summaryrefslogtreecommitdiff
path: root/libpod
Commit message (Collapse)AuthorAge
* Create pod CGroups when using the systemd cgroup driverMatthew Heon2018-08-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1266 Approved by: baude
* Switch systemd default CGroup parent to machine.sliceMatthew Heon2018-08-15
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1266 Approved by: baude
* Updated pod_api to reflect function spechaircommander2018-08-14
| | | | | | | | | | Specifically, pod.Start() always returned CtrErrors, even if none failed. This cause podman start to not return the successfully started pod id. Also, pod.Kill() didn't return an error along with ctrErrors. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1272 Approved by: rhatdan
* Remove unused function in runtime.goMatthew Heon2018-08-14
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1264 Approved by: mheon
* Merge pull request #1254 from mheon/systemd_cgroups_defaultMatthew Heon2018-08-11
|\ | | | | Switch default CGroup manager to systemd
| * Swap default CGroup manager to systemdMatthew Heon2018-08-10
| | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
* | Ensure pod inspect is locked and validity-checkedMatthew Heon2018-08-11
| | | | | | | | | | | | | | | | | | | | Also, don't return the internal podState struct - instead return a public inspect struct. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1258 Approved by: rhatdan
* | We need to sort mounts so that one mount does not over mount another.Daniel J Walsh2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently we add mounts from images, volumes and internal. We can accidently over mount an existing mount. This patch sorts the mounts to make sure a parent directory is always mounted before its content. Had to change the default propagation on image volume mounts from shared to private to stop mount points from leaking out of the container. Also switched from using some docker/docker/pkg to container/storage/pkg to remove some dependencies on Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1243 Approved by: mheon
* | Split pod.go into 3 filesMatthew Heon2018-08-10
| | | | | | | | | | | | | | | | | | | | | | This removes anything but structs and simple accessors from pod.go itself, which is a target file for FFJSON generation. This should reduce the amount of times FFJSON needs to run. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1247 Approved by: rhatdan
* | Make errors during refresh nonfatalMatthew Heon2018-08-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | During refresh, we cannot hard-fail, as that would mean leaving a partially-configured state behind, leaving libpod unable to start without manual intervention. Instead, log errors refreshing individual containers and pods and continue. Individual containers and pods may be unusable and need to be removed manually, but libpod itself will continue to function. Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1252 Approved by: rhatdan
* | Add batch check to container stats lockMatthew Heon2018-08-10
| | | | | | | | | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1249 Approved by: rhatdan
* | removeContainer: fix deadlockValentin Rothberg2018-08-10
|/ | | | | | | | | | | | When checking if the container has already been removed, use c.state.HasContainer() instead of the runtime's API to avoid trying to take the already acquired lock. Fixes: #1245 Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1251 Approved by: baude
* Add FFJSON generation to makefileMatthew Heon2018-08-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1240 Approved by: rhatdan
* Re-add FFJSON for container and pod structsMatthew Heon2018-08-09
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1240 Approved by: rhatdan
* Fixed a bug setting dependencies on the wrong containerhaircommander2018-08-09
| | | | | | | Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1244 Approved by: mheon
* Always connect to the stdout and stderr of streamDaniel J Walsh2018-08-09
| | | | | | | | | | | | | | If the stdout and stderr are not attach, podman will at least get a messsage that the container has completed and finish. This fixes the `podman run -a stdin fedora true` Hang issue. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1239 Approved by: mheon
* oci.go: syslog: fix debug formattingValentin Rothberg2018-08-09
| | | | | | | Signed-off-by: Valentin Rothberg <vrothberg@suse.com> Closes: #1242 Approved by: rhatdan
* add podman pod inspectbaude2018-08-09
| | | | | | | | | first pass of podman pod inspect Signed-off-by: baude <bbaude@redhat.com> Closes: #1236 Approved by: rhatdan
* Fix ambiguity in adding localhost to podman savehaircommander2018-08-08
| | | | | | | | | | | ...and some naming decisions. This change ensures podman save doesn't incorrectly prepend localhost when saving an image. Signed-off-by: haircommander <pehunt@redhat.com> Closes: #1140 Approved by: rhatdan
* Fix CGroupFS cgroup manager cgroup creation for podsMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1237 Approved by: rhatdan
* Pass newly-added --log-level flag to ConmonMatthew Heon2018-08-08
| | | | | | | Signed-off-by: Matthew Heon <matthew.heon@gmail.com> Closes: #1232 Approved by: rhatdan
* Add dpkg support for returning oci/conmon versionsDaniel J Walsh2018-08-07
| | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1224 Approved by: baude
* Have info print conmon/oci runtime informationDaniel J Walsh2018-08-07
| | | | | | | | | We need into to identify the OCI runtime and conmon used by podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Closes: #1224 Approved by: baude
* Better pull error for fully-qualified imagesbaude2018-08-06
| | | | | | | | | | | | | | | | | | | When pulling a fully-qualified image that fails, we should not be talking about registries/search registries in the the error message as it is not applicable. If a image that is fq'd and fails to pull, the error should be simplified. ``` $ sudo podman pull this-does-not-exist.example.com/foo Trying to pull this-does-not-exist.example.com/foo...Failed error pulling image "this-does-not-exist.example.com/foo": unable to pull this-does-not-exist.example.com/foo: unable to pull image, or you do not have pull access $ ``` Resolves: #1212 Signed-off-by: baude <bbaude@redhat.com> Closes: #1216 Approved by: mheon
