summaryrefslogtreecommitdiff
path: root/pkg/domain
Commit message (Collapse)AuthorAge
* fix: podman-cp respects "--extract" flagMatej Vasek2020-10-25
| | | | Signed-off-by: Matej Vasek <mvasek@redhat.com>
* save image remove signaturesQi Wang2020-10-21
| | | | | | | remove signatures to podman save since the image formats do not support signatures Close: #7659 Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #7999 from mheon/signal_handlerOpenShift Merge Robot2020-10-20
|\ | | | | Add a shutdown signal handler
| * Enable masking stop signals within container creationMatthew Heon2020-10-12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Expand the use of the Shutdown package such that we now use it to handle signals any time we run Libpod. From there, add code to container creation to use the Inhibit function to prevent a shutdown from occuring during the critical parts of container creation. We also need to turn off signal handling when --sig-proxy is invoked - we don't want to catch the signals ourselves then, but instead to forward them into the container via the existing sig-proxy handler. Fixes #7941 Signed-off-by: Matthew Heon <mheon@redhat.com>
* | Merge pull request #8056 from xordspar0/invalid-imageOpenShift Merge Robot2020-10-19
|\ \ | | | | | | Make invalid image name error more specific
| * | Make invalid image name error more specificJordan Christiansen2020-10-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, using an invalid image name would produce an error like this: Error: error encountered while bringing up pod test-pod-0: invalid reference format This message didn't specify that there was an problem with an image name, and it didn't specify which image name had a problem if there were multiple. Now the error reads: Error: error encountered while bringing up pod test-pod-0: Failed to parse image "./myimage": invalid reference format Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* | | Merge pull request #7908 from rhatdan/diffOpenShift Merge Robot2020-10-19
|\ \ \ | |/ / |/| | fix podman container exists and diff for storage containers
| * | Add support for external containerDaniel J Walsh2020-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | External containers are containers created outside of Podman. For example Buildah and CRI-O Containers. $ buildah from alpine alpine-working-container $ buildah run alpine-working-container touch /test $ podman container exists --external alpine-working-container $ podman container diff alpine-working-container C /etc A /test Added --external flag to refer to external containers, rather then --storage. Added --external for podman container exists and modified podman ps to use --external rather then --storage. It was felt that --storage would confuse the user into thinking about changing the storage driver or options. --storage is still supported through the use of aliases. Finally podman contianer diff, does not require the --external flag, since it there is little change of users making the mistake, and would just be a pain for the user to remember the flag. podman container exists --external is required because it could fool scripts that rely on the existance of a Podman container, and there is a potential for a partial deletion of a container, which could mess up existing users. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * | fix podman container exists and diff for storage containersDaniel J Walsh2020-10-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Current these commands only check if a container exists in libpod. With this fix, the commands will also check if they are in containers/storage. This allows users to look at differences within a buildah or CRI-O container. Currently buildah diff does not exists, so this helps out in that situation as well as in CRI-O since the cri does not implement a diff command. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #8045 from ↵OpenShift Merge Robot2020-10-17
|\ \ \ | | | | | | | | | | | | | | | | andylibrian/podman-remote-cleanly-exit-on-detachkeyspressed Update podman-remote run and start to handle detach keys
| * | | Update podman-remote start --attach to handle detach keysAndy Librian2020-10-16
| | | | | | | | | | | | | | | | | | | | | | | | fixes #7979 Signed-off-by: Andy Librian <andylibrian@gmail.com>
| * | | Update podman-remote run to handle detach keysAndy Librian2020-10-16
| |/ / | | | | | | | | | | | | | | | addresses #7979 Signed-off-by: Andy Librian <andylibrian@gmail.com>
* / / Fix panic when runlabel is missingzhangguanzhang2020-10-16
|/ / | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | Merge pull request #7955 from ParkerVR/7751-altOpenShift Merge Robot2020-10-13
|\ \ | |/ |/| Container detach newlines
| * newlines on all container detachesParker Van Roy2020-10-07
| | | | | | | | Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | Merge pull request #7853 from xordspar0/play-kube-limits-#7742OpenShift Merge Robot2020-10-12
|\ \ | | | | | | Add support for resource limits to play kube
| * | Add support for resource limits to play kubeJordan Christiansen2020-10-12
| | | | | | | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* | | Search repository tags using --list-tagsQi Wang2020-10-09
|/ / | | | | | | | | | | | | For fix of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1684263 Add --list-tags to podman search to return a table the repository tags. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #7891 from rhatdan/rmOpenShift Merge Robot2020-10-09
|\ \ | | | | | | This PR allows users to remove external containers directly
| * | This PR allows users to remove external containers directlyDaniel J Walsh2020-10-09
