summaryrefslogtreecommitdiff
path: root/pkg/domain/infra/tunnel/containers.go
Commit message (Collapse)AuthorAge
* remote run: consult events for exit codeValentin Rothberg2020-09-10
| | | | | | | | | | | | | | | | After attaching to a container, we wait for the container to finish and return its exit code. Waiting for the container may not always succeed, for instance, when the container has been force removed by another process. In such case, we have to look at the *last* container-exit event. Also refactor the `ContainerRun` method a bit to return early on errors and de-spaghetti the code. Enable the remote-disabled system test. Fixes: #7117 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Unconditionally retrieve pod names via APIMatthew Heon2020-08-10
| | | | | | | | | | | | | | | | | | The ListContainers API previously had a Pod parameter, which determined if pod name was returned (but, notably, not Pod ID, which was returned unconditionally). This was fairly confusing, so we decided to deprecate/remove the parameter and return it unconditionally. To do this without serious performance implications, we need to avoid expensive JSON decodes of pod configuration in the DB. The way our Bolt tables are structured, retrieving name given ID is actually quite cheap, but we did not expose this via the Libpod API. Add a new GetName API to do this. Fixes #7214 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Handle podman-remote run --rmDaniel J Walsh2020-08-04
| | | | | | | | We need to remove the container after it has exited for podman-remote run --rm commands. If we don't remove this container at this step, we open ourselves up to race conditions. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* move go module to v2Valentin Rothberg2020-07-06
| | | | | | | | | | | | | | | With the advent of Podman 2.0.0 we crossed the magical barrier of go modules. While we were able to continue importing all packages inside of the project, the project could not be vendored anymore from the outside. Move the go module to new major version and change all imports to `github.com/containers/libpod/v2`. The renaming of the imports was done via `gomove` [1]. [1] https://github.com/KSubedi/gomove Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #6636 from mheon/add_warningsOpenShift Merge Robot2020-06-17
|\ | | | | Re-add resource limit warnings to Specgen
| * Re-add resource limit warnings to SpecgenMatthew Heon2020-06-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | These were part of Podman v1.9, but were lost in the transition to using Specgen to create containers. Most resource limits are checked via the sysinfo package to ensure they are safe to use (the cgroup is mounted, kernel support is present, etc) and removed if not safe. Further, bounds checks are performed to ensure that values are valid. Ensure these warnings are printed client-side when they occur. This part is a little bit gross, as it happens in pkg/infra and not cmd/podman, which is largely down to how we implemented `podman run` - all the work is done in pkg/infra and it returns only once the container has exited, and we need warnings to print *before* the container runs. The solution here, while inelegant, avoid the need to extensively refactor our handling of run. Should fix blkio-limit warnings that were identified by the FCOS test suite. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #6583 from mheon/inspect_ctr_before_imgOpenShift Merge Robot2020-06-17
|\ \ | | | | | | Fix podman inspect on overlapping/missing objects
| * | Fix podman inspect on overlapping/missing objectsMatthew Heon2020-06-16
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This started as a small fix to `podman inspect` where a container and image, with the same name/tag, were present, and `podman inspect` was run on that name. `podman inspect` in 1.9 (and `docker inspect`) will give you the container; in v2.0, we gave the image. This was an easy fix (just reorder how we check for image/container). Unfortunately, in the process of testing this fix, I determined that we regressed in a different area. When you run inspect on a number of containers, some of which do not exist, `podman inspect` should return an array of inspect results for the objects that exist, then print a number of errors, one for each object that could not be found. We were bailing after the first error, and not printing output for the containers that succeeded. (For reference, this applied to images as well). This required a much more substantial set of changes to properly handle - signatures for the inspect functions in ContainerEngine and ImageEngine, plus the implementations of these interfaces, plus the actual inspect frontend code needed to be adjusted to use this. Fixes #6556 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / Add <return> to lines returen in podman-remote logsDaniel J Walsh2020-06-16