* Add Runc and Conmon versions to Podman Versionbaude2018-08-05
| | | | | | | | | | It will be handy to know the runc and conmon versions as our code gets into the wild. Signed-off-by: baude <bbaude@redhat.com> Closes: #1207 Approved by: rhatdan
* clarify pull error messagebaude2018-08-02
| | | | | | | | | | | | | when pulling, we can fail to find an image (i.e. it doesn't exist) or we can not have authority/access to pull it. the registries don't tell us one way or another so the error message needs to cover both. Resolves #1194 Signed-off-by: baude <bbaude@redhat.com> Closes: #1195 Approved by: rhatdan
* Inline pullGoalNamesFromPossiblyUnqualifiedName into ↵Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | | Runtime.pullGoalFromPossibly... Again, we only needed them split for tests; so, integrate them back. Then drop all remaining references to pullRefName and pullGoalNames, which are not used for anything. Should not change behavior Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* Replace getPullRefName by Runtime.getPullRefPairMiloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | This more or less reverts 9c9401a96c0b7d43dcea19c2972ef9612cc0a136 "Replace getPullRefPair with getPullRefName"; now that tests don't require us to use pullRefName, move creation of storage references deeper into the calls stack to reduce string use. ir.getSinglePullRefNameGoal is accordingly updated to ir.getSinglePullRefPairGoal, and we need to add a ~duplicate singlePullRefPairGoal; that duplication of singlePullRefNameGoal will soon be resolved by dropping singlePullRefNameGoal. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* Inline pullGoalNamesFromImageReference back into ↵Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | Runtime.pullGoalFromImageReference Now that we don't need a separate pullGoalNamesFromImageReference for running tests, inline it back. This forces us to add some glue code to getSinglePullRefNameGoal and to convert between pullGoal and *pullGoal; that is temporary and will be cleaned up soon. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* Introduce getSinglePullRefNameGoalMiloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | This merely wraps the > return singlePullRefNameGoal(getPullRefName(... reference)), nil pattern which is used for almost all getPullRefName uses. For now it seems not really worth it, but it will result in shorter code (and smaller migration) after we replace getPullRefName with getPullRefPair, which can fail, again - the pullGoalNamesFromImageReference will not have to add any error handling. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* Test Runtime.pullGoalFromPossiblyUnqualifiedName instead of pullGoalNameFrom...Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | Similarly to pullGoalNamesFromImageReference, use a storage.Store and test the actually created references; that is more representative, and clearly shows the impact of further normalization in storageReference (like defaulting to :latest on NameOnly references). Only modifies tests, so does not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* Test Runtime.pullGoalFromImageReference instead of ↵Miloslav Trmač2018-08-02
| | | | | | | | | | | | | | | | | | | | | | | | | pullGoalNamesFromImageReference pullGoalNamesFromImageReference has been added only to allow testing without a storage.Store, because I thought that a storage.Store can only be created by root. It turns out that non-root stores, at least good enough for reference parsing and formatting, are possible (and have existed in c/image/storage tests), so this creates such a store, and modifies the existing test to test the created c/image/storage.storageReference values instead of strings; that is more representative, and clearly shows the impact of further normalization in storageReference (like defaulting to :latest on NameOnly references). Eventually we will want to get rid of pullGoalNames / pullRefName. Only modifies tests, so does not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1198 Approved by: mheon
* RFC: Rename runtime.pullImage to runtime.pullImageFromHeuristicSourceMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | This is similar to the PushImageToHeuristicDestination RFC. The goal is to be very explicit about which functions try to heuristically guess what is the expected format of the string. Not quite "shaming" the users, but making sure they stand out. RFC: - Is this at all acceptable? Desirable? Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Introduce Runtime.pullImageFromReference, call it in Runtime.FromImageReferenceMiloslav Trmač2018-08-01
| | | | | | | | | | | FINALLY, (podman load) can pass through an ImageReference directly from loadCmd all the way to pullGoalNamesFromImageReference, making sure not to trigger the docker-like reference parsing heuristics. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* RFC: Remove unused transport name constants from libpodMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | They are not used anywhere in the packagee. Two of the values still have users in the CLI, but used only once. So, use the .Transport.Name() calls in there directly, that is likely to be cheaper (and makes the files depend directly on the transports instead of referring to them indirectly through libpod). RFC: Should not change behavior in _this_ repo, but it is an externally-observable API change. Is there any user that could notice? Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Replace Runtime.LoadFromArchive with Runtime.LoadFromArchiveReferenceMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | | | | | | | All callers of LoadFromArchive expect the input to be in the transport:name format, or create it that way. So, pass a types.ImageReference instead of a string. That requires us to add an explicit parse step in (podman pull); in (podman load) we can, instead of pasting strings, create native objects directly. Changes the error behavior of (podman pull), we no longer try heuristically parsing docker-archive:... inputs as Docker references. Also changes the string reported by (podman load) if all parsing attempts fail, to be only the path instead of dir:path. The error message itself is likely to be the same (from directory.Transport). (While at it, update a mismatched comment.) Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Split doPullImage from pullImageMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | Now that we have a pullGoal, separate determination of the goal from performing it; we will then introduce another entry point with a supplied types.ImageReference. Also remove or correct some misleading comments. Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Remove the forceCompress parameter from getCopyOptions and DRO.GetSystemContextMiloslav Trmač2018-08-01
| | | | | | | | | | | Use the parent types.SystemContext data instead. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Remove the authFile parameter from getCopyOptions and DRO.GetSystemContextMiloslav Trmač2018-08-01
| | | | | | | | | | | Use the parent types.SystemContext data instead. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Remove the signaturePolicyPath parameter from getCopyOptions and ↵Miloslav Trmač2018-08-01
| | | | | | | | | | | | | DRO.GetSystemContext Use the parent types.SystemContext data instead. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Add a *types.SystemContext parameter to getCopyOptions and DRO.GetSystemContextMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | All callers of getCopyOptions also call GetSystemContext with the same three parameters; we will want to simplify this by passing the first SystemContext to getCopyOptions, which can then inherit this data instead of so many parameters everywhere. For now, just add a *types.SystemContext parameter without using it. Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Move pullImage from Image to RuntimeMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | pullImage (now) only uses Image.InputName; it is really used to _create_ an Image object, based on the pull results (as is most visible in the LoadFromArchive caller), so it should not be a method on it. This also simplifies a bit the number of different kids of uses of Image.InputName; still apparently not enough to clearly document the field, though. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Do not re-parse the list of search registries just for an error messageMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | ... when we even only count them. This eliminates a rare error case, and saves time re-reading and re-parsing the input. (We still compute registryPath redundantly, and it may get out of sync.) Should not change behavior (but does not add unit tests). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Eliminate duplicate determination whether to use search registriesMiloslav Trmač2018-08-01
| | | | | | | | | | | | Instead of duplicating the hasRegistry logic, just record whether we did use search or not. Should not change behavior (but does not add unit tests for all of it). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Eliminate the "DockerArchive means pull all refPairs" special caseMiloslav Trmač2018-08-01
| | | | | | | | | | | | Instead, encode it explicitly in pullGoal.pullAllPairs. Should not change behavior (but does not add unit tests for all of it). Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Introduce struct pullGoalNamesMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | | | | | This is an intermediate version of pullGoal, which exists basically only for easier testing without containers-storage: (i.e. root access) in unit tests. Like pullGoal, we will add more members to make it useful in the future. RFC: Unlike pullGoal, the return value is *pullGoalNames, because there are quite a few (return nil, err) cases which would be more difficult to read when returning a value. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Introduce struct pullGoalMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | The eventual goal is to cleanly capture semantics like "pull all images for DockerArchive" and "did a search through $registries" without hard-coding it through; and to allow a pullImage variant where the caller can pass an imageReference directly. For now, this just wraps []pullRefPair and should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Use []pullRefPair instead of []*pullRefPairMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | We are passing the values, don't really need the pointer sharing semantics, and the structures are small enough, and the arrays short enough, that we very likely lose on the indirect accesses more than we save on quicker copying of the slices when extending them. Value semantics is safer anyway. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Use []pullRefName instead of []*pullRefNameMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | We are passing the values, don't really need the pointer sharing semantics, and the structures are small enough, and the arrays short enough, that we very likely lose on the indirect accesses more than we save on quicker copying of the slices when extending them. Value semantics is safer anyway. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan
* Introduce singlePullRefNameGoalMiloslav Trmač2018-08-01
| | | | | | | | | | | | | | | All but two cases returning a []*pullRefName only return a single item. Introduce a helper for that case, which seems not worth it now, but the return value will get a bit more complex and introducing the helper now will minimize code changes in future commits. Should not change behavior. Signed-off-by: Miloslav Trmač <mitr@redhat.com> Closes: #1176 Approved by: rhatdan