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currenly if a user specifies the name or ID of an external storage container, we report an error to them. buildah from scratch working-container-2 podman rm working-container-2 Error: no container with name or ID working-container-2 found: no such container Since the user specified the correct name and the container is in storage we force them to specify --storage to remove it. This is a bad experience for the user. This change will just remove the container from storage. If the container is known by libpod, it will remove the container from libpod as well. The podman rm --storage option has been deprecated, and removed from docs. Also cleaned documented options that are not available to podman-remote. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7910 from EduardoVega/7567-podman-configmapsOpenShift Merge Robot2020-10-09
|\ \ | | | | | | Enable k8s configmaps as flags for play kube
| * | Enable k8s configmaps as flags for play kubeEduardo Vega2020-10-07
| | | | | | | | | | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | | Merge pull request #7382 from mheon/pod_parallelOpenShift Merge Robot2020-10-07
|\ \ \ | |_|/ |/| | Move pod jobs to parallel execution
| * | Move pod jobs to parallel executionMatthew Heon2020-10-07
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Make Podman pod operations that do not involve starting containers (which needs to be done in a specific order) use the same parallel operation code we use to make `podman stop` on large numbers of containers fast. We were previously stopping containers in a pod serially, which could take up to the timeout (default 15 seconds) for each container - stopping 100 containers that do not respond to SIGTERM would take 25 minutes. To do this, refactor the parallel operation code a bit to remove its dependency on libpod (damn circular import restrictions...) and use parallel functions that just re-use the standard container API operations - maximizes code reuse (previously each pod handler had a separate implementation of the container function it performed). This is a bit of a palate cleanser after fighting CI for two days - nice to be able to return to a land of sanity. Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* / prevent unpredictable results with network create|removebaude2020-10-07
|/ | | | | | | | | | due to a lack of "locking" on cni operations, we could get ourselves in trouble when doing rapid creation or removal of networks. added a simple file lock to deal with the collision and because it is not considered a performent path, use of the file lock should be ok. if proven otherwise in the future, some generic shared memory lock should be implemented for libpod and also used here. moved pkog/network to libpod/network because libpod is now being pulled into the package and it has therefore lost its generic nature. this will make it easier to absorb into libpod as we try to make the network closer to core operations. Fixes: #7807 Signed-off-by: baude <bbaude@redhat.com>
* Lowercase some errorsKir Kolyshkin2020-10-05
| | | | | | | | | | | | | | | | | | | | | This commit is courtesy of ``` for f in $(git ls-files *.go | grep -v ^vendor/); do \ sed -i 's/\(errors\..*\)"Error /\1"error /' $f; done for f in $(git ls-files *.go | grep -v ^vendor/); do \ sed -i 's/\(errors\..*\)"Failed to /\1"failed to /' $f; done ``` etc. Self-reviewed using `git diff --word-diff`, found no issues. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* Remove excessive error wrappingKir Kolyshkin2020-10-05
| | | | | | | | | | | | | | | | | In case os.Open[File], os.Mkdir[All], ioutil.ReadFile and the like fails, the error message already contains the file name and the operation that fails, so there is no need to wrap the error with something like "open %s failed". While at it - replace a few places with os.Open, ioutil.ReadAll with ioutil.ReadFile. - replace errors.Wrapf with errors.Wrap for cases where there are no %-style arguments. Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* Fix podman-remote ps --ns brokenzhangguanzhang2020-10-04
| | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* Merge pull request #7887 from vrothberg/fix-7872OpenShift Merge Robot2020-10-02
|\ | | | | image prune: remove all candidates
| * image prune: remove all candidatesValentin Rothberg2020-10-02
| | | | | | | | | | | | | | | | Make sure to remove images until there's nothing left to prune. A single iteration may not be sufficient. Fixes: #7872 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7867 from vrothberg/fix-7837OpenShift Merge Robot2020-10-02
|\ \ | |/ |/| remote: fix name and ID collisions of containers and pods
| * remote: fix name and ID collisions of containers and podsValentin Rothberg2020-10-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the look up of containers and pods in the remote client. User input can refer to both, names or IDs of containers and pods, so there is a fair chance of collisions (e.g., "c1" name with a "c1...." ID). Those collisions are well handled (and battle tested) in the local client which is directly using the libpod backend. Hence, the remote client should not attempt to introduce its own logic to prevent bugs and divergence between the local and the remote clients. To prevent collisions such as in #7837, do a container/pod inspect on the user-provided input to find the corresponding ID and eventually do full ID comparisons to avoid potential collisions with names. Note that this has a cost that I am not entirely happy with. Looking at issue #7837, the collisions are happening when removing the two containers. Remote container removal is now very chatty with the server as it first queries for all containers, then iterates over the provided names or IDs and does a remote inspect to figure out the IDs and find a matching container object. However, remote removal could just pass the names and IDs directly to the batch removal endpoint. Querying for all containers could be prevented if the batch removal endpoint would remove all if the slice is empty. In other words, the bug is fixed but there's room for performance improvements. Fixes: #7837 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #7735 from QiWang19/manifest-inspectOpenShift Merge Robot2020-10-01
