aboutsummaryrefslogtreecommitdiff
path: root/pkg/machine
Commit message (Collapse)AuthorAge
* podman machine ssh handlingCharlie Doern2022-09-26
| | | | | | | | | | add the key used in newly initialized machines to the user's known_hosts file. This ensures that golang will be able to ssh into the machine using podman-remote. Also, remove the /dev/null redirection for podman machine ssh's known_hosts file. resolves #15347 Signed-off-by: Charlie Doern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* Replace deprecated ioutilChris Evich2022-09-20
| | | | | | | | | | Package `io/ioutil` was deprecated in golang 1.16, preventing podman from building under Fedora 37. Fortunately, functionality identical replacements are provided by the packages `io` and `os`. Replace all usage of all `io/ioutil` symbols with appropriate substitutions according to the golang docs. Signed-off-by: Chris Evich <cevich@redhat.com>
* podman machine inspect: use report.Formatter over TemplatePaul Holzinger2022-09-13
| | | | | | | | | | | | | | | | | | | Currently the podman command --format output code uses a mix of report.Formatter and report.Template. I patched report.Formatter to correctly handle newlines[1]. Since we cannot fix this with report.Template we have to migrate all users to report.Formatter. This ensures consistent behavior for all commands. This change does not change the output, we can add a new test for the newline bug when the common PR is vendored in. Also fix a bug where a invlaid template would not cause a exit code > 0, see the added test case. [1] https://github.com/containers/common/pull/1146 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Fix stuttersDaniel J Walsh2022-09-10
| | | | | | | | | | | | | | Podman adds an Error: to every error message. So starting an error message with "error" ends up being reported to the user as Error: error ... This patch removes the stutter. Also ioutil.ReadFile errors report the Path, so wrapping the err message with the path causes a stutter. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #15610 from n1hility/release-workflowOpenShift Merge Robot2022-09-08
|\ | | | | Introduce a new signed Windows installer with automated build process
| * Add new windows installer and buildJason T. Greene2022-09-06
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Change pipe wait to 20 secondsJason T. Greene2022-09-06
|/ | | | | | [NO NEW TESTS NEEDED] Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Drop stale config value resulting in asymmetric configJason T. Greene2022-09-06
| | | | | | Fixes log follow operations since corresponding k8s-file backend was previously dropped Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Merge pull request #15404 from arixmkii/win_compat2OpenShift Merge Robot2022-09-02
|\ | | | | Improved Windows compatibility for machine command
| * Improved Windows compatibility for machine commandArthur Sengileyev2022-08-29
| | | | | | | | Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
* | Allow to override default username via command lineArthur Sengileyev2022-08-30
|/ | | | Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
* Run codespellDaniel J Walsh2022-08-25
| | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #15433 from arixmkii/win_compat3_rootlessOpenShift Merge Robot2022-08-24
|\ | | | | Fixes isRootful check using qemu machine on Windows
| * Fixes isRootfull check using qemu machine on WindowsArthur Sengileyev2022-08-24
| | | | | | | | Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
* | Improved Windows compatibilityArthur Sengileyev2022-08-23
|/ | | | Signed-off-by: Arthur Sengileyev <arthur.sengileyev@gmail.com>
* Cirrus: add podman_machine_aarch64Lokesh Mandvekar2022-08-17
| | | | | | | | | Run machine tests on every PR as label-driven machine test triggering is currently hard to predict and debug. Co-authored-by: Ed Santiago <santiago@redhat.com> Co-authored-by: Miloslav Trmač <mitr@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
* pkg: Build pkg/machine on FreeBSDDoug Rabson2022-08-13
| | | | | | | | Add missing symbols for freebsd and freebsd/amd64. [NO NEW TESTS NEEDED] Signed-off-by: Doug Rabson <dfr@rabson.org>
* Merge pull request #15244 from baude/machinememorytestsOpenShift Merge Robot2022-08-10
|\ | | | | check memory test based on range
| * check memory test based on rangeBrent Baude2022-08-09
| | | | | | | | | | | | | | | | | | when verifying that the memory was set correctly for a podman machine instance, we check if the number is between a range because based on architecture, operating system, and memory itself this number can differ significantly. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Add interface for apple hypervisorBrent Baude2022-08-08
|/ | | | | | | | | | | | | | | | | | | The new apple silicon processesors (m1/m2) are capable of using a performent apple hypervisor (included in macos). Our "virtual providers" for podman machine are part of an interface design. This PR provides an implementation of the interface to begin the work for supporting the apple hypervisor. It is basically only a skeletal PR. The actual code for using the hypervisor and launching a machine will come as several new PRs following the inclusion of this one. There will likely be code reuse between the applehv and qemu code; but none of that code is being moved at this time. It will be moved "on demand" during development. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* Fixes #15154 Change order when config and connections are writtenGerard Braad2022-08-05
