| Commit message (Collapse) | Author | Age |
|\
| |
| | |
Add basic deadlock detection for container start/remove
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We can easily tell if we're going to deadlock by comparing lock
IDs before actually taking the lock. Add a few checks for this in
common places where deadlocks might occur.
This does not yet cover pod operations, where detection is more
difficult (and costly) due to the number of locks being involved
being higher than 2.
Also, add some error wrapping on the Podman side, so we can tell
people to use `system renumber` when it occurs.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| | |
| | | |
build: move initialization after SetXdgDirs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
when we use namespaces, we set the run directory to 0711 to allow
other users to access it.
without this relaxation, the /run/user/$UID directory would be
skipped.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
|/ /
| |
| |
| |
| |
| | |
Initial ginkgo setup credit to Brent Baude <bbaude@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \
| | |
| | | |
enable ci on go binding tests
|
| | |
| | |
| | |
| | | |
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| |_|/
|/| | |
more image binding tests
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add two additional bindings tests for image usage.
add ability to use search filter on the endpoint.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
1) Help message for podman port was missing [PORT]
2) Add test for 'podman port'. And, actually, an entire
networking test that I'd written some weeks ago but
apparently didn't 'git add'.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
code was erronously misinterpretting the port as a containername.
Fixes: #1791832
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
| |
adding more image tests for go bindings. one big change is that the params were converted from map[string]string to url.values to account for the ability to send []string as query params
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
search endpoint failure correction
|
| |
| |
| |
| |
| |
| |
| |
| | |
when returning an invalid search, a return was omitted triggering a null on the consumer end.
Fixes: #5228
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|/
|
|
|
|
|
|
| |
it turns out that when the firewall plugin is not provided as part of the configuration, then the firewall cni plugin will dynamically figure out if it should use firewalld or iptables.
also removing this from the default configuration file
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\
| |
| | |
Remove ImageVolumes from database
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Before Libpod supported named volumes, we approximated image
volumes by bind-mounting in per-container temporary directories.
This was handled by Libpod, and had a corresponding database
entry to enable/disable it.
However, when we enabled named volumes, we completely rewrote the
old implementation; none of the old bind mount implementation
still exists, save one flag in the database. With nothing
remaining to use it, it has no further purpose.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \
| | |
| | | |
implement reverse reader for log reads
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
in cases where the log file exceeds the available memory of a system, we had a bug that triggered an oom because the entire logfile was being read when the tail parameter was given. this reads in chunks and is more or less memory safe.
fixes: #5131
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \
| | | |
| | | | |
apiv2: Image filtering and fixup docs
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Mention what is the input format plus put literals into quotation marks
for better readability (plus it seems that some tags were not rendered).
Signed-off-by: Matej Marusak <mmarusak@redhat.com>
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
It is more practical for API usage and also it is more in sync how
filtering of containers works.
Signed-off-by: Matej Marusak <mmarusak@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
stats: Expose CPU usage in API
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
`stats.CPU` is a number representing CPU usage in percents. It is possible
to calculate it from other exposed fields (once they are implemented
correctly) but why to do it, when this is already calculated.
This does not break API, it just adds another field.
Signed-off-by: Matej Marusak <mmarusak@redhat.com>
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
Swagger: yet more fixes
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
PR #5204 added /libpod/containers/create but with the wrong
swagger comment. Fix that.
Also fix some other inconsistencies: missing 'libpod' prefix,
missing 'Container' suffix, and change 'ContainerCreate'
to 'CreateContainer'; all of these changes preserve consistency
with both the invoked function as well as the overall naming
conventions used in this module.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
APIv2: Fixed syscall.Signal not convertable by decoder
|
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Use cleaned destination path for indexing image volumes
|
| | |_|_|/ /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
We use filepath.Clean() to remove trailing slashes to ensure that
when we supercede image mounts with mounts from --volume and
--mount, paths are consistent when we compare. Unfortunately,
while we used the cleaned path for the destination in the mount,
it was accidentally not used to index the maps that we use to
identify what to supercede, so our comparisons might be thrown
off by trailing slashes and similar.
