| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Volumes prune endpoint should use only prune filters
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Volumes endpoints for HTTP compat and libpod APIs allowed
usage of list HTTP endpoint filter funcs. Documentation in
case of compat API does not allow that. This commit aligns
code with the documentation and also ligns libpod with compat API.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Update swagger definition of inspect manifest
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Changed reference in swagger to correct struture that was being
returned.
* Added summary to ManifestAddLibpod to clean up generated web site
* Added serve target to Makefile, to aid in debugging generated
web site
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| | |
Podman remote should be able to handle remote specification of
arches.
Requires: https://github.com/containers/buildah/pull/3116
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Add --requires flag to podman run/create
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman has, for a long time, had an internal concept of
dependency management, used mainly to ensure that pod infra
containers are started before any other container in the pod. We
also have the ability to recursively start these dependencies,
which we use to ensure that `podman start` on a container in a
pod will not fail because the infra container is stopped. We have
not, however, exposed these via the command line until now.
Add a `--requires` flag to `podman run` and `podman create` to
allow users to manually specify dependency containers. These
containers must be running before the container will start. Also,
make recursive starting with `podman start` default so we can
start these containers and their dependencies easily.
Fixes #9250
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| | |/
| |/| |
[CI:DOCS] Polish swagger OperationIDs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Renamed 4 IDs to be consistent with other endpoints.
Fixes #9951
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Ensure that `--userns=keep-id` sets user in config
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
One of the side-effects of the `--userns=keep-id` command is
switching the default user of the container to the UID of the
user running Podman (though this can still be overridden by the
`--user` flag). However, it did this by setting the UID and GID
in the OCI spec, and not by informing Libpod of its intention to
switch users via the `WithUser()` option. Because of this, a lot
of the code that should have triggered when the container ran
with a non-root user was not triggering. In the case of the issue
that this fixed, the code to remove capabilities from non-root
users was not triggering. Adjust the keep-id code to properly
inform Libpod of our intention to use a non-root user to fix
this.
Also, fix an annoying race around short-running exec sessions
where Podman would always print a warning that the exec session
had already stopped.
Fixes #9919
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Libpod operation id's changed to better match compatibile id
Builds on https://github.com/containers/podman/pull/9123 and corrects
a duplicated ID.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Tom Deseyn <tom.deseyn@gmail.com>
|
|\ \ \
| | | |
| | | | |
Initial network bindings tests
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We define in the man page that this overrides the default storage
options, but the code was appending to the existing options.
This PR also makes a change to allow users to specify --storage-opt="".
This will turn off all storage options.
https://github.com/containers/podman/issues/9852
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
rootless cni without infra container
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For rootless users the infra container used the slirp4netns net mode
even when bridge was requested. We can support bridge networking for
rootless users so we have allow this. The default is not changed.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is supported with the new rootless cni logic.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Instead of creating an extra container create a network and mount
namespace inside the podman user namespace. This ns is used to
for rootless cni operations.
This helps to align the rootless and rootful network code path.
If we run as rootless we just have to set up a extra net ns and
initialize slirp4netns in it. The ocicni lib will be called in
that net ns.
This design allows allows easier maintenance, no extra container
with pause processes, support for rootless cni with --uidmap
and possibly more.
The biggest problem is backwards compatibility. I don't think
live migration can be possible. If the user reboots or restart
all cni containers everything should work as expected again.
The user is left with the rootless-cni-infa container and image
but this can safely be removed.
To make the existing cni configs work we need execute the cni plugins
in a extra mount namespace. This ensures that we can safely mount over
/run and /var which have to be writeable for the cni plugins without
removing access to these files by the main podman process. One caveat
is that we need to keep the netns files at `XDG_RUNTIME_DIR/netns`
accessible.
`XDG_RUNTIME_DIR/rootless-cni/{run,var}` will be mounted to `/{run,var}`.
To ensure that we keep the netns directory we bind mount this relative
to the new root location, e.g. XDG_RUNTIME_DIR/rootless-cni/run/user/1000/netns
before we mount the run directory. The run directory is mounted recursive,
this makes the netns directory at the same path accessible as before.
This also allows iptables-legacy to work because /run/xtables.lock is
now writeable.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \ \
| | | | |
| | | | | |
Fix rootless socket activation
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
So rootless setup could use this condition in parent and child, child
podman should adjust LISTEN_PID to its self PID.
Add system test for systemd socket activation
Signed-off-by: pendulm <lonependulm@gmail.com>
|
| |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fix handling of SecurityOpts
LabelOpts
SeccompProfilePath
ApparmorProfile
Fix Ulimits
Fixes: https://github.com/containers/podman/issues/9869
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Recreate until container prune tests for bindings
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
[NO TESTS NEEDED] Add ssh connection to root user
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When initing a VM, create two add connections - one to user, one to
root.
podman machine remove removes both connections as well.
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Fix #9698 Updated reference to network
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Updated reference to network
[NO TESTS NEEDED]
Signed-off-by: Kellen Dunham <kellen@oneaib.com>
|
| |/ /
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The --execute flag ended up serving no purpose. It was removed and
documentation was updated.
Fixed a panic when no VM name was provided.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
Fix handling of remote --log-rusage param
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes: https://github.com/containers/podman/issues/9889
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Fix bindings prune containers flaky test
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In #9863 prune containers filter params were narrowed to support only those
required by http API. name filter in bindings was replaced by until filter,
which is not a good match, as until filters are causing tests to be flaky.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \ \
| |/ / /
|/| | | |
podman machine init --ignition-path
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
allow for the user to provide an alternate ignition-file rather than the
auto-generated one.
updated docs to describe ramifications of providing an alterate ignition
file.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Add podman machine ls
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
podman machine list lists all virtual machines & indicates the default VM
connection, if it exists. it also can take a --format flag arg as a go
template.
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Trim white space from /top endpoint results
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Versions of the ps command have additional spaces between fields, this
manifests as the container asking to run "top" and API reporting "top "
as a process.
Endpoint and tests updated to check that "top" is reported.
There is no libpod specialized endpoint to update.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
Containers prune endpoint should use only prune filters
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Containers endpoints for HTTP compad and libpod APIs allowed usage of list HTTP
endpoint filter funcs. Documentation in case of libpod and compat API does not allow that.
This commit aligns code with the documentation.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
[NO TESTS NEEDED] Remove semantic version suffices from API calls
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When using the bindings do not include the pre-release or build
metadata in the URL for the service. This breaks older services, while
not providing that much additional functionality.
[NO TESTS NEEDED]
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
resolve proper aarch64 image names
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
when automatically downloading fcos for the Apple M1, we needed
to replace a statically defined URL with the dynamically
determined one.
also, it appears boolean qemu options `server` and `onwait` are
not defined as `server=on` and `wait=off`.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
podman machine init user input
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
users may now provide a fully qualified local file path or a URL to seed
the disk-image to be used in the VM.
[NO TESTS NEEDED]
Signed-off-by: baude <bbaude@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- Build machine also for podman-linux-arm64
- Add default machine type for linux arm64
- Add the required qemu-uefi bios parameter
- Remove hardcoded outdated path and show url
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|