| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Clean up when stopping pods
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have a test to verify that init containers in pods are
deleted when the `--init-ctr=once` option is specified. The test
creates two containers, one of them an init container, starts the
pod, stops the pod, and restarts the pod, checking for the
presence of a file created by the init container during the
second start. We're seeing a race where the file still exists,
which I'm fairly certain comes down to the SHM mount not being
cleaned up after the pod is stopped.
Fortunately, we already have code to do this - just flip the bool
that controls cleanup from false to true.
[NO NEW TESTS NEEDED] Fixes a difficult to reproduce race
condition.
Fixes #16046
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Mikhail Khachayants <tyler92@inbox.ru>
|
|\ \
| | |
| | | |
Add pods created by play kube to a default network
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In order to allow pods to reach other pods (as in Kubernetes) they all
need to be added to the same network. A network is created (if it
doesn't exist) and pods created by play-kube are added to that network.
When network options are passed to kube command the pods are not
attached to the default kube network.
Signed-off-by: Andrei Natanael Cosma <andrei@intersect.ro>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Trying to print the image id on a failed inspect will result in a nil
pointer panic because the image will be nil. Replace image.id with the
image name which is defined as a string without the use of inspect.
Fixes: bz#2131836
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
`podman pod logs -l` no longer panics
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixed issue where executing the command `podman pod logs -l` would panic
because it was indexing into an empty arguments array.
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
|\ \ \
| | | |
| | | | |
fix restore API endpoint
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
restore endpoint was totally ignoring --pod, it was missing from the schema and from query handling
on the api handlers side. add support for it here.
resolves #15018
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
I see no reason to block --network host with kube play and force users
to have to set it in the yaml file.
This is just confusing when compared to the other podman create/run
--network options, see discussion in #15945.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit 32f54a81ed797597827123b671b6e73194354327.
`pkg/bindings` is supported outside of podman and we have to keep it
stable.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* `manifest add --annotation option` adds annotations
field on remote environment.
* `manifest inspect` prints annotations field
on remote environment.
Fixes: #15952
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use the default / for http probe path.
Update to URI schemes ensuring lowercase
Signed-off-by: Piotr <piotr.skoczylas@gmail.com>
|
|\ \ \
| | | |
| | | | |
Default missing hostPort to containerPort is defined in kube.yaml
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If user does not specify hostPort in a kube.yml file but does specify
a containerPort, then the hostPort should default to the containerPort.
Fixes: https://github.com/containers/podman/issues/15942
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Ensure kubernetes default parameters are respected.
Additional curl parameter enforces returning error for HTTP error codes.
Use build-in HealthCheckOnFailureAction instead of killing the container
while executing the probe.
Signed-off-by: Piotr <piotr.skoczylas@gmail.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add the key used in newly initialized machines to the user's known_hosts file. This ensures that golang will be able to ssh into the machine using
podman-remote. Also, remove the /dev/null redirection for podman machine ssh's known_hosts file.
resolves #15347
Signed-off-by: Charlie Doern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
|
|\ \ \
| | | |
| | | | |
auto-update: validate container image
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Auto updates using the "registry" policy require container to be created
with a fully-qualified image reference. Short names are not supported
due the ambiguity of their source registry. Initially, container
creation errored out for non FQN images but it seems that Podman has
regressed.
Fixes: #15879
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
compat API: network inspect do not show isolate option
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We force the isolate option on new newtworks because that is the docker
behavior. However when we inspect them they should not be displayed to
the caller since they have no idea about it and docker-compose throws an
error because of that.
Fixes #15580
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Remove redundant log message
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO NEW TESTS NEEDED]
Fixes: https://github.com/containers/podman/issues/15925
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \ \ \
| |/ / /
|/| | | |
kube: notifyproxy: fix lost READY message
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The read deadline may yield the READY message to be lost in space.
Instead, use a more Go-idiomatic alternative by using two goroutines;
one reading from the connection, the other watching the container.
[NO NEW TESTS NEEDED] since existing tests are exercising this
functionality already.
Fixes: #15800
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Use a wait group to a) wait for all proxies in parallel
b) avoid the potential for ABBA deadlocks
[NO NEW TESTS NEEDED] as it is not changing functionality
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Update vendor of containers(image, common, buildah, storage)
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Changes since 2022-09-09:
- man page: add --skip-unused-stages (buildah 4249)
- man page: bring in new Note for --cache-ttl (4248)
- system tests: de-stutter (4205)
- (internal): in skip() applier: escape asterisk, otherwise
the "bud with --dns* flags" sed expression never applies.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This allows tools like Cockpit to know that the pod in question
has also been updated, so they can refresh the list of containers
in the pod.
Fixes #15408
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | | |
| | | | |
Don't mount /dev/ inside privileged containers running systemd
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
According to https://systemd.io/CONTAINER_INTERFACE/, systemd will try take
control over /dev/ttyN if exported, which can cause conflicts with the host's tty
in privileged containers. Thus we will not expose these to privileged containers
in systemd mode, as this is a bad idea according to systemd's maintainers.
Additionally, this commit adds a bats regression test to check that no /dev/ttyN
are present in a privileged container in systemd mode
This fixes https://github.com/containers/podman/issues/15878
Signed-off-by: Dan Čermák <dcermak@suse.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Add support to sig-proxy for podman-remote
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\ \ \ \
| | | | |
| | | | | |
podman-save: Add signature-policy flag
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Allow overwrite of the signature-policy file
by passing signature-policy flag to podman save command
Closes: https://github.com/containers/podman/issues/15869
Signed-off-by: 😎Mostafa Emami <mustafaemami@gmail.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Ref: https://github.com/containers/podman/pull/15871
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Replace deprecated ioutil
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Package `io/ioutil` was deprecated in golang 1.16, preventing podman from
building under Fedora 37. Fortunately, functionality identical
replacements are provided by the packages `io` and `os`. Replace all
usage of all `io/ioutil` symbols with appropriate substitutions
according to the golang docs.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Improve generate systemd format
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes: https://github.com/containers/podman/issues/14897
Followup to #13814
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add labels to secrets
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add --label/-l label flag to secret create, and show labels when
inspecting secrets. Also allow labeling secrets via libpod/compat API.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
Fix podman-remote run --attach stdin to show container ID
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Add support for podman context as alias to podman system connection
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Alias
podman --context -> podman --connection
podman context use -> podman system connection default
podman context rm -> podman system connection rm
podman context create -> podman system connection add
podman context ls ->podman system connection ls
podman context inspect ->podman system connection ls --json (For
specified connections)
Podman context is a hidden command, but can be used for existing scripts
that assume Docker under the covers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |_|_|/
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman container clone was failing when env variables had multiple `=` in them.
Switch split to splitn
resolves #15836
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
remote: checkpoint --export prints a rawInput or an error on remote
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit fixes `container checkpoint --export`
to print a rawInput or an error.
Fixes: #15743
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|