| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
refactor api compatibility container creation to specgen
|
| | |
| |
| |
| |
| |
| | |
when using the compatibility layer to create containers, it used code paths to the pkg/spec which is the old implementation of containers. it is error prone and no longer being maintained. rather that fixing things in spec, migrating to specgen usage seems to make the most sense. furthermore, any fixes to the compat create will not need to be ported later.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
--tls-verify and --authfile should work for all remote commands
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
These options are now fully supported in the remote API and should no
longer be hidden and/or documented as non supported.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Ensure that hostname is added to hosts with net=host
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When a container uses --net=host the default hostname is set to
the host's hostname. However, we were not creating any entries
in `/etc/hosts` despite having a hostname, which is incorrect.
This hostname, for Docker compat, will always be the hostname of
the host system, not the container, and will be assigned to IP
127.0.1.1 (not the standard localhost address).
Also, when `--hostname` and `--net=host` are both passed, still
use the hostname from `--hostname`, not the host's hostname (we
still use the host's hostname by default in this case if the
`--hostname` flag is not passed).
Fixes #8054
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \ \ \
| |_|_|/
|/| | | |
Add a shutdown signal handler
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This allows us to run both the Libpod and Server handlers at the
same time without unregistering one.
Also, pass the signal that killed us into the handlers, in case
they want to use it to determine what to do (e.g. what exit code
to set).
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Expand the use of the Shutdown package such that we now use it
to handle signals any time we run Libpod. From there, add code to
container creation to use the Inhibit function to prevent a
shutdown from occuring during the critical parts of container
creation.
We also need to turn off signal handling when --sig-proxy is
invoked - we don't want to catch the signals ourselves then, but
instead to forward them into the container via the existing
sig-proxy handler.
Fixes #7941
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We need a unified package for handling signals that shut down
Libpod and Podman. We need to be able to do different things on
receiving such a signal (`system service` wants to shut down the
service gracefully, while most other commands just want to exit)
and we need to be able to inhibit this shutdown signal while we
are waiting for some critical operations (e.g. creating a
container) to finish. This takes the first step by defining the
package that will handle this.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
fix: neutral value for MemorySwappiness
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Matej Vasek <mvasek@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
Fix host to container port mapping for simple ranges
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This fixes the issue that a simple port range should map to a random
port range from the host to the container, if no host port range is
specified. For example this fails without applying the patch:
```
> podman run -it -p 6000-6066 alpine
Error: cannot listen on the TCP port: listen tcp4 :53: bind: address already in use
```
The issue is that only the first port is randomly chosen and all
following in the range start by 0 and increment. This is now fixed by
tracking the ranges and then incrementing the random port if necessary.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
| |\ \ \ \
| |_|_|/
|/| | | |
Make invalid image name error more specific
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously, using an invalid image name would produce an error like
this:
Error: error encountered while bringing up pod test-pod-0: invalid reference format
This message didn't specify that there was an problem with an image
name, and it didn't specify which image name had a problem if there were
multiple. Now the error reads:
Error: error encountered while bringing up pod test-pod-0: Failed to parse image "./myimage": invalid reference format
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
fix podman container exists and diff for storage containers
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
External containers are containers created outside of Podman.
For example Buildah and CRI-O Containers.
$ buildah from alpine
alpine-working-container
$ buildah run alpine-working-container touch /test
$ podman container exists --external alpine-working-container
$ podman container diff alpine-working-container
C /etc
A /test
Added --external flag to refer to external containers, rather then --storage.
Added --external for podman container exists and modified podman ps to use
--external rather then --storage. It was felt that --storage would confuse
the user into thinking about changing the storage driver or options.
--storage is still supported through the use of aliases.
Finally podman contianer diff, does not require the --external flag, since it
there is little change of users making the mistake, and would just be a pain
for the user to remember the flag.
podman container exists --external is required because it could fool scripts
that rely on the existance of a Podman container, and there is a potential
for a partial deletion of a container, which could mess up existing users.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Current these commands only check if a container exists in libpod. With
this fix, the commands will also check if they are in containers/storage.
This allows users to look at differences within a buildah or CRI-O container.
