| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
| |
Made a mistake in my earlier patch. I though that if you add an empty string
to an array, the length of the array would still be 0...
Realised this when vendoring the secrets pkg into cri-o.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #685
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
| |
The hidden flag is used to override the path of the default mounts file
for testing purposes.
Also modified the secrets pkg to allow for this override to happen.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #678
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--group-add
--blkio-weight-device
--device-read-bps
--device-write-bps
--device-read-iops
--device-write-iops
--group-add now supports group names as well as the gid associated with them.
All the --device flags work now with moderate changes to the code to support both
bps and iops.
Added tests for all the flags.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #590
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #155
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #577
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #577
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
so that it is possible to use systemd to automatically restart the
container:
[Service]
Type=forking
PIDFile=/run/awesome-service.pid
ExecStart=/usr/bin/podman run --conmon-pidfile=/run/awesome-service.pid --name awesome -d IMAGE /usr/bin/do-something
ExecStopPost=/usr/bin/podman rm awesome
Restart=always
Closes: https://github.com/projectatomic/libpod/issues/534
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #549
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
This allows more graceful handling of multiple paths in a config
file.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #430
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
| |
Review comments to delete WithNoNew function and its append.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #369
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #369
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #370
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
| |
Example:
sudo /usr/local/bin/podman run --cgroup-parent=/zzz fedora cat /proc/self/cgroup
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Closes: #370
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #349
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This solves some dependency problems in the state, and makes
sense from a design standpoint.
Containers not in a pod can still depend on the namespaces of
containers joined to a pod, which we might also want to change in
the future.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #184
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
|
| |
This allows us to JSON it and stuff it in the DB - previously,
all pod fields were private, so JSON couldn't encode them. This
allows us to keep all pod fields private by having a substruct
with public fields.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #184
Approved by: baude
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #135
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #255
Approved by: mheon
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Set up nbetworking ports for the following use cases:
* bind the same port between host and container
* bind a specific host port to a different container port
* bind a random host port to a specific container port
Signed-off-by: baude <bbaude@redhat.com>
Closes: #214
Approved by: baude
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Each of these options are destructive in nature, meaning if the user
adds one of them, all current ones are removed from the produced
resolv.conf.
* dns-server allows the user to specify dns servers.
* dns-opt allows the user to specify special resolv.conf options
* dns-search allows the user to specify search domains
The add-host option is not destructive and truly just adds the host
to /etc/hosts.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #231
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #229
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Add new functions to update pods and add/remove containers from them
Use these new functions in place of manually modifying pods
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #229
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
Remove existing code for sharing namespaces and replace with use
of this API
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #220
Approved by: rhatdan
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #212
Approved by: rhatdan
|
|\
| |
| | |
Wire up API for CGroup Parent
|
| |
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|\ \
| | |
| | | |
Update OCICNI vendor and plugin directories
|
| |/
| |
| |
| | |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|/
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #206
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #209
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
| |
We don't want libkpod overrides for conmon's path to misdirect
the already set path for conmon from libpod.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #181
Approved by: baude
|
|
|
|
|
|
|
|
|
|
| |
We should be pulling information out of the image to set the
defaults to use when setting up the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #110
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #175
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman run/create have the ability to set the stop timeout flag.
We need to stop it in the database.
Also Allowing negative time for stop timeout makes no sense, so switching
to timeout of uint, allows user to specify huge timeout values.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #158
Approved by: TomSweeneyRedHat
|
|
|
|
|
|
|
|
|
|
|
| |
Stop Signal from kpod create/run was not fully plumbed in,
This will pass the stopsignal into the container database on
create and run of containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #156
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #109
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #109
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #109
Approved by: mheon
|
|
|
|
|
|
|
|
|
| |
Also includes misc other fixes - adding labels, fixing pod names
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #138
Approved by: rhatdan
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow kpod create/run to create contianers in different network namespaces, uts namespaces and
IPC Namespaces.
This patch just handles the simple join the host, or another containers namespaces.
Lots more work needed to full integrate --net
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #64
Approved by: mheon
|
|
|
|
|
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #65
Approved by: mheon
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|
|
|
| |
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|
|
|
|
|
|
|
|
|
| |
This should turn on handling of SELinux, NoNewPrivs, seccomp and Apparmor
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #15
Approved by: rhatdan
|
|
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
|