|\ \ | | | | | | fix allowing inspect manifest of non-local image
| * | fix allowing inspect manifest of non-local imageQi Wang2020-09-30
| |/ | | | | | | | | | | | | Add support of `podman manifest inspect` returning manifest list of non-local manifest. Close #https://github.com/containers/podman/issues/7726 Signed-off-by: Qi Wang <qiwan@redhat.com>
* / Volume prune should not pass down the force flagDaniel J Walsh2020-10-01
|/ | | | | | | | | podman volume prune -f Should just tell the prune command to not prompt for confirmation. It should not be passing the prune flag into the API. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7840 from vrothberg/remote-untagOpenShift Merge Robot2020-09-30
|\ | | | | fix remote untag
| * fix remote untagValentin Rothberg2020-09-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the remote client to untag all tags of the specified image. Instead of querying the image on the client side, support the case where both, repo and tag, are empty and remove all tags. Reuse the ABI implementation where possible. In retrospective, the libpod untag endpoint should support a slice of strings to batch remove tags rather than reaching out for each tag individually. Enable the skipped test. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Fix handling of remove of bogus volumes, networks and PodsDaniel J Walsh2020-09-29
|/ | | | | | | | | | | | In podman containers rm and podman images rm, the commands exit with error code 1 if the object does not exists. This PR implements similar functionality to volumes, networks, and Pods. Similarly if volumes or Networks are in use by other containers, and return exit code 2. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #7783 from ashley-cui/slirpOpenShift Merge Robot2020-09-29
|\ | | | | Add support for slirp network for pods
| * Add support for slirp network for podsAshley Cui2020-09-25
| | | | | | | | | | | | flag --network=slirp4netns[options] for root and rootless pods Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #7770 from rhatdan/pullpolicyOpenShift Merge Robot2020-09-28
|\ \ | | | | | | Properly handle podman run --pull command
| * | Properly handle podman run --pull commandDaniel J Walsh2020-09-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the --pull missing|always|never is ignored This PR implements this for local API. For remote we need to default to pullpolicy specified in the containers.conf file. Also fixed an issue when images were matching other images names based on prefix, causing images to always be pulled. I had named an image myfedora and when ever I pulled fedora, the system thought that it there were two images named fedora since it was checking for the name fedora as well as the prefix fedora. I changed it to check for fedora and the prefix /fedora, to prefent failures like I had. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Fix network remove for the podman remote clientPaul Holzinger2020-09-28
| | | | | | | | | | | | | | | | | | | | | | | | The podman remote client ignored the force option due a typo. If an error occured the remote client would panic with an index out of range error. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | Fix podman network rm --force when network is used by a podPaul Holzinger2020-09-28
|/ / | | | | | | | | | | I added a test to prevent a future regression. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | Merge pull request #7741 from vrothberg/remote-load-dir-checkOpenShift Merge Robot2020-09-24
|\ \ | | | | | | remote load: check if input is directory
| * | remote load: check if input is directoryValentin Rothberg2020-09-24
| | | | | | | | | | | | | | | | | | | | | | | | The remote client does not support loading directories yet. To prevent confusing error messages and to make the behaviour more explicit, check if the input points to a directory and throw an error if needed. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #7753 from vrothberg/fix-7689OpenShift Merge Robot2020-09-24
|\ \ \ | |/ / |/| | remote stats
| * | stats: break out CLI optionsValentin Rothberg2020-09-24
| | | | | | | | | | | | | | | | | | | | | | | | Have a clear separation of concerns for the CLI-only options (and their logic) from the backend. The backend logic is now easier to understand (e.g., `stream` instead of `noStream`). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | new endpoint: /libpod/containers/statsValentin Rothberg2020-09-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new endpoint for container stats allowing for batch operations on more than one container. The new endpoint deprecates the single-container endpoint which will eventually be removed with the next major release. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
| * | stats refactorValentin Rothberg2020-09-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactor the entities' stats API to simplify using it and reduce the risk of running into concurrency issues at the call sites. Further simplify the stats code by de-spaghetti-ing the logic and reducing duplicate code. `ContainerStats` now returns a data channel and an error. If the error is nil, callers can read from the channel. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>