| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
make 9p security model configurable; document
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This addresses:
Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784
This change does NOT exactly fix the bug, but it does allow the user to
work around it via 'podman init' option, e.g.:
podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none"
If the default security model were to be changed to 'none', then that
would fix the bug, at the possible cost of breaking any use cases that
depend on 'mapped-xattr'.
The documentation of the purpose and behavior of the different security
models seems to be rather light:
https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
From testing, it appears that the mapped-xattr security model intends to
manage symlinks such that the guest can see the symlinks but the host
only sees regular files (with extended attributes). As far as I can
tell, this behavior only makes sense when the guest is the only thing
that ever needs to create and read symlinks. Otherwise, symlinks created
on the host are unusable on the guest, and vice versa.
As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5
[NO NEW TESTS NEEDED]
Also document existing ro and rw options.
Also remove misleading statement about /mnt. By my observation, this
line is incorrect. If the intended meaning is different, then I don't
understand.
The default volume is mounted read/write and is not within /mnt.
[core@localhost ~]$ mount | grep 9p
vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio)
Signed-off-by: Corey Hickey <chickey@tagged.com>
|
| |\ \
| | |
| | | |
Podman machine info
|
| | |/
| |
| |
| |
| |
| |
| | |
Add podman machine info command, which displays infor about the machine
host as well as version info.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Issue introduced in #14828
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Connecting with `podman machine ssh` can results in the following
warning:
```
/usr/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_CA.UTF-8)
/usr/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_CA.UTF-8)
/usr/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_CA.UTF-8)
/usr/bin/sh: warning: setlocale: LC_ALL: cannot change locale (en_CA.UTF-8)
```
Best would probably be to remove `LC_ALL` (and other locale and lang
env vars) from `/etc/ssh/sshd_config.d/50-redhat.conf` in the CoreOS
image, but I'm not terribly sure how, so this is a quick alternative.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |\
| |
| | |
reveal machine error, ignore false state
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This PR covers two edge cases discovered by fiddling with machine
manually. It is possible (like after a manual cleanup of a machine)
that a leftover qemu socket file can indicate the prescense of a machine
running.
Also, reveal the error of a Exec.Command by wrapping the generic error
around what was in stderr.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Make `podman machine stop` wait for qemu to exit
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- New `VMPidFilePath` field in MachineVM config holds the path for the
qemu PID file
- qemu is now started with the `-pidfile` argument set to `VMPidFilePath`
- Machines created before this won't have the VM PID file configured,
stopping these VMs will revert back to waiting on the state to change
away from `Running`, plus an added 2s sleep to give time for the VM to
exit and to avoid potential issues
- Machines created after this will have a VM PID file configured and
stopping the machine will wait indefinitely for the VM to exit
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| | |
Currently podman machine list never shows the starting state.
Fixes: https://github.com/containers/podman/issues/14738
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Replace "setup", "lookup", "cleanup", "backup" with
"set up", "look up", "clean up", "back up"
when used as verbs. Replace also variations of those.
* Improve language in a few places.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Interrupting a `podman machine start` (ex: with CTRL-C) would leave
`Starting: true` in the machine's config file. Due to #14469 any
subsequent starts would fail since Podman would think the machine is
still in the process of starting.
Fixed here by listening for the interrupt signal and setting `Starting:
false` in the event.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The nolintlint linter does not deny the use of `//nolint`
Instead it allows us to enforce a common nolint style:
- force that a linter name must be specified
- do not add a space between `//` and `nolint`
- make sure nolint is only used when there is actually a problem
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| |/
|/| |
Prevent simultaneous machine starts
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
- The State() function now returns machine.Starting status instead of an
empty string if the VM is in the process of starting.
- The `CheckExclusiveActiveVM()` function returns `true` to prevent
starting a VM while another is in the process of starting.
- `podman machine ls` displays "Currently starting" under "Last Up" for
the starting VM
- `podman machine ls` supports `{{.Starting}}` boolean field in the format
- `podman machine inspect` displays "starting" in the "State" field for
the starting VM
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Running `podman machine start` twice at the same time in different
terminals, for example, will make the second invocation fail and the
first one hang.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |/
|
|
|
|
|
|
|
|
| |
In #13466 the ability to force remove a machine while it's running was
added but it did not first stop the machine, all files get deleted but
the qemu VM would essentially be orphaned.
[NO NEW TESTS NEEDED]
Signed-off-by: Shane Smith <shane.smith@shopify.com>
|
| |\
| |
| | |
podman machine ssh: set correct exit code
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currenlty this ssh warning is printed everytime:
`Warning: Permanently added '[localhost]:33915' (ED25519) to the list of known hosts.`
Since this is very anoying and makes it harder to capture the actual
command output we should silence this. With log level error we will only
see the important messages from ssh.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
| |
For consumers of the podman.sock who want a predictable way to find the
podman sock, we now include it under 'ConnectionConfig' in podman
machine inspect.
