summaryrefslogtreecommitdiff
path: root/pkg
Commit message (Collapse)AuthorAge
* Add pause/unpause --latest, --cidfile, --filterToshiki Sonoda2022-07-20
| | | | | | | | --latest : pause/unpause the latest container. --filter : pause/unpause the filtered container. --cidfile : Read container ID from the specified file and pause/unpause the container. Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* Merge pull request #14945 from sstosh/pod-pause-cgroupv1OpenShift Merge Robot2022-07-20
|\ | | | | "podman pod pause" return error if cgroups v1 rootless container
| * "pod pause/unpause/stop" append "report.Errs" to "reports"Toshiki Sonoda2022-07-19
| | | | | | | | | | | | | | | | | | | | There is a possibility that podman does not output expected error message. (e.g. When pause rootless cgroups v1 container on host) This problem is solved by appending `report.Errs` to `reports` before `continue`. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | Print rootfs download as a specific version on WinJason T. Greene2022-07-18
|/ | | | | | | | | - Also save the file using this convention. - Change the general pull mechanism to print the local file as opposed to the remote to enable this - no change in observed behavior on mac Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
* Merge pull request #14900 from ashley-cui/machcacheopenshift-ci[bot]2022-07-16
|\ | | | | Clean up cached machine images
| * Clean up cached machine imagesAshley Cui2022-07-15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When initing machines, we download a machine image, and uncompress and copy the image for the actual vm image. When a user constantly pulls new machines, there may be a buildup of old, unused machine images. This commit cleans ups the unused cached images. Changes: - If the machine is pulled from a URL or from the FCOS releases, we pull them into XDG_DATA_HOME/containers/podman/machine/vmType/cache - Cache cleanups only happen if there is a cache miss, and we need to pull a new image - For Fedora and FCOS, we actually use the cache, so we go through the cache dir and remove any images older than 2 weeks (FCOS's release cycle), on a cache miss. - For generic files pulled from a URL, we don't actually cache, so we delete the pulled file immediately after creating a machine image - For generic files from a local path, the original file will never be cleaned up Note that because we cache in a different dir, this will not clean up old images pulled before this commit. [NO NEW TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | Machine init: create .ssh dir if not existAshley Cui2022-07-15
|/ | | | | | | When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there is not .ssh dir, we should create it, so the init does not fail. Signed-off-by: Ashley Cui <acui@redhat.com>
* Podman stop --filter flagKarthik Elango2022-07-14
| | | | | | | Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy. Signed-off-by: Karthik Elango <kelango@redhat.com>
* Merge pull request #14935 from saschagrunert/semver-v4openshift-ci[bot]2022-07-14
|\ | | | | Switch to `github.com/blang/semver/v4`
| * Switch to `github.com/blang/semver/v4`Sascha Grunert2022-07-14
| | | | | | | | | | | | | | | | Switch to the latest version of the now go module compatible release. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | Merge pull request #14919 from gbraad/fedorawslopenshift-ci[bot]2022-07-14
|\ \ | |/ |/| Use prepared image for WSL machine init
| * Fixes #14698 Use prepared image for WSL2 machine initGerard Braad2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | This commit introduces a prepared image for setting up the WSL2 environment. This means that the deployment will take considerable less time to finish (as it does not need to run an update and package install), but also allows to rely on a cached image to re-init the environment without the need for an internet connection. [NO NEW TESTS NEEDED] Signed-off-by: Gerard Braad <me@gbraad.nl>
* | Merge pull request #14772 from nicrowe00/12475openshift-ci[bot]2022-07-13
|\ \ | | | | | | Add "podman kube play" cmd
| * | Add "podman kube play" cmdNiall Crowe2022-07-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "podman kube play" command is designed to be a replacement for the "podman play kube" command. It performs the same function as "play kube" while also still working with the same flags and options. The "podman play kube" command is still functional as an alias of "kube play". Closes #12475 Signed-off-by: Niall Crowe <nicrowe@redhat.com> Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* | | Merge pull request #14895 from baude/machinewipopenshift-ci[bot]2022-07-13
|\ \ \ | |/ / |/| | Fix machine test for list
| * | Fix last machine testBrent Baude2022-07-12
| |/ | | | | | | | | | | | | | | The list --format json test case had a typo like error. [NO NEW TESTS NEEDED] Signed-off-by: Brent Baude <bbaude@redhat.com>
* | abi: create new cgroup when running in a containerGiuseppe Scrivano2022-07-13
| | | | | | | | | | | | | | | | | | | | | | if podman is running in the root cgroup, it will create a new subcgroup and move itself there. [NO NEW TESTS NEEDED] it needs nested podman Closes: https://github.com/containers/podman/issues/14884 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | podman: always call into SetupRootlessGiuseppe Scrivano2022-07-13
