summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Add parameter to specify checkpoint archive compressionAdrian Reber2021-06-07
| | | | | | | | | | | | | | | The checkpoint archive compression was hardcoded to `archive.Gzip`. There have been requests to make the used compression algorithm selectable. There was especially the request to not compress the checkpoint archive to be able to create faster checkpoints when not compressing it. This also changes the default from `gzip` to `zstd`. This change should not break anything as the restore code path automatically handles whatever compression the user provides during restore. Signed-off-by: Adrian Reber <areber@redhat.com>
* Merge pull request #10561 from vrothberg/fix-remote-events-labelOpenShift Merge Robot2021-06-07
|\ | | | | remote events: support labels
| * remote events: support labelsValentin Rothberg2021-06-04
| | | | | | | | | | | | | | | | Certain event meta data was lost when converting the remote events to libpod events and vice versa. Enable the skipped system tests for remote. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #10568 from jwhonce/issues/10562OpenShift Merge Robot2021-06-06
|\ \ | | | | | | [CI:DOCS] Document which CNI fields are encoded
| * | [CI:DOCS] Document which CNI fields are encodedJhon Honce2021-06-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The CNI configuration fields named Bytes are typed []byte which the GO JSON encoded automatically Base64 encodes. Note: Future major versions of Podman will refactor the networking endpoints to encapsulate/abstract the CNI structures which will allow better documenation and encoding. Fixes #10562 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Merge pull request #10549 from Luap99/fix-9859OpenShift Merge Robot2021-06-05
|\ \ \ | |/ / |/| | remote: always send resize before the container starts
| * | remote: always send resize before the container startsPaul Holzinger2021-06-04
| |/ | | | | | | | | | | | | | | | | | | | | | | | | There is race condition in the remote client attach logic. Because the resize api call was handled in an extra goroutine the container was started before the resize call happend. To fix this we have to call resize in the same goroutine as attach. When the first resize is done start a goroutine to listen on SIGWINCH in the background and resize again if the signal is received. Fixes #9859 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #10546 from boaz0/closes_8645OpenShift Merge Robot2021-06-04
|\ \ | | | | | | Add CORS support
| * | Add CORS supportBoaz Shuster2021-06-04
| |/ | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | Merge pull request #10563 from Luap99/fix-10494OpenShift Merge Robot2021-06-04
|\ \ | | | | | | [CI:DOCS] fix incorrect network remove api doc
| * | [CI:DOCS] fix incorrect network remove api docPaul Holzinger2021-06-04
| |/ | | | | | | | | | | | | | | The endpoint returns an array and not a single entry. Fixes #10494 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* / remote events: fix --stream=falseValentin Rothberg2021-06-04
|/ | | | | | | | | | | Fix a bug in remote events where only one event would be sent if when streaming is turned off. The source of the bug was that the handler attempted to implement the streaming logic and did it wrong. The fix is rather simple by removing this logic from the handler and let the events backend handle streaming. Fixes: #10529 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #10517 from cdoern/masterOpenShift Merge Robot2021-06-01
|\ | | | | API one-shot query implementation/handling
| * added tests in python rest apicdoern2021-06-01
| | | | | | | | Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
* | Merge pull request #10486 from vrothberg/tag-digest-supportOpenShift Merge Robot2021-06-01
|\ \ | | | | | | support tag@digest notation
| * | support tag@digest notationValentin Rothberg2021-05-31
| | | | | | | | | | | | | | | | | | | | | | | | | | | Vendor in the latest HEAd of containers/common to implicitly support the tag@digest notation for images. To remain compatible with Docker, the tag will be stripped off the image reference and is entirely ignored. Fixes: #6721 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #10519 from matejvasek/use-req-ctxOpenShift Merge Robot2021-06-01
|\ \ \ | | | | | | | | Use request context instead of background
| * | | Use request context instead of backgroundMatej Vasek2021-06-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This prevents goroutine leak: If background context were used then push operation would continue even if client aborted request by closing connection. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | | Merge pull request #10488 from baude/machinehostnetworkOpenShift Merge Robot2021-06-01
|\ \ \ \ | | | | | | | | | | Enable port forwarding on host
| * | | | Enable port forwarding on hostBrent Baude2021-06-01
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using the gvproxy application on the host, we can now port forward from the machine vm on the host. It requires that 'gvproxy' be installed in an executable location. gvproxy can be found in the containers/gvisor-tap-vsock github repo. [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #10508 from matejvasek/fix-from-imgOpenShift Merge Robot2021-06-01
|\ \ \ \ | | | | | | | | | | Better error handing for images/create compat api
| * | | | Better error handing for images/create compat apiMatej Vasek2021-05-31
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If server cannot resolve short name due to enforcing policy send non-2xx status code. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | | | Merge pull request #10510 from matejvasek/improve-creat-from-imgOpenShift Merge Robot2021-06-01
|\ \ \ \ | | | | | | | | | | Use request context instead of background context
| * | | | Use request context instead of background contextMatej Vasek2021-06-01
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a goroutine leak. Previously if request was cancelled the image pulling goroutine kept running regardless. [NO TESTS NEEDED] Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | / / [NO TESTS NEEDED] API list networks should return [] when used with no networkszhangguanzhang2021-06-01
| |/ / |/| | | | | | | | Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
* | | generate systemd: make mounts portableValentin Rothberg2021-05-31