|/ | | | | | | Every line is sent back individually over the APIv2 as logs, but we are not adding the '\n' to give us line breaks. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Handle errors on attach properlyDaniel J Walsh2020-06-15
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Turn on More lintersDaniel J Walsh2020-06-15
| | | | | | | | | - misspell - prealloc - unparam - nakedret Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fix Id->ID where possible for lintDaniel J Walsh2020-06-10
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Fixup issues found by golintDaniel J Walsh2020-06-10
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add parallel operation to `podman stop`Matthew Heon2020-06-05
| | | | | | | | | | | | This is the other command that benefits greatly from being run in parallel, due to the potential 15-second timeout for containers that ignore SIGTERM. While we're at it, also clean up how stop timeout is set. This needs to be an optional parameter, so that the value set when the container is created with `--stop-timeout` will be respected. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Merge pull request #6485 from QiWang19/remote-ignoreOpenShift Merge Robot2020-06-04
|\ | | | | fix remote test --ignore & turn on more tests
| * fix remote test --ignore & turn on more testsQi Wang2020-06-03
| | | | | | | | | | | | fix remote test --ignore & turn on more tests Signed-off-by: Qi Wang <qiwan@redhat.com>
* | turn on remote stop_testQi Wang2020-06-03
|/ | | | | | turn on stop_test --cidfile Signed-off-by: Qi Wang <qiwan@redhat.com>
* Turn on remote rm_test --cidfileQi Wang2020-06-02
| | | | | | Turn on remote rm_test --cidfile Signed-off-by: Qi Wang <qiwan@redhat.com>
* Enable detached exec for remoteMatthew Heon2020-06-02
| | | | | | | | | | | | | | | | | | | | | | | The biggest obstacle here was cleanup - we needed a way to remove detached exec sessions after they exited, but there's no way to tell if an exec session will be attached or detached when it's created, and that's when we must add the exit command that would do the removal. The solution was adding a delay to the exit command (5 minutes), which gives sufficient time for attached exec sessions to retrieve the exit code of the session after it exits, but still guarantees that they will be removed, even for detached sessions. This requires Conmon 2.0.17, which has the new `--exit-delay` flag. As part of the exit command rework, we can drop the hack we were using to clean up exec sessions (remove them as part of inspect). This is a lot cleaner, and I'm a lot happier about it. Otherwise, this is just plumbing - we need a bindings call for detached exec, and that needed to be added to the tunnel mode backend for entities. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* Add bindings for exec and enable attached remoteMatthew Heon2020-06-01
| | | | | | | | | | | This adds bindings for starting exec sessions, and then uses them to wire up detached exec. Code is heavily based on Attach code for containers, slightly modified to handle exec sessions. Bindings are presently attached-only, detached is pending on a Conmon update landing in CI. I'll probably get to that next. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* V2 enable remote logs and testingJhon Honce2020-05-22
| | | | | | | | | | * wire up bindings and handler for obtaining logs remotely * enable debug logging from podman in e2e test using DEBUG and DEBUG_SERVICE env variables * Fix error in streaming log frames * enable remote logs test Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #6330 from rhatdan/startOpenShift Merge Robot2020-05-22
|\ | | | | Fix podman-remote start tests
| * Fix podman-remote start testsDaniel J Walsh2020-05-21
| | | | | | | | | | | | Also enable some tests for remote by removing -l flag. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Fix podman-remote stop --all to handle not running containersDaniel J Walsh2020-05-21
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Get proper exit code when running or starting a container.Daniel J Walsh2020-05-21
| | | | | | | When we finish running a container, we need to call wait in order to get the exit code from the container. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6270 from mheon/detached_execOpenShift Merge Robot2020-05-21
|\ | | | | Implement detached exec
| * Add CLI frontend for detached execMatthew Heon2020-05-20
