aboutsummaryrefslogtreecommitdiff
path: root/libpod
Commit message (Collapse)AuthorAge
* Need to add LISTEN_PID environment variable to conmon commandDaniel J Walsh2018-02-05
| | | | | | | Without this field then conmon will not pass the proper data down to the OCI Runtime. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Pass NOTIFY_SOCKET and LISTEN_FDS env to OCI RUntime if setDaniel J Walsh2018-02-05
| | | | | | | | | | | | | | In order to have sd_notify from systemd to work in containers we need to pass down the NOTIFY_SOCKET environment variable to the container. LISTEN_FDS, tells the application inside of the container to use socket activation and grab the FDS that are leaked into the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #271 Approved by: umohnani8
* Allow users to specify logpathDaniel J Walsh2018-02-03
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #135 Approved by: mheon
* Migrate Create|Commit to ginkgobaude2018-02-02
| | | | | | | | | | | | Migrate create and commit bats tests to the ginkgo test suite. In doing so, some structures had to be moved to pkg/podmanstructs/podmanstructs.go so we could do better verification of test results. Signed-off-by: baude <bbaude@redhat.com> Closes: #286 Approved by: rhatdan
* Update stats code to reflect changes to containerd stats APIMatthew Heon2018-02-01
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* libpod/runtime.go: Stick paths in arraysbaude2018-01-31
| | | | | | | | | | | To account for more path possibilities, we now iterate a string array of possible paths to try and find paths to runc and conmon. Signed-off-by: baude <bbaude@redhat.com> Closes: #278 Approved by: baude
* Ginkgo Tests: ps, pull, push and rmbaude2018-01-31
| | | | | | | | | | | | | Migrate ps, pull, push, and rm from bats to ginkgo. Also, fixed a conditional issue with adding ports when an image defines the port and the user wants to override it. Signed-off-by: baude <bbaude@redhat.com> Closes: #277 Approved by: baude
* libpod/runtime.go: runtime pathbaude2018-01-31
| | | | | | | | | | | | Ubuntu installs runc to /usr/sbin/runc so we now account for that. Also, added small check when creating a new runtime that if we cannot find the runc binary, we bail out. Signed-off-by: baude <bbaude@redhat.com> Closes: #276 Approved by: baude
* libpod/container_api: Set hostname in ENVbaude2018-01-30
| | | | | | | | | | The container's hostname should be set as an environment variable for the container. Signed-off-by: baude <bbaude@redhat.com> Closes: #273 Approved by: baude
* Add StopWithTimeout API function for containersMatthew Heon2018-01-30
| | | | | | | | | | Normal Stop should not need a timeout, and should use the default Add a function that does accept a timeout aside it Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #272 Approved by: rhatdan
* Strip unused format specifierMatthew Heon2018-01-27
| | | | | | | Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #263 Approved by: umohnani8
* Close attach control fileMatthew Heon2018-01-27
| | | | | | | | | From CRI-O #1288 Signed-off-by: Matthew Heon <mheon@redhat.com> Closes: #263 Approved by: umohnani8
* Save --privileged stateDaniel J Walsh2018-01-25
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #255 Approved by: mheon
* Fix podman stats based on QE feedbackumohnani82018-01-25
| | | | | | | | | | | | QE found issues with formatting the go template and the man page was lacking information. Changed the format of the output to match latest docker. Add shortID function that returns the truncated ID Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #258 Approved by: rhatdan
* Streamline image resolutionbaude2018-01-23
| | | | | | | | | When trying to determine if a user-provided string that describes an image (ID, fq name, shortname, tagged), there were some inefficiencies where we looked up images multiple times to derive information about local images. Signed-off-by: baude <bbaude@redhat.com>
* libpod/oci.go: Perf issuebaude2018-01-23
| | | | | | | | | | | | Matt Heon and I found that a defer statement was costing podman run dearly. We dont think the defer function was working (nor needed) and was timing out as well. Removing this defer statement decreased podman runtime by 1.5s or more. Signed-off-by: baude <bbaude@redhat.com> Closes: #253 Approved by: baude
* Fix issues with podman ps from QEumohnani82018-01-22
| | | | | | | | | | | | | QE pointed out a few things missing/wrong with ps This PR addresses those issues. Added functionality for getting mounts and size also Fixed a few issues with the --filter params, for example filter with partial information. Signed-off-by: umohnani8 <umohnani@redhat.com> Closes: #250 Approved by: rhatdan
* Expose ports from imagebaude2018-01-22
| | | | | | | | | | | | When an image has a port to expose, we need to expose it. User's input overrides the image's port information. Also, enable port information in ps so we can see which random port is assigned. Signed-off-by: baude <bbaude@redhat.com> Closes: #249 Approved by: rhatdan
* Override hostname for containerbaude2018-01-21
| | | | | | | | | | | Adds the ability to override the container's hostname. Also, uses the first twelve characters of the container ID as the default hostname if none is provided. Signed-off-by: baude <bbaude@redhat.com> Closes: #248 Approved by: baude
* Enable port bindingsbaude2018-01-20
| | | | | | | | | | | | | Set up nbetworking ports for the following use cases: * bind the same port between host and container * bind a specific host port to a different container port * bind a random host port to a specific container port Signed-off-by: baude <bbaude@redhat.com> Closes: #214 Approved by: baude
* Cleanup of podman statsDaniel J Walsh2018-01-19