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 748826fc88fc fixed a bug where slow mounting of the runroot was causing issues when the units are started at boot. The fix was to add the container's runroot to the required mounts; the graph root has been added as well. Hard-coding the run- and graphroot to the required mounts, however, breaks the portability of units generated with --now. Those units are intended to be running on any machine as, theoreticaly, any user. Make the mounts portable by using the `%t` macro for the run root. Since the graphroot's location varies across root and ordinary users, drop it from the list of required mounts. The graphroot was not causing issues. Fixes: #10493 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | rootless: fix SIGSEGV ,make LISTEN_FDNAMES optional [Closes #10435].flouthoc2021-05-29
| | | | | | | | | | | | [NO TESTS NEEDED] Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | Merge pull request #10383 from rhatdan/kubeOpenShift Merge Robot2021-05-27
|\ \ | | | | | | Handle image user and exposed ports in podman play kube
| * | Handle image user and exposed ports in podman play kubeDaniel J Walsh2021-05-26
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently if a user runs an image with a user specified or exposed ports with podman play kube, the fields are ignored. Fixed: https://github.com/containers/podman/issues/9609 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Add options to podman machine sshBrent Baude2021-05-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add options to the podman machine ssh command that ignore hostkeychecking and hosts file -o 'UserKnownHostsFile /dev/null' -o 'StrictHostKeyChecking no [NO TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | Add the option of Rootless CNI networking by defaultMatthew Heon2021-05-26
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When the containers.conf field "NetNS" is set to "Bridge" and the "RootlessNetworking" field is set to "cni", Podman will now handle rootless in the same way it does root - all containers will be joined to a default CNI network, instead of exclusively using slirp4netns. If no CNI default network config is present for the user, one will be auto-generated (this also works for root, but it won't be nearly as common there since the package should already ship a config). I eventually hope to remove the "NetNS=Bridge" bit from containers.conf, but let's get something in for Brent to work with. Signed-off-by: Matthew Heon <mheon@redhat.com>
* / Handle hard links in different directoriesDaniel J Walsh2021-05-24
|/ | | | | | Fixes: https://github.com/containers/podman/issues/10444 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #10387 from flouthoc/cgroupv1-v2-infoOpenShift Merge Robot2021-05-24
|\ | | | | Podman info add support for status of standard available cgroup controllers
| * Podman info add support for status of cgroup controllersflouthoc2021-05-24
| | | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | Handle hard links in remote buildsDaniel J Walsh2021-05-22
|/ | | | | | Fixes: https://github.com/containers/podman/issues/9893 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #10365 from jwhonce/issues/9578OpenShift Merge Robot2021-05-21
|\ | | | | Match swagger to "as built" output
| * Match swagger to "as built" outputJhon Honce2021-05-21
| | | | | | | | | | | | | | | | | | | | | | * Remove all Types no longer referenced, they were never used A future API breaking version of Podman API, may restore these Types and push formatting into presentation layer vs. server. Fixes #9578 Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #10427 from rhatdan/errorsOpenShift Merge Robot2021-05-21
|\ \ | |/ |/| Drop container does not exist on removal to debugf
| * Drop container does not exist on removal to debugfDaniel J Walsh2021-05-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have race conditions where a container can be removed by two different processes when running podman --remove rm. It can be cleaned up in the API or by the conmon executing podman container cleanup. When we fail to remove a container that does not exists we should not be printing errors or warnings, we should just debug the fact. [NO TESTS NEEDED] Since this is a race condition it is difficult to test. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10400 from rhatdan/rootOpenShift Merge Robot2021-05-21
|\ \ | |/ |/| Clear the storage-options from the graphdriver if users specifies --root
| * Clear the storage-options from the graphdriver if users specifies --rootDaniel J Walsh2021-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/10393 Currently if a user specifies a --root flag to override the location of the container storage, we still enforce the storage-opts from storage.conf. This causes issues with people trying to intereact with the additional stores feature, and then forces them to use the obscure --storage-opt="" option. I belive this should be the default and we already do this when the user specifies the --storage-driver option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Downgrade API service routing table loggingJhon Honce2021-05-20
| | | | | | | | | | | | | | | | | | | | | | [NO TESTS NEEDED] * Log the routing table output at Trace vs. Debug level. Reduce noise in debugging output. * Tweak SDNotify message to report Warn when it fails. Previously failures were silent. Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #10377 from vrothberg/test-commonOpenShift Merge Robot2021-05-20
|\ \ | | | | | | update c/common
| * | update c/commonValentin Rothberg2021-05-20
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update containers common to the latest HEAD. Some bug fixes in libimage forced us to have a clearer separation between ordinary images and manifest lists. Hence, when looking up manifest lists without recursing into any of their instances, we need to use `LookupManifestList()`. Also account for some other changes in c/common (e.g., the changed order in the security labels). Further vendor the latest HEAD from Buildah which is required to get the bud tests to pass. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* / Add support for podman manifest rm commandDaniel J Walsh2021-05-19
|/ | | | | | This is mainly to match command line of Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #10371 from matejvasek/fix-wait-compatOpenShift Merge Robot2021-05-19
|\ | | | | fix: response of containers wait endpoint
| * fix: response body of containers wait endpointMatej Vasek2021-05-18
| | | | | | | | | | | | | | The `Error` part of response must be nil (or omitted) if no error occurred. Before this commit a zero value for the struct was returned. Signed-off-by: Matej Vasek <mvasek@redhat.com>
* | Merge pull request #10369 from jmguzik/network-http-docs-fixesOpenShift Merge Robot2021-05-18
|\ \ | |/ |/| Fix formatting and indentation in network http api docs
| * Fix formatting and indentation in network http api docsJakub Guzik2021-05-17
| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Merge pull request #10339 from rhatdan/selinuxOpenShift Merge Robot2021-05-17
|\ \ | | | | | | Support automatic labeling of kube volumes