| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Use request context instead of background
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This prevents goroutine leak:
If background context were used then push operation would continue even
if client aborted request by closing connection.
[NO TESTS NEEDED]
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\ \
| | |
| | | |
Enable port forwarding on host
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Using the gvproxy application on the host, we can now port forward from
the machine vm on the host. It requires that 'gvproxy' be installed in
an executable location. gvproxy can be found in the
containers/gvisor-tap-vsock github repo.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \
| | |
| | | |
Better error handing for images/create compat api
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If server cannot resolve short name due to enforcing policy send
non-2xx status code.
[NO TESTS NEEDED]
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\ \ \
| | | |
| | | | |
Use request context instead of background context
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes a goroutine leak. Previously if request was cancelled the
image pulling goroutine kept running regardless.
[NO TESTS NEEDED]
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| |/
|/|
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit 748826fc88fc fixed a bug where slow mounting of the runroot was
causing issues when the units are started at boot. The fix was to add
the container's runroot to the required mounts; the graph root has been
added as well.
Hard-coding the run- and graphroot to the required mounts, however,
breaks the portability of units generated with --now. Those units are
intended to be running on any machine as, theoreticaly, any user.
Make the mounts portable by using the `%t` macro for the run root.
Since the graphroot's location varies across root and ordinary users,
drop it from the list of required mounts. The graphroot was not causing
issues.
Fixes: #10493
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|
|
|
|
|
| |
[NO TESTS NEEDED]
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
|\
| |
| | |
Handle image user and exposed ports in podman play kube
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently if a user runs an image with a user specified or
exposed ports with podman play kube, the fields are ignored.
Fixed: https://github.com/containers/podman/issues/9609
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add options to the podman machine ssh command that ignore
hostkeychecking and hosts file
-o 'UserKnownHostsFile /dev/null' -o 'StrictHostKeyChecking no
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When the containers.conf field "NetNS" is set to "Bridge" and the
"RootlessNetworking" field is set to "cni", Podman will now
handle rootless in the same way it does root - all containers
will be joined to a default CNI network, instead of exclusively
using slirp4netns.
If no CNI default network config is present for the user, one
will be auto-generated (this also works for root, but it won't be
nearly as common there since the package should already ship a
config).
I eventually hope to remove the "NetNS=Bridge" bit from
containers.conf, but let's get something in for Brent to work
with.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/10444
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Podman info add support for status of standard available cgroup controllers
|
| |
| |
| |
| | |
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
|/
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/9893
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
Match swagger to "as built" output
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Remove all Types no longer referenced, they were never used
A future API breaking version of Podman API, may restore these Types
and push formatting into presentation layer vs. server.
Fixes #9578
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| |/
|/| |
Drop container does not exist on removal to debugf
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We have race conditions where a container can be removed
by two different processes when running podman --remove rm.
It can be cleaned up in the API or by the conmon executing
podman container cleanup.
When we fail to remove a container that does not exists we should
not be printing errors or warnings, we should just debug the fact.
[NO TESTS NEEDED] Since this is a race condition it is difficult to
test.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Clear the storage-options from the graphdriver if users specifies --root
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/10393
Currently if a user specifies a --root flag to override the location of
the container storage, we still enforce the storage-opts from
storage.conf. This causes issues with people trying to intereact with
the additional stores feature, and then forces them to use the obscure
--storage-opt="" option. I belive this should be the default and we
already do this when the user specifies the --storage-driver option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[NO TESTS NEEDED]
* Log the routing table output at Trace vs. Debug level. Reduce noise
in debugging output.
* Tweak SDNotify message to report Warn when it fails. Previously
failures were silent.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
update c/common
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update containers common to the latest HEAD. Some bug fixes in libimage
forced us to have a clearer separation between ordinary images and
manifest lists. Hence, when looking up manifest lists without recursing
into any of their instances, we need to use `LookupManifestList()`.
Also account for some other changes in c/common (e.g., the changed order
in the security labels).
Further vendor the latest HEAD from Buildah which is required to get the
bud tests to pass.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/
|
|
|
|
| |
This is mainly to match command line of Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\
| |
| | |
fix: response of containers wait endpoint
|
| |
| |
| |
| |
| |
| |
| | |
The `Error` part of response must be nil (or omitted) if no error occurred.
Before this commit a zero value for the struct was returned.
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
|\ \
| |/
|/| |
Fix formatting and indentation in network http api docs
|
| |
| |
| |
| | |
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
|\ \
| | |
| | | |
Support automatic labeling of kube volumes
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Allow users to specify options on the volume mount path.
This will trigger relabels of user specifies :z,:Z
Also will handle User Relabels if the user specifies :U
Fixes: https://github.com/containers/podman/issues/9371
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Support uid,gid,mode options for secrets
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
Support UID, GID, Mode options for mount type secrets. Also, change
default secret permissions to 444 so all users can read secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \
| | | |
| | | | |
image prune: remove unused images only with `--all`
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fix a regression in `podman image prune` where unused images were
accidentally removed even when `--all=false`. Extend and partially
rewrite the e2e tests to make sure we're not regressing again in the
future.
Fixing the aforementioned issue revealed another issue in the default
prune filter. While prune should remove all "dangling" images (i.e.,
those without tag), it removed only "intermediate" ones; dangling images
without children. Remove the mistaken comment from the libimage
migration.
Also clarify the help message and man page.
Fixes: #10350
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow podman network reload to be run as rootless user. While it is
unlikely that the iptable rules are flushed inside the rootless cni
namespace, it could still happen. Also fix podman network reload --all
to ignore errors when a container does not have the bridge network mode,
e.g. slirp4netns.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \
| |/
|/| |
[NO TESTS NEEDED] Print "extracting" only on compressed file
|
| |
| |
| |
| |
| |
| |
| | |
We should only print "extracting compressed file" when the file is
actually compressed
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \
| | |
| | | |
fix: improved "containers/{name}/wait" endpoint
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Using event API to detect changes to container instead of polling.
Polling was unreliable, sometime change of a state might have been
missed.
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[NO TESTS NEEDED]
In process of debugging added request channel check and logging message
to build loop. Unable to recreate build drop issue after this. 68k build
iterations without fail.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \
| | |
| | | |
Add envars to the generated systemd unit
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The with --new generated systemd unit loses the environment variables
when the create command only contains the key without the value. Since
podman tries to lookup those values from the environment the unit can
fail.
This commits ensures that we will add the environment variables to the
unit file when this is the case. The container environment variables are
looked up in the container spec.
Fixes #10101
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\ \ \
| | | |
| | | | |
Fix podman-remote build --rm=false ...
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Fixes: https://github.com/containers/podman/issues/9869
[NO TESTS NEEDED] Since the podman-remote buildah tests will test this,
and this is clearly correct.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
Kube like pods should share ipc,net,uts by default
|