| | | | | | | | | | | | | | | | | | | | | | Add a new ContainerEngine method for creating a detached exec session, and wire in the frontend code to do this. As part of this, move Streams out of ExecOptions to the function signature in an effort to share the struct between both methods. Fixes #5884 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #6307 from baude/v2remoteinitOpenShift Merge Robot2020-05-21
|\ \ | | | | | | enable remote integration tests for init
| * | enable remote integration tests for initBrent Baude2020-05-20
| |/ | | | | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* / govern remote attach and startBrent Baude2020-05-20
|/ | | | | | fixes a race where container would start before attach could occur resulting in an error. Signed-off-by: Brent Baude <bbaude@redhat.com>
* v2 podman remote attach, start, and runBrent Baude2020-05-15
| | | | | | for the remote client, add the ability to attach to a container, start a container, and run a container. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Fix checkpoint --leave-runningAdrian Reber2020-05-14
| | | | | | | There was typo in the variable name and in one place it was not correctly passed to the next layer. Signed-off-by: Adrian Reber <areber@redhat.com>
* add port to podman remote commandBrent Baude2020-05-11
| | | | Signed-off-by: Brent Baude <bbaude@redhat.com>
* container runlabelValentin Rothberg2020-05-07
| | | | | | Implement container runlabel for v2. Local client only. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* v2 podman statsbaude2020-05-05
| | | | Signed-off-by: baude <bbaude@redhat.com>
* enable integration tests for restartBrent Baude2020-04-27
| | | | | | enable integrations tests for container restart. fixed bug where --running was not being honored. Signed-off-by: Brent Baude <bbaude@redhat.com>
* V2 restore libpod.Shutdown() when exiting podman commandsJhon Honce2020-04-22
| | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* podmanv2 cpBrent Baude2020-04-21
| | | | | | enable podman to copy files between container and host, local mode only. this is a straight port of v1 code to v2. Signed-off-by: Brent Baude <bbaude@redhat.com>
* v2podman portBrent Baude2020-04-21
| | | | | | add port command to podman. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Ability to prune container in api V2Sujil022020-04-15
| | | | | | | Adds ability to prune containers for v2. Adds client side prompt with force flag and filters options to prune. Signed-off-by: Sujil02 <sushah@redhat.com>
* Add support for the global flags and config filesJhon Honce2020-04-14
| | | | | | | Note: This PR doesn't provide full rootless support that will be addressed in a future PR Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Merge pull request #5808 from baude/v2psformat2OpenShift Merge Robot2020-04-14
|\ | | | | v2podman ps revert structure changes
| * v2podman ps revert structure changesBrent Baude2020-04-14
| | | | | | | | | | | | reverting name changes to the listcontainer structure because it negatively impacted the direct consumption of the restful API. instead we now use a local structure in the CLI to modify the output as needed. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | podmanv2 mount and umountBrent Baude2020-04-14
|/ | | | | | add the ability to mount and unmount containers for the local client only Signed-off-by: Brent Baude <bbaude@redhat.com>
* v2podman add container initBrent Baude2020-04-13
| | | | | | add the ability to init a container both local and remote Signed-off-by: Brent Baude <bbaude@redhat.com>
* v2podman container cleanupBrent Baude2020-04-09
| | | | | | | | add the ability to clean up after a container has attempted to run. this is also important for podman run --rm --rmi. also included are fixes and tweaks to various code bits to correct regressions on output. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #5754 from baude/v2psformatOpenShift Merge Robot2020-04-09
|\ | | | | v2podman ps alter formats
| * v2podman ps alter formatsBrent Baude2020-04-08
| | | | | | | | | | | | in order to get the go templating to work for custom input, we now use structure methods instead of template map funcs. this requires some manipulation of fields so that the funcs can have the proper names. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | podmanV2: implement logsValentin Rothberg2020-04-09
|/ | | | | | | | | | | Implement the `podman {container} logs` for the v2 client. The remote client does not yet support it. There's some more work needed for the rest api; some options are missing (e.g., printing names) while others are broken (e.g., the until http parameter). The remote parts will be tackled in a future change. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>