| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Add init containers to generate and play kube
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Kubernetes has a concept of init containers that run and exit before
the regular containers in a pod are started. We added init containers
to podman pods as well. This patch adds support for generating init
containers in the kube yaml when a pod we are converting had init
containers. When playing a kube yaml, it detects an init container
and creates such a container in podman accordingly.
Note, only init containers created with the init type set to "always"
will be generated as the "once" option deletes the init container after
it has run and exited. Play kube will always creates init containers
with the "always" init container type.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] podman machine: enforce a single search registry
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
By popular request, turn decimals to octal. Most eyes are trained to
parse file permissions in octal.
[NO TESTS NEEDED] since machine isn't tested yet.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Enforce "docker.io" to be the only search registry. Short-name
resolution for remote clients is not fully supported since there is no
means to prompt. Enforcing a single registry works around the problem
since prompting only fires with more than one search registry.
Fixes: #11489
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| | |
| | | |
stats: detect container restart and allow paused containers
|
| |/
| |
| |
| |
| |
| |
| | |
override the outer scope variable instead of creating a local one.
Otherwise the wrong variable would be used for the next iterations.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
| |
Include the response schema for a succesful request in the
/containers/stats API documentation
Additionally remove http 409 from /libpod/containers/stats docs, the
documentation was copied from the deprecated stats endpoint, when a
container is unavailabe the endpoint returns an empty list and no 409.
Signed-off-by: Jelle van der Waa <jvanderwaa@redhat.com>
|
|\
| |
| | |
fix play kube can't use infra_image in config file
|
| |
| |
| |
| | |
Signed-off-by: Chen Zhiwei <zhiweik@gmail.com>
|
|\ \
| | |
| | | |
Normalize auth key before calling `SetAuthentication`
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Recent changes in c/image caused the `SetAuthentication` API to be more
restrictive in terms of validating the `key` (`server`) input. To ensure
that manually modified or entries in `~/.docker/config.json` still work,
we now strip the leading `http[s]://` prefix.
Fixes https://github.com/containers/podman/issues/11235
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
|
|\ \ \
| | | |
| | | | |
container inspect: improve error handling
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Improve the error handling of `container inspect` to properly handle
when the container has been removed _between_ the lookup and the
inspect. That will yield the correct "no such object" error message in
`inspect`.
[NO TESTS NEEDED] since I do not know have a reliable and cheap
reproducer. It's fixing a CI flake, so there's already an indicator.
Fixes: #11392
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
fix play kube --network options
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Commit 092902b45555 introduced advanced network options for podman play
kube. However this never worked because it unconditionally set the
network mode to bridge after it parsed the network option.
Added a test to ensure the correct mode is set.
Truly fixes #10807
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
QEMU Apple Silicon: Find BIOS FD wherever
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
QEmu normally install BIOS images under `/usr/local` prefix, but
Homebrew installs them under `/opt/homebrew`. This change searches both
locations and then puts back to an unpathed name if it doesn't find the
BIOS. (I imitated other architectures' implemenations in that failback
behavior.)
[NO TESTS NEEDED]
Signed-off-by: Jonathan Springer <jonpspri@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When attempting to run remote builds, users with UID/GID values that
were high enough that they wouldn't be mapped into their default user
namespace configurations would see their builds fail when the server
attempted to extract the build contexts that they supplied, and failed
to set ownership of the build context content to the UID/GID that were
originally assigned to them.
When archiving the build context at the client, set ownership of
everything to 0:0, which we know is always mapped. Both ADD and COPY
require that we set the ownership of newly-added content to 0:0 (unless
the --chown flag is used), so throwing away the original ownership
information doesn't hurt, anyway. As usual, tarballs that we extract
as part of ADD aren't going to be affected.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add filtering functionality to http api secrets list
|
| | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Filtering is missing in both compat API and libpod API, while docker
has filtering functinality. This commit enables filtering option using
name and id in both libpod and http API.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
[NO TESTS NEEDED] Fix #11418 - Default TMPDIR to /tmp on OS X
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Michael Anckaert <michael.anckaert@sinax.be>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
kube: Add support for `podman pod logs`.
|
| | |/ / / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Following PR adds support for `kubectl` like `pod logs` to podman.
Usage `podman pod logs <podIDorName` gives a stream of logs for all
the containers within the pod with **containername** as a field.