|/ | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Merge pull request #14893 from Luap99/machine-proxyopenshift-ci[bot]2022-07-12
|\ | | | | podman machine: do not commit proxies into config file
| * podman machine: do not commit proxies into config filePaul Holzinger2022-07-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu fails when the same `fw_cfg` options is used more than once. Since the current logic always adds a new option on each machine load this will fail on the second start. We can fix this by checking if the option is already set and replace but I think it is easier to just not commit the option in the config and add it dynamically on start. User that hit this bug have to recreate the machine. [NO NEW TESTS NEEDED] Fixes #14636 Fixes #14837 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14181 from umohnani8/kube-hostnameopenshift-ci[bot]2022-07-11
|\ \ | |/ |/| Add ports and hostname correctly in kube yaml
| * Add ports and hostname correctly in kube yamlUrvashi Mohnani2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | If a pod is created without net sharing, allow adding separate ports for each container to the kube yaml and also set the pod level hostname correctly if the uts namespace is not being shared. Add a warning if the default namespace sharing options have been modified by the user. Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
* | Merge pull request #14826 from sstosh/net-pruneopenshift-ci[bot]2022-07-11
|\ \ | | | | | | Refactored networkPrune function
| * | Refactored networkPrune functionToshiki Sonoda2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Refactored the networkPrune function to improve readability. This commit changes the `networkPrune` function to use the `PrintNetworkPruneResults` function. [NO NEW TESTS NEEDED] Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
* | | Merge pull request #14818 from rhatdan/waitopenshift-ci[bot]2022-07-11
|\ \ \ | | | | | | | | podman wait can take multiple conditions
| * | | podman wait can take multiple conditionsDaniel J Walsh2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Podman wait should not be defaulting to just stopped. By default wait API waits for stopped and exited. We should not override this on the client side. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Fix machine testsBrent Baude2022-07-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Catch up with regressions that have occurred since the tests were originally written. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | | Merge pull request #14839 from saschagrunert/errors-pkgopenshift-ci[bot]2022-07-08
|\ \ \ \ | |/ / / |/| | | pkg: switch to golang native error wrapping
| * | | pkg: switch to golang native error wrappingSascha Grunert2022-07-08
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | We now use the golang error wrapping format specifier `%w` instead of the deprecated github.com/pkg/errors package. [NO NEW TESTS NEEDED] Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
* | | pkg/machine/qemu: start VM check if qemu is alivePaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When trying to connect to the qemu ready socket we should check if the qemu process is still running, if it is not we can just error out. There is no point in retrying. To do so we have to directly call wait with WNOHANG. Also change StartProcess to os/exec package which is higher level and allows us to use a buffer as qemu stderr fd. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | machine: qemu fix chardev id starting with letterPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | qemu need the id to start with a letter for some reason. If this is not the case qemu will fail: ``` qemu-system-x86_64: -device virtserialport,chardev=ad053e0bb519f_ready,name=org.fedoraproject.port.0: Property 'virtserialport.chardev' can't find value 'ad053e0bb519f_ready' er Identifiers consist of letters, digits, '-', '.', '_', starting with a letter. ``` To fix this we just add an "a" in front of it. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | pkg/machine/e2e: do not import from cmd/podmanPaul Holzinger2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It should be avoided to import cmd/podman/... packages from outside of cmd/podman. This can lead in weird hard to debug import paths but also can have negative consequences when imported in unit tests. In this case it will set XDG_CONFIG_HOME and thus the machine tests this dir over the tmp HOME env variable which is set at a later point. This caused machine files to be leaked into the actual users home dir. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | machine test: fix endless loop in testPaul Holzinger2022-07-07
|/ / | | | | | | | | | | | | | | | | | | The problem is that this could loop forever as long as podman start doe snot exit (which could happen due bugs). Also since there no timeout between the machine list calls the test is using the full cpu and this causes the system to slow down making the machine start command even slower. IMO it is enough to only check the status every three seconds. Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | Merge pull request #14803 from bugfood/volumesopenshift-ci[bot]2022-07-07