| | | | | | | | | | When the break out or the WSL environment fails to start, the config and connections should not be written. Placing them at the end of the provisioning step will mitigate the issue. [NO NEW TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
* Add support, and default to rootless w/WSL promptJason T. Greene2022-08-02
| | | | | | Also force installation to use WSL2 to prevent accidental usage of WSL1 Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Disable F36 service that is incompat with WSL kernJason T. Greene2022-08-02
| | | | | | (requires psi) Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* machine: Fix check which is always trueChristophe Fergeau2022-07-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | Before making / mutable/immutable, podman-machine checks if the mount is being done in /home or /mnt. However the current check is always going to be true: ``` !strings.HasPrefix(mount.Target, "/home") || !strings.HasPrefix(mount.Target, "/mnt") ``` is false when mount.Target starts with "/home" and mount.Target starts with "/mnt", which cannot happen at the same time. The correct check is: ``` !strings.HasPrefix(mount.Target, "/home") && !strings.HasPrefix(mount.Target, "/mnt") ``` which can also be written as: ``` !(strings.HasPrefix(mount.Target, "/home") || strings.HasPrefix(mount.Target, "/mnt")) ``` The impact is not too bad, it results in extra 'chattr -i' calls which should be unneeded. [NO NEW TESTS NEEDED] Signed-off-by: Christophe Fergeau <cfergeau@redhat.com>
* fix broken machine testPaul Holzinger2022-07-21
| | | | | | | | | | The memory both local and in the CI test is converted to 3822. I don't know why this changed but I want to have this working again. For the future we should look at a more robust solution. Fixes #15012 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* pkg/machine/e2e: do not import from cmd/podmanPaul Holzinger2022-07-21
| | | | | | | | | | | | | | | The same problem again as 4374038cc67405e3f5555b1870d5bb7f6570fa5d. Also fix the incorrect --format autocompletion struct. It should be avoided to import cmd/podman/... packages from outside of cmd/podman. This can lead in weird hard to debug import paths but also can have negative consequences when imported in unit tests. In this case it will set XDG_CONFIG_HOME and thus the machine tests this dir over the tmp HOME env variable which is set at a later point. This caused machine files to be leaked into the actual users home dir. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* fix some pkg/machine/e2e test to read stderrPaul Holzinger2022-07-21
| | | | | | Also fix the machine ssh code order to provide a better error message. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* enable linter for pkg/machine/e2ePaul Holzinger2022-07-21
| | | | | | | | | | | | Rename all files to _test.go and rename the package to e2e_test. This makes the linter less strict about things like dot imports. Add some unused nolint directives to silence some warnings, these can be used to find untested options so someone could add tests for them. Fixes #14996 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14980 from n1hility/fix-leakOpenShift Merge Robot2022-07-21
|\ | | | | Fix potential body leak on mid-stream read error when fetching artifact version
| * Fix potential leak on mid-stream read errorJason T. Greene2022-07-19
| | | | | | | | Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* | Fix machine testAshley Cui2022-07-20
|/ | | | | | DownloadVMImage takes an extra argument. Signed-off-by: Ashley Cui <acui@redhat.com>
* Print rootfs download as a specific version on WinJason T. Greene2022-07-18
| | | | | | | | | - Also save the file using this convention. - Change the general pull mechanism to print the local file as opposed to the remote to enable this - no change in observed behavior on mac Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Merge pull request #14900 from ashley-cui/machcacheopenshift-ci[bot]2022-07-16
|\ | | | | Clean up cached machine images
| * Clean up cached machine imagesAshley Cui2022-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When initing machines, we download a machine image, and uncompress and copy the image for the actual vm image. When a user constantly pulls new machines, there may be a buildup of old, unused machine images. This commit cleans ups the unused cached images. Changes: - If the machine is pulled from a URL or from the FCOS releases, we pull them into XDG_DATA_HOME/containers/podman/machine/vmType/cache - Cache cleanups only happen if there is a cache miss, and we need to pull a new image - For Fedora and FCOS, we actually use the cache, so we go through the cache dir and remove any images older than 2 weeks (FCOS's release cycle), on a cache miss. - For generic files pulled from a URL, we don't actually cache, so we delete the pulled file immediately after creating a machine image - For generic files from a local path, the original file will never be cleaned up Note that because we cache in a different dir, this will not clean up old images pulled before this commit. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | Machine init: create .ssh dir if not existAshley Cui2022-07-15
|/ | | | | | | When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there is not .ssh dir, we should create it, so the init does not fail. Signed-off-by: Ashley Cui <acui@redhat.com>
* Merge pull request #14919 from gbraad/fedorawslopenshift-ci[bot]2022-07-14
|\ | | | | Use prepared image for WSL machine init