Just like **`kubectl`** also supports `podman pod logs -c ctrIDorName podIDorName`
to limit the log stream to any of the specificied container which belongs to pod.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Spell "build linux darwin" as "build !windows".
|
| |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Equivalent for supported platforms, and makes it easier to support
additional unix-like OSes.
[NO TESTS NEEDED]
Signed-off-by: Maya Rashish <maya@NetBSD.org>
|
|\ \ \ \ \ \
| |_|_|_|/ /
|/| | | | | |
[CI:DOCS] Document default timeout for libpod API Container Restart
|
| | |_|/ /
| |/| | |
| | | | |
| | | | | |
Signed-off-by: Jelle van der Waa <jvanderwaa@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
generate systemd: handle --restart
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Handle custom restart policies of containers when generating the unit
files; those should be set on the unit level and removed from ExecStart
flags.
Fixes: #11438
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Adding `-cpu host` for qemu for MacOS
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Adding the `-cpu host` option to the `addArchOptions` function for
darwin removes the warning message, "host doesn't support requested
feature: CPUID.80000001H:ECX.svm [bit 2]" by qemu-system-x86_64 when
using the `podman machine start` command on MacOS
Closes #11421
[NO TESTS NEEDED]
Signed-off-by: Scott Schreckengaust <scottschreckengaust@users.noreply.github.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Prevent hitting `panic: runtime error: index out of range [1] with length 1`
while performing `podman info` when unexpected values for user.slice is found.
[NO TESTS NEEDED]
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Cause qemu to fall back to using TCG acceleration when HVP acceleration
is not available on Darwin Aarch64. Qemu prints a warning which it is
desirable to leave to embarrass the upstream Qemu into approving the HVF
patches.
[NO TESTS NEEDED]
Signed-off-by: Jonathan Springer <jspringer@us.ibm.com>
Signed-off-by: Jonathan Springer <jonpspri@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Remove unused stubs intended to start a machine with libvirt
|
| |/
| |
| |
| |
| |
| | |
[NO TESTS NEEDED]
Signed-off-by: Maya Rashish <maya@NetBSD.org>
|
|/
|
|
|
|
|
|
|
| |
When net.Dial always fail in the above loop, the code following the loop
is executed. This error check prevents this.
[NO TESTS NEEDED]
Signed-off-by: Guillaume Rose <gurose@redhat.com>
|
|\
| |
| | |
manifest: `rm` should not remove referenced images.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Following PR makes sure that `podman manifest rm <list>` only removes
the named manifest list and not referenced images.
Bumping and squashing c/common to v0.43.3-0.20210902095222-a7acc160fb25
in same commit in order to make sure build commit test passes.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
|/
|
|
|
|
|
|
|
| |
Since boolean flags accept `True` and `False` the systemd flag should do
this as well.
Fixes #11387
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\
| |
| | |
rootlessport: allow socket paths with more than 108 chars
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Creating the rootlessport socket can fail with `bind: invalid argument`
when the socket path is longer than 108 chars. This is the case for
users with a long runtime directory.
Since the kernel does not allow to use socket paths with more then 108
chars use a workaround to open the socket path.
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| | |
| | | |
podman stop always cleanup
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a container is configured for auto removal podman stop should still
do cleanup, there is no guarantee the the cleanup process spawned by
conmon will be successful. Also a user expects after podman stop that
the network/mounts are cleaned up. Therefore podman stop should not return
early and instead do the cleanup and ignore errors if the container was
already removed.
[NO TESTS NEEDED] I don't know how to test this.
Fixes #11384
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
| |
`generate systemd --new` is looking at the "create command" of the
container/pod which is simply the os.Args at creation time.
It does not work on containers or pods created via the REST API since
the create command is not set. `--new` does work on such containers and
pods since there is no reliable way to reverse-map their configs to
command-line arguments of podman.
Fixes: #11370
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\
| |
| | |
auto-update: fix authfile label
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make sure that the container's authfile label is used when pulling down
a new image.
[NO TESTS NEEDED] since it would require some larger rewrite of the
auto-update system tests that I currently have no time for. I added a
reminder to have some breadcrumbs when there is more time.
Fixes: #11171
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|\ \
| |/
|/| |
clean up socket and pid files from podman machine
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
to avoid segvs, we should clean up as much of the socket and regular
files from podman machine as possible on stop. also, on start, we
should add logic to remove these files before starting in case the start
process is stopped prematurely (due to an error for example).
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|