| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sig-proxy code is set up to error on failing to forward
signals to a container. This is reasonable in cases where the
container is running, but something strange went wrong - but when
the Kill fails because the container is stopped, we shouldn't
bother with aggressive Error logging since this is an expected
part of the container lifecycle - it stops, and then `podman run`
also stops, but there is a timing window in between where signals
will fail to be proxied, and we should not print angry errors
during that.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\
| |
| | |
Add pod, volume, network to inspect package
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman inspect only had the capabilities to inspect containers and images. if a user wanted to inspect a pod, volume, or network, they would have to use `podman network inspect`, `podman pod inspect` etc. Docker's cli allowed users to inspect both volumes and networks using regular inspect, so this commit gives the user the functionality
If the inspect type is not specified using --type, the order of inspection is:
containers
images
volumes
networks
pods
meaning if container that has the same name as an image, podman inspect would return the container inspect.
To avoid duplicate code, podman network inspect and podman volume inspect now use the inspect package as well. Podman pod inspect does not because podman pod inspect returns a single json object while podman inspect can return multiple)
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \
| |/
|/| |
image list: check for all errors
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
For unknown historical reasons, some errors were ignored when listing
images. I assume that the basic assumption was that if we can properly
list images, we can also successfully compute their sizes which turned
out to be wrong.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
Currently if you run an interactive session of podman run and
specifiy the --cidfile option, the cidfile will not get created
until the container finishes running. If you run a detached
container, it will get created right away. This Patch creates
the cidfile as soon as the container is created. This could allow
other tools to use the cidefile on all running containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
| |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| |
|
|
|
|
|
| |
remove signatures to podman save since the image formats do not support signatures
Close: #7659
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\
| |
| | |
Add a shutdown signal handler
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Expand the use of the Shutdown package such that we now use it
to handle signals any time we run Libpod. From there, add code to
container creation to use the Inhibit function to prevent a
shutdown from occuring during the critical parts of container
creation.
We also need to turn off signal handling when --sig-proxy is
invoked - we don't want to catch the signals ourselves then, but
instead to forward them into the container via the existing
sig-proxy handler.
Fixes #7941
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \
| | |
| | | |
Make invalid image name error more specific
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, using an invalid image name would produce an error like
this:
Error: error encountered while bringing up pod test-pod-0: invalid reference format
This message didn't specify that there was an problem with an image
name, and it didn't specify which image name had a problem if there were
multiple. Now the error reads:
Error: error encountered while bringing up pod test-pod-0: Failed to parse image "./myimage": invalid reference format
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| |\ \ \
| |/ /
|/| | |
fix podman container exists and diff for storage containers
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
External containers are containers created outside of Podman.
For example Buildah and CRI-O Containers.
$ buildah from alpine
alpine-working-container
$ buildah run alpine-working-container touch /test
$ podman container exists --external alpine-working-container
$ podman container diff alpine-working-container
C /etc
A /test
Added --external flag to refer to external containers, rather then --storage.
Added --external for podman container exists and modified podman ps to use
--external rather then --storage. It was felt that --storage would confuse
the user into thinking about changing the storage driver or options.
--storage is still supported through the use of aliases.
Finally podman contianer diff, does not require the --external flag, since it
there is little change of users making the mistake, and would just be a pain
for the user to remember the flag.
podman container exists --external is required because it could fool scripts
that rely on the existance of a Podman container, and there is a potential
for a partial deletion of a container, which could mess up existing users.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Current these commands only check if a container exists in libpod. With
this fix, the commands will also check if they are in containers/storage.
This allows users to look at differences within a buildah or CRI-O container.
Currently buildah diff does not exists, so this helps out in that situation
as well as in CRI-O since the cri does not implement a diff command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/ /
| |
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| |\ \
| |/
|/| |
Container detach newlines
|
| | |
| |
| |
| | |
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
| |\ \
| | |
| | | |
Add support for resource limits to play kube
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| |/ /
| |
| |
| |
| |
| |
| | |
For fix of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1684263
Add --list-tags to podman search to return a table the repository tags.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \
| | |
| | | |
This PR allows users to remove external containers directly
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currenly if a user specifies the name or ID of an external storage
container, we report an error to them.
buildah from scratch
working-container-2
podman rm working-container-2
Error: no container with name or ID working-container-2 found: no such container
Since the user specified the correct name and the container is in storage we
force them to specify --storage to remove it. This is a bad experience for the
user.
This change will just remove the container from storage. If the container
is known by libpod, it will remove the container from libpod as well.
The podman rm --storage option has been deprecated, and removed from docs.
Also cleaned documented options that are not available to podman-remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| | |
| | | |
Enable k8s configmaps as flags for play kube
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
| |\ \ \
| |_|/
|/| | |
Move pod jobs to parallel execution
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make Podman pod operations that do not involve starting
containers (which needs to be done in a specific order) use the
same parallel operation code we use to make `podman stop` on
large numbers of containers fast. We were previously stopping
containers in a pod serially, which could take up to the timeout
(default 15 seconds) for each container - stopping 100 containers
that do not respond to SIGTERM would take 25 minutes.
To do this, refactor the parallel operation code a bit to remove
its dependency on libpod (damn circular import restrictions...)
and use parallel functions that just re-use the standard
container API operations - maximizes code reuse (previously each
pod handler had a separate implementation of the container
function it performed).