| * Fixes #14698 Use prepared image for WSL2 machine initGerard Braad2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a prepared image for setting up the WSL2 environment. This means that the deployment will take considerable less time to finish (as it does not need to run an update and package install), but also allows to rely on a cached image to re-init the environment without the need for an internet connection. [NO NEW TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
* | Fix last machine testBrent Baude2022-07-12
|/ | | | | | | | The list --format json test case had a typo like error. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* podman machine: do not commit proxies into config filePaul Holzinger2022-07-11
| | | | | | | | | | | | | | | | | | qemu fails when the same `fw_cfg` options is used more than once. Since the current logic always adds a new option on each machine load this will fail on the second start. We can fix this by checking if the option is already set and replace but I think it is easier to just not commit the option in the config and add it dynamically on start. User that hit this bug have to recreate the machine. [NO NEW TESTS NEEDED] Fixes #14636 Fixes #14837 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Fix machine testsBrent Baude2022-07-08
| | | | | | | Catch up with regressions that have occurred since the tests were originally written. Signed-off-by: Brent Baude <bbaude@redhat.com>
* Merge pull request #14839 from saschagrunert/errors-pkgopenshift-ci[bot]2022-07-08
|\ | | | | pkg: switch to golang native error wrapping
| * pkg: switch to golang native error wrappingSascha Grunert2022-07-08
| | | | | | | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | pkg/machine/qemu: start VM check if qemu is alivePaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | When trying to connect to the qemu ready socket we should check if the qemu process is still running, if it is not we can just error out. There is no point in retrying. To do so we have to directly call wait with WNOHANG. Also change StartProcess to os/exec package which is higher level and allows us to use a buffer as qemu stderr fd. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | machine: qemu fix chardev id starting with letterPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu need the id to start with a letter for some reason. If this is not the case qemu will fail: ``` qemu-system-x86_64: -device virtserialport,chardev=ad053e0bb519f_ready,name=org.fedoraproject.port.0: Property 'virtserialport.chardev' can't find value 'ad053e0bb519f_ready' er Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. ``` To fix this we just add an "a" in front of it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | pkg/machine/e2e: do not import from cmd/podmanPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | It should be avoided to import cmd/podman/... packages from outside of cmd/podman. This can lead in weird hard to debug import paths but also can have negative consequences when imported in unit tests. In this case it will set XDG_CONFIG_HOME and thus the machine tests this dir over the tmp HOME env variable which is set at a later point. This caused machine files to be leaked into the actual users home dir. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | machine test: fix endless loop in testPaul Holzinger2022-07-07
|/ | | | | | | | | | The problem is that this could loop forever as long as podman start doe snot exit (which could happen due bugs). Also since there no timeout between the machine list calls the test is using the full cpu and this causes the system to slow down making the machine start command even slower. IMO it is enough to only check the status every three seconds. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #14803 from bugfood/volumesopenshift-ci[bot]2022-07-07
|\ | | | | make 9p security model configurable; document
| * podman machine: make 9p security model configurable; adjust docsCorey Hickey2022-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This addresses: Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784 This change does NOT exactly fix the bug, but it does allow the user to work around it via 'podman init' option, e.g.: podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none" If the default security model were to be changed to 'none', then that would fix the bug, at the possible cost of breaking any use cases that depend on 'mapped-xattr'. The documentation of the purpose and behavior of the different security models seems to be rather light: https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly From testing, it appears that the mapped-xattr security model intends to manage symlinks such that the guest can see the symlinks but the host only sees regular files (with extended attributes). As far as I can tell, this behavior only makes sense when the guest is the only thing that ever needs to create and read symlinks. Otherwise, symlinks created on the host are unusable on the guest, and vice versa. As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5 [NO NEW TESTS NEEDED] Also document existing ro and rw options. Also remove misleading statement about /mnt. By my observation, this line is incorrect. If the intended meaning is different, then I don't understand. The default volume is mounted read/write and is not within /mnt. [core@localhost ~]$ mount | grep 9p vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio) Signed-off-by: Corey Hickey <chickey@tagged.com>
* | Merge pull request #14762 from ashley-cui/machinfoopenshift-ci[bot]2022-07-07
|\ \ | | | | | | Podman machine info
| * | Podman machine infoAshley Cui2022-07-05
| |/ | | | | | | | | | | | | Add podman machine info command, which displays infor about the machine host as well as version info. Signed-off-by: Ashley Cui <acui@redhat.com>