| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
add --pull flag for podman create&run
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Requirement from https://github.com/containers/libpod/issues/3575#issuecomment-512238393
Added --pull for podman create and pull to match the newly added flag in docker CLI.
`missing`: default value, podman will pull the image if it does not exist in the local.
`always`: podman will always pull the image.
`never`: podman will never pull the image.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \
| | |
| | | |
Set Pod hostname as Pod name
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
|
| |\ \ \
| |/ /
|/| | |
performance fix for podman events with large journalds
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
in the case where the host has a large journald, iterating the journal
without using a Match is very poor performance. this might be a
temporary fix while we figure out why the systemd library does not seem to
behave properly.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \
| | | |
| | | | |
removMergeDir from inspect result if not mounted
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
Remove GraphDriver.Data.MergedDir from the result of podman inspect if the container not mounte. Because the /var/lib/containers/.../merged directory is no longer created by default; it only exists during the scope of podman mount.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
use the DBUS user session when running in rootless mode.
Closes: https://github.com/containers/libpod/issues/3801
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
JSON optimizes it out in that case anyways, so don't waste cycles
doing an Itoa (and Atoi on the decode side).
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We weren't actually storing this, so we'd lose the exit code for
containers run with --rm or force-removed while running if the
journald backend for events was in use.
Fixes #3795
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Set the string to "libpod/VERSION" so that we don't use the unspecific
default of "Go-http-client/xxx".
Fixes #3788
Signed-off-by: Stefan Becker <chemobejk@gmail.com>
|
| |\ \
| | |
| | | |
rootless: drop some superflous checks
|
| | | |
| | |
| | |
| | |
| | |
| | | |
we are always running with euid==0 at this point.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| | |
when creating the default libpod.conf file, be sure the default OCI
runtime is cherry picked from the system configuration.
Closes: https://github.com/containers/libpod/issues/3781
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
After restoring a container with a different name (ID) the ConmonPidFile
was still pointing to the path of the original container.
This means that the last restored container will overwrite the
ConmonPidFile of the original container. It was also not possible to
restore a container with a new name (ID) if the original container was
not running.
The ConmonPidFile is only changed if the ConmonPidFile starts with the
value of RunRoot. This assumes that if RunRoot is part of ConmonPidFile
the user did not specify --conmon-pidfile' during run or create.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\
| |
| | |
make rmi messages more compatible with docker
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
in the case where we rmi an image that has only one reponame, we print
out an untagged reponame message.
$ sudo podman rmi busybox
Untagged: docker.io/library/busybox:latest
Deleted: db8ee88ad75f6bdc74663f4992a185e2722fa29573abcc1a19186cc5ec09dceb
Signed-off-by: baude <bbaude@redhat.com>
|
| |/
|
|
|
|
| |
Now, when a user's conmon is out of date, podman will tell them
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\
| |
| | |
systemd library conflict with seektail and addmatch
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
it looks like the core-os systemd library has some issue when using
seektail and add match. this patch works around that shortcoming for
the time being.
Fixes: #3616
Signed-off-by: baude <bbaude@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
commit 223fe64dc0a592fd44e0c9fde9f9e0ca087d566f introduced the
regression.
When running on cgroups v1, bind mount only /sys/fs/cgroup/systemd as
rw, as the code did earlier.
Also, simplify the rootless code as it doesn't require any special
handling when using --systemd.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1737554
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\
| |
| | |
Revert "rootless: Rearrange setup of rootless containers"
|
| | |
| |
| |
| |
| |
| | |
This reverts commit 80dcd4bebcdc8e280f6b43228561d09c194c328b.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
Touch up XDG, add rootless links
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Touch up a number of formating issues for XDG_RUNTIME_DIRS in a number
of man pages. Make use of the XDG_CONFIG_HOME environment variable
in a rootless environment if available, or set it if not.
Also added a number of links to the Rootless Podman config page and
added the location of the auth.json files to that doc.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \
| | |
| | | |
restore: correctly set StartedTime
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
A container restored from an exported checkpoint did not have its
StartedTime set. Which resulted in a status like 'Up 292 years ago'
after the restore.
This just sets the StartedTime to time.Now() if a container is restored
from an exported checkpoint.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \
| | | |
| | | | |
container stop: kill conmon
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Old versions of conmon have a bug where they create the exit file before
closing open file descriptors causing a race condition when restarting
containers with open ports since we cannot bind the ports as they're not
yet closed by conmon.
Killing the old conmon PID is ~okay since it forces the FDs of old
conmons to be closed, while it's a NOP for newer versions which should
have exited already.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
restore: added --ignore-static-ip option
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If a container is restored multiple times from an exported checkpoint
with the help of '--import --name', the restore will fail if during
'podman run' a static container IP was set with '--ip'. The user can
tell the restore process to ignore the static IP with
'--ignore-static-ip'.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
podman events format json
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Enable podman events to format the output as jsonline
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
add eventlogger to info
|
| | |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
to help with future debugging, we now display the type of event logger
being used inside podman info -> host.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
rootless: Rearrange setup of rootless containers ***CIRRUS: TEST IMAGES***
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
In order to run Podman with VM-based runtimes unprivileged, the
network must be set up prior to the container creation. Therefore
this commit modifies Podman to run rootless containers by:
1. create a network namespace
2. pass the netns persistent mount path to the slirp4netns
to create the tap inferface
3. pass the netns path to the OCI spec, so the runtime can
enter the netns
Closes #2897
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Provide information stating what the postConfigureNetNS option
is used for.
Signed-off-by: Gabi Beyer <gabrielle.n.beyer@intel.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
we should be looking for the libpod.conf file in /usr/share/containers
and not in /usr/local. packages of podman should drop the default
libpod.conf in /usr/share. the override remains /etc/containers/ as
well.
Fixes: #3702
Signed-off-by: baude <bbaude@redhat.com>
|
| | |/ / / /
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There are two cases logdriver can be empty, if it wasn't set by libpod, or if the user did --log-driver ""
The latter case is an odd one, and the former is very possible and already handled for LogPath.
Instead of printing an error for an entirely reasonable codepath, let's supress the error
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \ \ \ \
| |_|_|/ /
|/| | | | |
Add Capability support to play kube
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Take capabilities written in a kube and add to a container
adapt test suite and write cap-add/drop tests
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | | |
capabilities that were added and dropped were several times duplicated. Fix this
Signed-off-by: Peter Hunt <pehunt@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Fix memory leak with exit files
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When forcibly removing a container, we are initiating an explicit
stop of the container, which is not reflected in 'podman events'.
Swap to using our standard 'stop()' function instead of a custom
one for force-remove, and move the event into the internal stop
function (so internal calls also register it).
This does add one more database save() to `podman remove`. This
should not be a terribly serious performance hit, and does have
the desirable side effect of making things generally safer.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The logfile driver was not aware that system events existed.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We need this specifically for tests, but others may find it
useful if they don't explicitly need events and don't want the
performance implications of using them.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