Fixes: #14231
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
|
|
| |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
podman system reset removed machines incorrectly
|
| | |
| |
| |
| |
| |
| |
| | |
podman system reset did not clean up machines fully, leaving some config
files, and breaking machines. Now it removes all machines files fully.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |/
|
|
|
|
| |
* Fix issue of nil pointer derefence
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |
|
|
|
|
|
|
| |
The errcheck linter makes sure that errors are always check and not
ignored by accident. It spotted a lot of unchecked errors, mostly in the
tests but also some real problem in the code.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
Refactor machine inspect
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I was asked to refactor machine inspect output to represent more common
and basic information. machine inspect now has information that would
be appropriate for different machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
podman machine starting test
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add a test to make sure machines are not running while still starting
in order to do this, I added a parameter to `run()` to delineate whether
or not the command should block or not. The non blocking run allows for tests
to get and use the `machineSession` pointer and check the exit code to see if it has finished.
also fix a bug (created by #13996) that before started, the machines would
always say "LastUp" and "Created" Less than one second ago
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| | |
| |
| |
| | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | | |
Allow changing of CPUs, Memory, and Disk Size
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Allow podman machine set to change CPUs, Memory and Disk size of a QEMU machine after its been created.
Disk size can only be increased.
If one setting fails to be changed, the other settings will still be applied.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The linter ensures a common code style.
- use switch/case instead of else if
- use if instead of switch/case for single case statement
- add space between comment and text
- detect the use of defer with os.Exit()
- use short form var += "..." instead of var = var + "..."
- detect problems with append()
```
newSlice := append(orgSlice, val)
```
This could lead to nasty bugs because the orgSlice will be changed in
place if it has enough capacity too hold the new elements. Thus we
newSlice might not be a copy.
Of course most of the changes are just cosmetic and do not cause any
logic errors but I think it is a good idea to enforce a common style.
This should help maintainability.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\
| |
| | |
machine starting status
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman machine was using the file modification time to get the running status
add three new config entries Starting (bool) Created (time) LastUp (time) to actually
keep track of when these events happened. This means we can use the config file
to actually store this data and not mess up the created/last-up time.
This fixes the issues where the machine would report running 15 seconds before it was up.
Also fixes the issue of modifying the file manually and saying the machine is "up"
[NO NEW TESTS NEEDED]
resolves #13711
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This PR introduces a test suite for podman machine. It can currently be
run on developers' local machines and is not part of the official CI
testing; however, the expectation is that any work on machine should
come with an accompanying test.
At present, the test must be run on Linux. It is untested on Darwin.
There is no Makefile target for the test. It can be run like `ginkgo -v
pkg/machine/test/.`. It should be run as a unprivileged user.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
| |
This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee.
We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
golint, scopelint and interfacer are deprecated. golint is replaced by
revive. This linter is better because it will also check for our error
style: `error strings should not be capitalized or end with punctuation or a newline`
scopelint is replaced by exportloopref (already endabled)
interfacer has no replacement but I do not think this linter is
important.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Allow users to inspect their podman virtual machines. This will be
helpful for debug and development alike, because more details about the
machine can be collected.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Certain paths like `../containers/podman/machine/my-test/podman.sock`
do not exist when machine is not started, so removing a machine before
starting it will result in ENOENT which we should ignore cause these
paths do not exists
Closes: https://github.com/containers/podman/issues/13834
[NO TESTS NEEDED]
[NO NEW TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\
| |
| | |
Fix mac docker socket handling
|
| | |
| |
| |
| | |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
to avoid errors on macos, we use symlinks to long socket names.
Fixes: #12751
Fixes: #13609
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR further implements a more structured approach to handling the
files needed by machine. More files are now made as MachineFile which
can then have a symlink (using a shorter path) to them. Also added Set
and Get methods for many of the files.
The next part of the refactor will implement the use of symlinks on
MacOS.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
If podman detects a Machinev1 config, it will automatically migrate it
to the new format.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the way machine was written was very adjunct and as such is in dire need
of refactoring to better structures and structure methods where
appropriate. the weekest part is specifically around all the files that
machine requires and how some are just dynamically built on the fly.
this pr defines a new machinefile type which allows us to work with the
file and also takes into account the use of symlinks which are going to
be needed on macos due to its relatively short file length restriction.
also, added unit tests for new methods as well as anywhere else I saw a
need.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