|\ \ | | | | | | make 9p security model configurable; document
| * | podman machine: make 9p security model configurable; adjust docsCorey Hickey2022-07-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This addresses: Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784 This change does NOT exactly fix the bug, but it does allow the user to work around it via 'podman init' option, e.g.: podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none" If the default security model were to be changed to 'none', then that would fix the bug, at the possible cost of breaking any use cases that depend on 'mapped-xattr'. The documentation of the purpose and behavior of the different security models seems to be rather light: https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly From testing, it appears that the mapped-xattr security model intends to manage symlinks such that the guest can see the symlinks but the host only sees regular files (with extended attributes). As far as I can tell, this behavior only makes sense when the guest is the only thing that ever needs to create and read symlinks. Otherwise, symlinks created on the host are unusable on the guest, and vice versa. As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5 [NO NEW TESTS NEEDED] Also document existing ro and rw options. Also remove misleading statement about /mnt. By my observation, this line is incorrect. If the intended meaning is different, then I don't understand. The default volume is mounted read/write and is not within /mnt. [core@localhost ~]$ mount | grep 9p vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio) Signed-off-by: Corey Hickey <chickey@tagged.com>
* | | Merge pull request #14852 from cdoern/podUTSEd Santiago2022-07-07
|\ \ \ | | | | | | | | fix namespace reporting
| * | | fix namespace reportingCharlie Doern2022-07-07
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | somehow, #14501 got through CI even though the remote tests fail. The testa are failing due to the PodSpecGenerator not containing the UTSNs entitiy and infra's spec is not yet allowed to be accessed remotely [NO NEW TESTS NEEDED] resolves #14847 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Merge pull request #14762 from ashley-cui/machinfoopenshift-ci[bot]2022-07-07
|\ \ \ \ | | | | | | | | | | Podman machine info
| * | | | Podman machine infoAshley Cui2022-07-05
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | Add podman machine info command, which displays infor about the machine host as well as version info. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | | Merge pull request #14825 from jmguzik/fix_streaming_pod_statsopenshift-ci[bot]2022-07-07
|\ \ \ \ | |_|/ / |/| | | Fix streaming for libpod/pods/stats endpoint
| * | | Fix streaming for libpod/pods/stats endpointJakub Guzik2022-07-05
| | |/ | |/| | | | | | | | | | | | | | | | | | | This commit fixes libpod/pods/stats endpoint which should stream the data. Additional option param is added to disable streaming and the delay value to choose the desired delay between streamed messages (default 5s). Signed-off-by: Jakub Guzik <jguzik@redhat.com>
* | | Merge pull request #14673 from idleroamer/fix-network-inspect-mainopenshift-ci[bot]2022-07-07
|\ \ \ | | | | | | | | Fix network inspect compat API discrepancy
| * | | Fix network inspect compat API discrepancy🤓 Mostafa Emami2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - containerInspect compat API expects field value PrefixLen instead of PrefixLength for type Address for SecondaryIPAddresses - Add tests for network part of containerInspect compat api Closes: containers#14674 Signed-off-by: 🤓 Mostafa Emami <mustafaemami@gmail.com>
* | | | Merge pull request #14841 from Luap99/common-codeopenshift-ci[bot]2022-07-07
|\ \ \ \ | | | | | | | | | | use c/common code for resize and CopyDetachable
| * | | | use c/common code for resize and CopyDetachablePaul Holzinger2022-07-06
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since conmon-rs also uses this code we moved it to c/common. Now podman should has this also to prevent duplication. [NO NEW TESTS NEEDED] Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* | | | Merge pull request #14844 from shanesmith/fix-qemu-machine-gvproxy-always-failsopenshift-ci[bot]2022-07-06
|\ \ \ \ | | | | | | | | | | Fix qemu machine startHostNetworking always failing
| * | | | Fix qemu machine startHostNetworking always failingShane Smith2022-07-06
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | Issue introduced in #14828 [NO NEW TESTS NEEDED] Signed-off-by: Shane Smith <shane.smith@shopify.com>
* | | | Merge pull request #14501 from cdoern/podUTSopenshift-ci[bot]2022-07-06
|\ \ \ \ | |/ / / |/| | | podman pod create --uts support
| * | | podman pod create --uts supportcdoern2022-07-05
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | add support for the --uts flag in pod create, allowing users to avoid issues with default values in containers.conf. uts follows the same format as other namespace flags: --uts=private (default), --uts=host, --uts=ns:PATH resolves #13714 Signed-off-by: Charlie Doern <cdoern@redhat.com>
* | | | Merge pull request #14370 from umohnani8/todoopenshift-ci[bot]2022-07-05
|\ \ \ \ | | | | | | | | | | Fix podman pod unpause TODO