic projects use GO111MODULE=off
by default which are currently failing. This commit fixes it and
going forward, podman CI will also indicate failures in rpm builds.
The additional LDFLAGS have been removed from the spec file
which is not ideal. But, currently we only use the spec file
to check if the rpm builds fine. We can fix the LDFLAGS in a
later commit when we're working on packit integration.
conmon build has also been removed from podman.spec.in because the COPR
for which it was provided has been discontinued.
[NO TESTS NEEDED]
Fixes: #10009
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This commit sets the CGO_CFLAGS variable for hardening the Fedora rpm
binaries.
The flags used are the same as those in the official Fedora rpms.
Setting the flags in upstream spec would provide early warnings for
flag adjustments or other hardening issues.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
| |
Signed-off-by: Thomas Montague <montague.thomas@gmail.com>
|
|\
| |
| | |
Remove varlink support from podman
|
| |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new make target (completion) to generate the shell
completion scripts. This will generate the scripts for bash,
zsh and fish for both podman and podman-remote with `podman completion`.
The scripts are put into the completions directory and can be
installed system wide with `sudo make install.completions`.
This commit replaces the current handwritten scripts for bash and zsh.
The `validate.completion` target has been adjusted to make sure nobody
edits these scripts directly.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|
|
|
|
|
|
| |
We need to block systemd from cleaning up this directory
by dropping a /usr/lib/tmpfiles.d/podman.conf file in place.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
| |
xz package is required by buildah and podman when building a
image and ADD a tar.xz file archive is used
See https://github.com/containers/buildah/issues/2525
Signed-off-by: Job Cespedes Ortiz <jobcespedes@gmail.com>
|
|
|
|
| |
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
| |
Signed-off-by: Peter Oliver <git@mavit.org.uk>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
| |
For the time being we need to just require runc
this should fix rdoproject.org/github-check
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
| |
We need 2.0.17 for detached remote exec.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Issue gh#6286 was already fixed in a prior commit but the Makefile still
ran some varlink steps by default.
This commit makes any varlink build steps dependent on the varlink
build tag and also makes the contrib rpm spec file independent of
varlink.
Endpoint tests will be run only if BUILDTAGS contains varlink.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
|
|
|
| |
On systems with cgroupV2 runc will not currently work
switch the default in spec file to use crun.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
| |
in the contrib rpm.spec.in, we no longer should try to package libpod.conf
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we're shipping containers.conf, we don't want to provide
a libpod.conf anymore. This removes libpod.conf from the repo and
as many direct uses as I can find.
There are a few more mentions in the documentation, but someone
more familiar with containers.conf should make those edits.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Distro packaging often uses non-default build and linker flags.
The current Makefile cannot be used in the package build process as it
will end up rebuilding the binaries with the default flags.
This commit introduces install targets which do not depend on the build
targets. Distro packages should prefer these if they want to use any
non-default flags.
NOTE: This commit effectively leaves prior targets unchanged, so users
won't notice any difference.
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\
| |
| | |
add systemd build tag to podman builds
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Without the systemd build tag, podman will fail with the error "No
support for journald logging".
This commit adds the `systemd` build tag explicitly, rather than
relying on `hack/systemd_tag.sh` (because we're building an rpm and
we've explicitly included systemd-devel as a dependency).
Signed-off-by: Lars Kellogg-Stedman <lars@redhat.com>
|
|/
|
|
|
|
|
|
| |
* move cmd/podman/varlink/* to pkg/varlink to support podmanV2 refactor
* update Makefile
* reformatted all impacted code
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|
|
|
|
|
| |
Also fix issue in pods_test.go
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
| |
to get the copr rpms to jive better with the fedora rpms, we need to set an epoch.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
replace prow images test
|
| |
| |
| |
| |
| |
| | |
this is a container-based approach to verifying we can build an rpm based on the contrib spec.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
As the title says. I renamed the old file from the lower case to the
upper case name. This makes it appear higher up in the listing on GitHub
and also is in line with the rest of the containers projects. Due to this
change, I also had to change a few references in a couple of build related
files.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|
|
|
|
|
| |
This should use `od` not `of`
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
| |
Fix all errors found by codespell
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes I am making:
1. The target `.gopathok` was listed in `.PHONY` which
looks wrong as it regenerates `.gopathok` every time we
re-run it, which was a part of the issue. I removed it
to avoid that. If `.gopathok` is present', makefile
should not need to rerun it.
2. Ensure the binaries are created only if they don't
exist by adding `bin/podman`
and `bin/podman-remote`.
3. Add a `SOURCES = $(shell find . -name "*.go")` and put
it as a dependency of the podman binaries target. It allows us
to re-generate the binaries only when there is a change in the
source files. The downside is it increases the running time of
the command that generates them (20 seconds on my virtual machine
running Centos 7). If this is a problem, we could introduce a
hidden file that would list all the files to track, that
would need to be updated only when a dev is introducing new files.
4. Fixed the make package-install as it does not work with yum.
I updated the build_rpm.sh to ensure it works on centos 7
and centos 8 with no pre-required installation.
Closes #4367
Signed-off-by: Neville Cain <neville.cain@qonto.eu>
|