| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
| |
Secret environment variables were only available to a podman run/start.
This commit makes sure that exec sessions can see them as well.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |
|
|
|
|
|
|
| |
There are use-cases where users would want to use overlay-mounts as
workdir. For such cases workdir should be resolved after all the mounts
are completed during the container init process.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
InfraContainer should go through the same creation process as regular containers. This change was from the cmd level
down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod
cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows
FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state)
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\
| |
| | |
teardown play kube
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
add the ability for play kube to tear down based on the yaml used to
play it. it is indicated by --down in the play kube command. volumes
are NOT deleted during the teardown. pods and their containers are
stopped and removed.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
logFile until flag issue, negative duration replaced with positive
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
we were adding a negative duration in podman events, causing inputs like
-5s to be correct and 5s to be incorrect.
fixes #11158
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \ \
| | | |
| | | | |
volumes: Add support for `volume import` which allows importing contents of external tarballs into podman volumes.
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Following feature makes sure that users can load contents of external
tarball into the podman volumes.
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
| |\ \ \
| | | |
| | | | |
Fix file descriptor leaks in bindings and add test
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* Add response.Body.Close() where needed to release HTTP
connections to API server.
* Add tests to ensure no general leaks occur. 100% coverage would be
required to ensure no leaks on any call.
* Update code comments to be godoc correct
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
podman inspect show exposed ports
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman inspect has to show exposed ports to match docker. This requires
storing the exposed ports in the container config.
A exposed port is shown as `"80/tcp": null` while a forwarded port is
shown as `"80/tcp": [{"HostIp": "", "HostPort": "8080" }]`.
Also make sure to add the exposed ports to the new image when the
container is commited.
Fixes #10777
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| | | |
| | | | |
volumes: Add support for `volume export` which allows exporting content to external path.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds support for transferring data between systems and backing up systems.
Use cases: recover from disasters or move data between machines.
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Support for --tls-verify flag in podman-run & podman-create
|
| | | | | |
| | | | |
| | | | |
| | | | | |
Signed-off-by: Shivkumar13 <sople@redhat.com>
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
Use pod netns with --pod-id-file
|
| | | |_|/ /
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When `--pod-id-file` is used do not parse the default network namespace
and let specgen handle it instead.
This regression was introduced in commit 7ef3981abe24.
Fixes #11303
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \ \ \
| |/ / / /
|/| | | | |
e2e tests: fix overlay: Unknown option vfs.imagestore
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Fixes: https://github.com/containers/podman/issues/11201
The STORAGE_FS is hard code in test/e2e/config_amd64.go, it will
hit error like this "overlay: Unknown option vfs.imagestore" when
setting STORAGE_OPTIONS="--storage-driver overlay". With this patch,
the STORAGE_FS is exported as environment variable, if STORAGE_FS is set,
then set storageOptions to --storage-driver $STORAGE_FS.
Signed-off-by: Alex Jia <chuanchang.jia@gmail.com>
|
| | |_|/ /
|/| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When a network id is used to create a container we translate it to use the
name internally for the db. The network aliases are also stored with the
network name as key so we have to also translate them for the db.
Also removed some outdated skips from the e2e tests.
Fixes #11285
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For docker compat include information about available volume, log and
network drivers which should be listed under the plugins key.
Fixes #11265
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Add ability to build images in play kube
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When playing a kube YAML file, it can be desirable to be able to build
an image on the fly. This is good for development of an image and YAML
files and somewhat mocks what compose does.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These tests were originally enabled in a situation where CI provided
false-positive results. Now that has been corrected, these tests all
fail under a CGv1 container environment with the error:
```
Error: unable to load cgroup at
/machine.slice/libpod-e4f...086.scope/libpod_parent/libpod-fbd...425:
cgroup deleted
```
This commit simply disables the tests under this specific environment.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This becomes a problem on hosts with upgraded policies. Ref:
https://github.com/containers/podman/issues/10522
Also, made a small change to compose-test setup to reduce runtime.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
after the init containers pr merged, it was suggested to use `once`
instead of `oneshot` containers as it is more aligned with other
terminiology used similarily.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The `ls` command is not intended for this purpose and may behave in
unexpected ways, leading to false positive or negative results. Update
the tests to use the purpose built `test` command instead.
Also added several *TODO* comments for possible future testing
enhancements.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Update test to confirm the negative-case, proving the `--privileged`
"option is required" for this character device to be present in a
container (including rootless).
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This test has been failing for a long time but nobody noticed because CI
doesn't have the device node (nested-VM support was disabled). After
having enabled nested VM support, tests fail due to some unknown
special-handling of this device.
Fix both problems by removing the `skip()` and switching to a more generic
device which is only present when `--privileged` is used.
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Add until filter to podman pod ps
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
This commit adds additional until filter to podman pod ps (ls/list).
Additionally, it also adds descriptions for podman pod ps filters available
via http api.
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
|
| |\ \
| | |
| | | |
Add support for pod inside of user namespace.
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add the --userns flag to podman pod create and keep
track of the userns setting that pod was created with
so that all containers created within the pod will inherit
that userns setting.
Specifically we need to be able to launch a pod with
--userns=keep-id
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
| |/
|
|
|
|
| |
Ref: https://github.com/containers/podman/issues/11165
Signed-off-by: Chris Evich <cevich@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Execution domains tell Linux how to map signal numbers into signal actions.
The execution domain system allows Linux to provide limited support for binaries
compiled under other UNIX-like operating systems.
Reference: https://man7.org/linux/man-pages/man2/personality.2.html
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
|
| |\
| |
| | |
implement init containers in podman
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
this is the first pass at implementing init containers for podman pods.
init containersare made popular by k8s as a way to run setup for pods
before the pods standard containers run.
unlike k8s, we support two styles of init containers: always and
oneshot. always means the container stays in the pod and starts
whenever a pod is started. this does not apply to pods restarting.
oneshot means the container runs onetime when the pod starts and then is
removed.
Signed-off-by: Brent Baude <bbaude@redhat.com>
|
| |\ \
| | |
| | | |
Handle timezone on server containers.conf
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes: https://github.com/containers/podman/issues/11124
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@localhost.localdomain>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
Do not add an entry to /etc/hosts with `--net=host`
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
To match Docker's behavior, in the `--net=host` case, we need to
use the host's `/etc/hosts` file, unmodified (without adding an
entry for the container). We will still respect hosts from
`--add-host` but will not make any automatic changes.
Fortuntely, this is strictly a matter of removal and refactoring
as we already base our `/etc/hosts` on the host's version - just
need to remove the code that added entries when net=host was set.
Fixes #10319
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |\ \
| | |
| | | |
stats: add a interval parameter to cli and api stats streaming
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Renamed podman pod stats test specs to distinguish them from podman stats tests.
podman stats tests where disabled by a +build flag.
Fix podman stats format test, add negative test.
Fix podman stats cli command, exit non-zero on invalid format string.
Add tests for podman stats interval flag.
Signed-off-by: Thomas Weber <towe75@googlemail.com>
|
| |\ \ \
| |_|/
|/| | |
test: move container process to a sub-cgroup
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
move the container to a sub-cgroup before creating a sibling
hierarchy.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Created image scp feature
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
added functionality for image secure copying from local to remote.
Also moved system connection add code around a bit so functions within that file
can be used by scp.
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \ \ \
| | | | |
| | | | | |
Add `--accept-repositories` integration tests
|