This is a bit of a palate cleanser after fighting CI for two
days - nice to be able to return to a land of sanity.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|
|
|
|
|
|
|
|
| |
due to a lack of "locking" on cni operations, we could get ourselves in trouble when doing rapid creation or removal of networks. added a simple file lock to deal with the collision and because it is not considered a performent path, use of the file lock should be ok. if proven otherwise in the future, some generic shared memory lock should be implemented for libpod and also used here.
moved pkog/network to libpod/network because libpod is now being pulled into the package and it has therefore lost its generic nature. this will make it easier to absorb into libpod as we try to make the network closer to core operations.
Fixes: #7807
Signed-off-by: baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit is courtesy of
```
for f in $(git ls-files *.go | grep -v ^vendor/); do \
sed -i 's/\(errors\..*\)"Error /\1"error /' $f;
done
for f in $(git ls-files *.go | grep -v ^vendor/); do \
sed -i 's/\(errors\..*\)"Failed to /\1"failed to /' $f;
done
```
etc.
Self-reviewed using `git diff --word-diff`, found no issues.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In case os.Open[File], os.Mkdir[All], ioutil.ReadFile and the like
fails, the error message already contains the file name and the
operation that fails, so there is no need to wrap the error with
something like "open %s failed".
While at it
- replace a few places with os.Open, ioutil.ReadAll with
ioutil.ReadFile.
- replace errors.Wrapf with errors.Wrap for cases where there
are no %-style arguments.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
|
| |
|
|
|
|
|
|
| |
Make sure to remove images until there's nothing left to prune.
A single iteration may not be sufficient.
Fixes: #7872
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\
| |
| | |
fix allowing inspect manifest of non-local image
|
| | |
| |
| |
| |
| |
| |
| | |
Add support of `podman manifest inspect` returning manifest list of non-local manifest.
Close #https://github.com/containers/podman/issues/7726
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
podman volume prune -f
Should just tell the prune command to not prompt for confirmation.
It should not be passing the prune flag into the API.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In podman containers rm and podman images rm, the commands
exit with error code 1 if the object does not exists.
This PR implements similar functionality to volumes, networks, and Pods.
Similarly if volumes or Networks are in use by other containers, and return
exit code 2.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
Properly handle podman run --pull command
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the --pull missing|always|never is ignored
This PR implements this for local API. For remote we
need to default to pullpolicy specified in the containers.conf
file.
Also fixed an issue when images were matching other images names
based on prefix, causing images to always be pulled.
I had named an image myfedora and when ever I pulled fedora, the system
thought that it there were two images named fedora since it was checking
for the name fedora as well as the prefix fedora. I changed it to check
for fedora and the prefix /fedora, to prefent failures like I had.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
| |
I added a test to prevent a future regression.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
|
|
|
|
|
|
| |
Have a clear separation of concerns for the CLI-only options (and their
logic) from the backend. The backend logic is now easier to understand
(e.g., `stream` instead of `noStream`).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Add a new endpoint for container stats allowing for batch operations on
more than one container. The new endpoint deprecates the
single-container endpoint which will eventually be removed with the next
major release.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Refactor the entities' stats API to simplify using it and reduce the
risk of running into concurrency issues at the call sites. Further
simplify the stats code by de-spaghetti-ing the logic and reducing
duplicate code.
`ContainerStats` now returns a data channel and an error. If the error
is nil, callers can read from the channel.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |
|
|
|
|
|
| |
Currently `podman image unmount` report every image that is mounted
when it unmounts them. We should only report unmounted actually mounted images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
| |
* Move from simple string to semver objects
* Change client API Version from '1' to 2.0.0
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
| |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| |
|
|
| |
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
|
| |\
| |
| | |
image list: return all associated names
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Always return all associated names / repo tags of an image and fix a bug
with malformed repo tags.
Previously, Podman returned all names only with `--all` but this flag
only instructs to list intermediate images and should not alter
associated names. With `--all` Podman queried the repo tags of an image
which splits all *tagged* names into repository and tag which is then
reassembled to eventually be parsed again in the frontend. Lot's of
redundant CPU heat and buggy as the reassembly didn't consider digests
which ultimately broke parsing in the frontend.
Fixes: #7651
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using `podman play kube` with a YAML file that has pod labels,
apply those labels to the pods that podman makes.
For example, this Deployment spec has labels on a pod:
apiVersion: apps/v1
kind: Deployment
metadata:
name: myapp
labels:
app: myapp
spec:
selector:
matchLabels:
app: myapp
template:
metadata:
labels:
app: myapp
spec:
containers:
- name: web
image: nginx
ports:
- containerPort: 80
The pods that podman creates will have the label "app" set to "myapp" so
that these pods can be found with `podman pods ps --filter label=app`.
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| |
|
|
|
|
| |
Enables podman create, pull, run, import to use --signature-policy option. Set it as hidden flag to be consistent with other commands.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Refactor/Rename channel.WriteCloser() to encapsulate the channel
* Refactor build endpoint to "live" stream buildah output channels
over API rather then buffering output
* Refactor bindings/tunnel build because endpoint changes
* building tar file now in bindings rather then depending on
caller
* Cleanup initiating extra image engine
* Remove setting fields to zero values (less noise in code)
* Update tests to support remote builds
Fixes #7136
Fixes #7137
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