Currently buildah diff does not exists, so this helps out in that situation
as well as in CRI-O since the cri does not implement a diff command.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| | | |
| | | |
| | | |
| | | | |
andylibrian/podman-remote-cleanly-exit-on-detachkeyspressed
Update podman-remote run and start to handle detach keys
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
fixes #7979
Signed-off-by: Andy Librian <andylibrian@gmail.com>
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
addresses #7979
Signed-off-by: Andy Librian <andylibrian@gmail.com>
|
| |/ /
| |
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
| |\ \
| | |
| | | |
Restore --format table support
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* system df
* events
* fix error handling from go routine
* update tests to use gomega matchers for better error messages
* system info
* version
* volume inspect
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| | |
| | | |
alter compat no such image message
|
| | |/
| |
| |
| |
| |
| | |
we need to alter the return error message when a GET (inspect) is performed on an image using the compatibility layer. docker-py bindings look for a initial capped error message.
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \
| |/
|/| |
Container detach newlines
|
| | |
| |
| |
| | |
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
|
| |\ \
| | |
| | | |
Add support for resource limits to play kube
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| |\ \ \
| | | |
| | | | |
Search repository tags using --list-tags
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
For fix of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1684263
Add --list-tags to podman search to return a table the repository tags.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Resolve #7860 - add time.RFC3339 format
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: 3sky <3sky@protonmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
pkg/spec: fix a confusing error message
|
| | | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
When we try, but fail, to load the default seccomp profile, say that,
instead of suggesting that we tried to load a profile with no name.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
Fixes #7946
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \
| | | |
| | | | |
This PR allows users to remove external containers directly
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currenly if a user specifies the name or ID of an external storage
container, we report an error to them.
buildah from scratch
working-container-2
podman rm working-container-2
Error: no container with name or ID working-container-2 found: no such container
Since the user specified the correct name and the container is in storage we
force them to specify --storage to remove it. This is a bad experience for the
user.
This change will just remove the container from storage. If the container
is known by libpod, it will remove the container from libpod as well.
The podman rm --storage option has been deprecated, and removed from docs.
Also cleaned documented options that are not available to podman-remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Enable k8s configmaps as flags for play kube
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
| |\ \ \
| | | |
| | | | |
add compatibility endpoint for exporting multiple images
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
with the recent inclusion of dealing with multiple images in a tar archive, we can now add a compatibility endpoint that was missing images/get?names=one,two.
Fixes: #7950
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
APIv2 compatibility rootless network fix
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when using the compatibility mode as rootless, containers that were created were not setting their host names correctly due to the netmode not being set.
Fixes: #7934
Signed-off-by: baude <bbaude@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Move pod jobs to parallel execution
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Make Podman pod operations that do not involve starting
containers (which needs to be done in a specific order) use the
same parallel operation code we use to make `podman stop` on
large numbers of containers fast. We were previously stopping
containers in a pod serially, which could take up to the timeout
(default 15 seconds) for each container - stopping 100 containers
that do not respond to SIGTERM would take 25 minutes.
To do this, refactor the parallel operation code a bit to remove
its dependency on libpod (damn circular import restrictions...)
and use parallel functions that just re-use the standard
container API operations - maximizes code reuse (previously each
pod handler had a separate implementation of the container
function it performed).
This is a bit of a palate cleanser after fighting CI for two
days - nice to be able to return to a land of sanity.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|
|
|
|
|
|
|
|
| |
due to a lack of "locking" on cni operations, we could get ourselves in trouble when doing rapid creation or removal of networks. added a simple file lock to deal with the collision and because it is not considered a performent path, use of the file lock should be ok. if proven otherwise in the future, some generic shared memory lock should be implemented for libpod and also used here.
moved pkog/network to libpod/network because libpod is now being pulled into the package and it has therefore lost its generic nature. this will make it easier to absorb into libpod as we try to make the network closer to core operations.
Fixes: #7807
Signed-off-by: baude <bbaude@redhat.com>
|
| |\
| |
| | |
[apiv2] /containers/$name/json return wrong value in `.Config.StopSignal`
|
