| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
instead of using the container log path to derive where to put the healthchecks, we now put them into the rundir to avoid collision of health check log files when the log path is set by user.
Fixes: #5915
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|
|
|
|
|
|
| |
when joining a UTS namespace, take the hostname from the destination
container.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\
| |
| | |
Add --os to manifest add
|
| |
| |
| |
| |
| |
| | |
Add --os to manifest add for overriding the os field.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|/
|
|
|
|
|
|
| |
Enable pod inspect integration test
Get rid of libpod pod inspect references
Remove libpod PodInspect struct.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\
| |
| | |
Fix SELinux functions names to not be repetitive
|
| |
| |
| |
| |
| |
| |
| | |
Since functions are now in an selinux subpackage, they should not start with
SELinux
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Les Aker <me@lesaker.org>
|
|/
|
|
| |
Signed-off-by: Les Aker <me@lesaker.org>
|
|\
| |
| | |
manifest create,add,inspect
|
| |
| |
| |
| |
| |
| | |
Implememts manifest subcommands create, add, inspect.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The length and size of our error messages on failure to pull
is huge. This patch at least eliminates some of the wrapping.
But I think eventually we need to look at containers/image
and see if we can modify the error messages to something a little
more human friendly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
* Introduced define.ErrImageInUse to assist in determining the exit code
without resorting string searches.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|/
|
|
|
|
|
| |
The goal here is to make the package less heavy and not overload
the pkg/util.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Update podmanV2 to use containers.conf
|
| |
| |
| |
| |
| |
| |
| |
| | |
Add more default options parsing
Switch to using --time as opposed to --timeout to better match Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|
|
|
|
|
|
| |
Added status field in pod inspect report.
Fixed pod tests to use it.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|
|
|
|
|
|
|
| |
Add the ability to prune pods for api v2,
Includes the addition of force flag, for client side prompt.
Update test suite to support this use case.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\
| |
| | |
image prune skips images with child images.
|
| |
| |
| |
| |
| |
| |
| |
| | |
While image build process, intermediate images are created.
These images are also used as cache images, used in rebuilding
same images. This fix the deletion of cache images.
Signed-off-by: Kunal Kushwaha <kunal.kushwaha@gmail.com>
|
|\ \
| | |
| | | |
Fix the pod name passed to cni
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When creating a network we pass down a name which end up in the
K8S_POD_NAME argument to cni plugins. Currently this name is always
filled with the container name, so for pods it is the name of the
infra container, not really what one would expect.
This mess up with the dnsname plugin as it doesn't receive the pod
name in K8S_POD_NAME. To fix this pass the pod name when the container
is part of a pod, otherwise use the container name like before.
Signed-off-by: Alban Bedel <albeu@free.fr>
---
v2: Only call GetPod() when a pod id is set
|
| | |
| | |
| | |
| | |
| | |
| | | |
rid ourseleves of libpod references in v2 client
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add support for selecting kvm and systemd labels
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In order to better support kata containers and systemd containers
container-selinux has added new types. Podman should execute the
container with an SELinux process label to match the container type.
Traditional Container process : container_t
KVM Container Process: containre_kvm_t
PID 1 Init process: container_init_t
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add basic structure of output for APIv2 pod inspect
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This will replace the structs in use in libpod, which cannot be
used as they are also directly involved in the database
representation of pods and cannot be moved out of Libpod.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix up SELinux labeling
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
SELinux label options processing fixes, should allow system tests to pass.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | | |
Adds ability to prune containers for v2.
Adds client side prompt with force flag and filters options to prune.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
A few major fixes here:
- Support for attaching to Configured containers, to match Docker
behavior.
- Support for stream parameter has been improved (we now properly
handle cases where it is not set).
- Initial support for logs parameter has been added.
- Setting attach streams when the container has a terminal is now
supported.
- Errors are properly reported once the hijack has begun.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \
| | |
| | | |
userns: support --userns=auto
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
automatically pick an empty range and create an user namespace for the
container.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|\ \ \
| | | |
| | | | |
podmanv2 ps
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
add the ability to list containers
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
the current implementation of info, while typed, is very loosely done so. we need stronger types for our apiv2 implmentation and bindings.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
add the ability to attach to a running container. the tunnel side of this is not enabled yet as we have work on the endpoints and plumbing to do yet.
add the ability to exec a command in a running container. the tunnel side is also being deferred for same reason.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
podmanv2 save image
|
| |/
| |
| |
| |
| |
| | |
add ability to save an image for podman v2
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Prepare for crun checkpoint support
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For (almost) all commands which podman passes on to a OCI runtime
XDG_RUNTIME_DIR is set to the same value. This does not happen for the
checkpoint command.
Using crun to checkpoint a container without this change will lead to
crun using XDG_RUNTIME_DIR of the currently logged in user and so it
will not find the container Podman wants to checkpoint.
This bascially just copies a few lines from on of the other commands to
handle 'checkpoint' as all the other commands.
Thanks to Giuseppe for helping me with this.
For 'restore' it is not needed as restore goes through conmon and for
calling conmon Podman already configures XDG_RUNTIME_DIR correctly.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Podman was checking if the runtime support checkpointing by running
'runtime checkpoint -h'. That works for runc.
crun, however, does not use '-h, --help' for help output but, '-?,
--help'.
This commit switches both checkpoint support detection from
'runtime checkpoint -h'
to
'runtime checkpoint --help'.
Podman can now correctly detect if 'crun' also support checkpointing.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
|\ \
| | |
| | | |
Pass path environment down to the OCI runtime
|
| |/
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Fix/improve pkg/storage.InitFSMounts
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Instead of getting mount options from /proc/self/mountinfo, which is
very costly to read/parse (and can even be unreliable), let's use
statfs(2) to figure out the flags we need.
[v2: move getting default options to pkg/util, make it linux-specific]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
| |
| |
| |
| |
| |
| | |
skip doing a socket shutdown on an error, since we are not sure the
socket was already closed and we end up using the wrong fd.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
if the control path file is deleted, libpod hangs waiting for a reader
to open it. Attempt to open it as non blocking until it returns an
error different than EINTR or EAGAIN.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|