| | | | | | | | | | | | Fix errors when containers are not running. --all, --latest, containers can not be used at same time. Should match the output of docker stats, 0 values replaced by "--" Should return stats right away if container is not running. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #244 Approved by: TomSweeneyRedHat
* Add --dns-search, --dns-opt, --dns-server and --add-host.baude2018-01-19
| | | | | | | | | | | | | | | | | | Each of these options are destructive in nature, meaning if the user adds one of them, all current ones are removed from the produced resolv.conf. * dns-server allows the user to specify dns servers. * dns-opt allows the user to specify special resolv.conf options * dns-search allows the user to specify search domains The add-host option is not destructive and truly just adds the host to /etc/hosts. Signed-off-by: baude <bbaude@redhat.com> Closes: #231 Approved by: mheon
* Fix gofmtMatthew Heon2018-01-18
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Rename containerRuntimeInfo to containerState for clarityMatthew Heon2018-01-18
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Rename ContainerState to ContainerStatusMatthew Heon2018-01-18
| | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Split container.go into three filesMatthew Heon2018-01-18
| | | | | | | | | Weighing in at ~1700 lines, container.go is just too big. Split it into three files: core structs and accessors (container.go), public API (container_api.go), and internal functions (container_internal.go). Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* Fix seccomp supportDaniel J Walsh2018-01-18
| | | | | | | | | | | | | If user does not specify seccomp file or seccomp file does not exist, then use the default seccomp settings. Still need to not hard code /etc/crio/seccomp.json, should move this to /usr/share/seccomp/seccomp.json Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #233 Approved by: baude
* Fix gofmtMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Fix in-memory state testsMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Convert remaining state tests to new styleMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Add ability to get dependencies of a containerMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Fix comment typoMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Fix gofmtMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Address review commentsMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Wire in logic for selecting backing state implMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Do no lint test helpersMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Modify unit tests for state to run on all state implementationsMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Change handling for pods in libpod stateMatthew Heon2018-01-17
| | | | | | | | | | Add new functions to update pods and add/remove containers from them Use these new functions in place of manually modifying pods Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Add ability to retrieve a pod's container from the stateMatthew Heon2018-01-17
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #229 Approved by: rhatdan
* Ensure batched containers have locksMatthew Heon2018-01-16
| | | | | | | | | | | This won't matter during batched operatins, but if the container leaks outside of the Batch() function it will segfault if asked to do any operation that locks unless this is applied Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #226 Approved by: rhatdan
* Fix lint issuesMatthew Heon2018-01-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #220 Approved by: rhatdan
* Prevent containers with dependencies from being removedMatthew Heon2018-01-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #220 Approved by: rhatdan
* Add ability for states to track container dependenciesMatthew Heon2018-01-16
| | | | | | | | | | | Also prevent containers with dependencies from being removed from in memory states. SQLite already enforced this via FOREIGN KEY constraints. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #220 Approved by: rhatdan
* Add API for sharing namespacesMatthew Heon2018-01-16
| | | | | | | | | | Remove existing code for sharing namespaces and replace with use of this API Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #220 Approved by: rhatdan
* Add support for shared CGroup namespacesMatthew Heon2018-01-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #220 Approved by: rhatdan
* Add support for joining shared namespaces in libpodMatthew Heon2018-01-16
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #220 Approved by: rhatdan
* When performing state-changing operations, don't exec runtimeMatthew Heon2018-01-16
| | | | | | | | | | | | | | If we start a container and it does not error, we can assume the container is now running. Subsequent API calls will sync for us to see if it died, so we can just set ContainerStateRunning instead of launching the runtime to explicitly get state. The same logic applies to pause and unpause. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #223 Approved by: rhatdan
* Add DNS and security fields to DBMatthew Heon2018-01-15
| | | | | | | | | | | | | | | | | Also moves port mappings out of the SQL DB and into a file on disk. These could get very sizable (hundred to thousands of ports) so moving them out to a file will keep the DB small and fast. Finally, add a foreign key reference from container ID to container state ID. This ensures we never get into an inconsistent state where we have data in one table but not the other. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #225 Approved by: baude
* Fix gofmtMatthew Heon2018-01-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #222 Approved by: rhatdan
* Add Sync() function to updating ctr state in Batch()Matthew Heon2018-01-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #222 Approved by: rhatdan