Fixes #5219
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |_|/ / /
|/| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
* Make context keys package safe
* Add support for PODMAN_HOST and PODMAN_SSHKEY
* Add slight increasing delay when client connections fail
* Remove usages of path.Join(), added JoinURL(). '/' is not OS
dependent.
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| | | | | |
| | | | | | |
Add test to validate the pod bindings api
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Include test to validate pod create, start, stop, restart,
pause, unpause, list, and inspect api bindings.
Also includes bug fixes that resulted in invalid api responses.
Signed-off-by: Sujil02 <sushah@redhat.com>
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Add network opts to pods
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Enables most of the network-related functionality from
`podman run` in `podman pod create`. Custom CNI networks can be
specified, host networking is supported, DNS options can be
configured.
Also enables host networking in `podman play kube`.
Fixes #2808
Fixes #3837
Fixes #4432
Fixes #4718
Fixes #4770
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
PR #5235 updated a bunch of entrypoints from {name} to {name:.*},
requiring matching changes to swagger comments. Looks like one
got missed due to the manual nature of this work.
Have I mentioned lately that manual maintenance of duplicate
information is not a great idea?
Discrepancy caught by my script, which I would really like to
look into getting into CI, but is gating on #5238. (I would
actually not like to get this script into CI, I would prefer
to have the duplicate information be autogenerated from
the function calls themselves, but I seem to have lost
that battle)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
this uses the specgen structure to create containers rather than the outdated createconfig. right now, only the apiv2 create is wired up. eventually the cli will also have to be done.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
|\ \ \ \ \ \ \
| | | | | | | |
| | | | | | | | |
APIv2: Fixed CreateImageFromImage not respecting supplied Tag parameter
|
| | |_|_|/ / /
| |/| | | | |
| | | | | | |
| | | | | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
|\ \ \ \ \ \ \
| |_|_|_|_|_|/
|/| | | | | | |
config: use built-in TOML merge and adhere to label setting
|
| |/ / / / /
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Set the (default) process labels in `pkg/spec`. This way, we can also
query libpod.conf and disable labeling if needed.
Fixes: #5087
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
|/ / / / /
| | | | |
| | | | |
| | | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
|\ \ \ \ \
| |_|/ / /
|/| | | | |
APIv2: fixes decoder issue
|
| | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Andreas Schubert <schubter@gmail.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
As I've mentioned once or twice, hand-maintained swagger docs
are evil. This commit attempts to fix:
* Inconsistent methods (swagger says POST but code signature
says GET)
* Inconsistent capitalization
* Typos ("Mounter", "pood")
* Completely wrong paths (/inspect vs /json)
* Missing .Method() registrations
* Missing /libpod in some /volumes paths
* Incorrect method declaration: /libpod/containers/.../kill
was correct (POST) in swagger but wrong in the code itself
(http.MethodGet). Correct the latter to MethodPost
This is two hours' work, even with a script I have that
tries to cross-check everything.
Swagger docs should not be human-maintained.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
%2F escaping is also supported.
Return better response on bad search terms
Fixes #5229
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
Fix handler and systemd activation errors
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
On panic from handler: log warning and stack trace, report
InternalServerError to client
When using `podman system service` make determining the listening endpoint deterministic.
// When determining _*THE*_ listening endpoint --
// 1) User input wins always
// 2) systemd socket activation
// 3) rootless honors XDG_RUNTIME_DIR
// 4) if varlink -- adapter.DefaultVarlinkAddress
// 5) lastly adapter.DefaultAPIAddress
Fixes #5150
Fixes #5151
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
rootless: check if the conmon process is valid
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
if the pause process doesn't exist and we try to join a conmon
namespace, make sure the process still exists. Otherwise re-create
the user namespace.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|