| Commit message (Collapse) | Author | Age |
|\
| |
| | |
replace net_raw with setuid
|
| |
| |
| |
| |
| |
| | |
podman does not allow setting CAP_NET_RAW
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
|\ \
| | |
| | | |
Add hostname to /etc/hosts for --net=none
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
This does not match Docker, which does not add hostname in this
case, but it seems harmless enough.
Fixes #8095
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \
| |/
|/| |
Allow save image remove-signatures
|
| |
| |
| |
| |
| |
| |
| | |
remove signatures to podman save since the image formats do not support signatures
Close: #7659
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \
| | |
| | | |
Fix handling and documentation of podman wait --interval
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In older versions of podman, we supported decimal numbers defaulting
to microseconds. This PR fixes to allow users to continue to specify
only digits.
Also cleaned up documentation to fully describe what input for --interval flag.
Finally improved testing on podman wait to actually make sure the command succeeded.
Fixed tests to work on podman-remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| | |
| | | |
Fix ps port output
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When defining multiple ports (same src/dst) like `-p 80:80 -p 443:443`
then podman will not show the complete output on `podman ps` (only
`0.0.0.0:80->80/tcp` in the example). This also applies to port ranges.
This patch refactors the port loop by pre-checking for ranges and
displaying them correctly to the end user.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
|
|\ \ \
| |_|/
|/| | |
Tests: Fix common flakes, and improve apiv2 test log
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
- apiv2 - the 'ten /info requests' test is flaking often,
taking ~8 seconds (our limit is 7, up from 5 a few weeks
ago). Brent suggested that the first /info call might be
expensive, because it needs to access storage. So, let's
prime it by running one /info outside the timing loop.
And, because even that continues to fail, bump it up
to 10 seconds and file #8076 to track the slowdown.
- toolbox test - WaitForReady() has timed out, even on one
occasion causing a run failure because it failed 3 times.
Solution: bump up timeout from 2s to 5s. Not really great,
but CI systems are underpowered, and it's not unreasonable
that 2s might be too low.
- sdnotify test - add a 'podman wait' between stop & rm.
This may prevent a "cannot rm container as it is running"
race condition.
While working on this, Brent and I noticed a few ways that
test-apiv2 logging can be improved:
- test name: when request is POST, display the jsonified
parameters, not the original input ones. This should
make it much easier to reproduce failures.
- use curl's "--write-out" option to capture http code,
content type, and request time. We were getting the
first two via grep from logged headers; this is cleaner.
And there was no other way to get timing. We now include
the timing as X-Response-Time in the log file.
- abort on *any* curl error, not just 7 (cannot connect).
Any error at all from curl is bad news.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| | | |
| | | | |
Retrieve network inspect info from dependency container
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
When a container either joins a pod that shares the network
namespace or uses `--net=container:` to share the network
namespace of another container, it does not have its own copy of
the CNI results used to generate `podman inspect` output. As
such, to inspect these containers, we should be going to the
container we share the namespace with for network info.
Fixes #8073
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
|\ \ \
| | | |
| | | | |
--tls-verify and --authfile should work for all remote commands
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
These options are now fully supported in the remote API and should no
longer be hidden and/or documented as non supported.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |_|/ /
|/| | | |
Ensure that hostname is added to hosts with net=host
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
When a container uses --net=host the default hostname is set to
the host's hostname. However, we were not creating any entries
in `/etc/hosts` despite having a hostname, which is incorrect.
This hostname, for Docker compat, will always be the hostname of
the host system, not the container, and will be assigned to IP
127.0.1.1 (not the standard localhost address).
Also, when `--hostname` and `--net=host` are both passed, still
use the hostname from `--hostname`, not the host's hostname (we
still use the host's hostname by default in this case if the
`--hostname` flag is not passed).
Fixes #8054
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |_|/
|/| |
| | |
| | | |
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, using an invalid image name would produce an error like
this:
Error: error encountered while bringing up pod test-pod-0: invalid reference format
This message didn't specify that there was an problem with an image
name, and it didn't specify which image name had a problem if there were
multiple. Now the error reads:
Error: error encountered while bringing up pod test-pod-0: Failed to parse image "./myimage": invalid reference format
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|\ \
| |/
|/| |
Fix panic when runlabel is missing
|
| |
| |
| |
| | |
Signed-off-by: zhangguanzhang <zhangguanzhang@qq.com>
|
|/
|
|
| |
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
|\
| |
| | |
Setup HOME environment when using --userns=keep-id
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the HOME environment is set to /root if
the user does not override it.
Also walk the parent directories of users homedir
to see if it is volume mounted into the container,
if yes, then set it correctly.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
| |
* system df
* events
* fix error handling from go routine
* update tests to use gomega matchers for better error messages
* system info
* version
* volume inspect
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\
| |
| | |
Add support for resource limits to play kube
|
| |
| |
| |
| | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
|\ \
| | |
| | | |
tests/e2e: Add Toolbox-specific test cases
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In the past, Toolbox[0] has been affected by several of Podman's
bugs/changes of behaviour. This is one of the steps to assure that as
Podman progresses, Podman itself and subsequently Toolbox do not regress.
One of the other steps is including Toolbox's system tests in Podman's
gating systems (which and to what extent is yet to be decided on).
The tests are trying to stress parts of Podman that Toolbox needs for
its functionality: permission to handle some system files, correct
values/permissions/limits in certain parts, management of users and
groups, mounting of paths,.. The list is most likely longer and
therefore more commits will be needed to control every aspect of the
Toolbox/Podman relationship :).
Some test cases in test/e2e/toolbox_test.go rely on some tools being
present in the base image[1]. That is not the case with the common
ALPINE image or the basic Fedora image.
Some tests might be duplicates of already existing tests. I'm more in
favour of having those duplicates. Thanks to that it will be clear what
functionality/behaviour Toolbox requires.
[0] https://github.com/containers/toolbox
[1] https://github.com/containers/toolbox/#image-requirements
Signed-off-by: Ondřej Míchal <harrymichal@seznam.cz>
|
|\ \ \
| | | |
| | | | |
Include CNI networks in inspect output when not running
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We were only including the CNI Network fields in the output of
`podman inspect` when the container was not running. It's simple
enough to fix (populate with empty structs, since we can't fill
anything without a CNI response to get IP address assigned, etc).
This is necessary for Docker compatibility.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \
| |/ /
|/| | |
Search repository tags using --list-tags
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
For fix of BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1684263
Add --list-tags to podman search to return a table the repository tags.
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Restore --format table...
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Following commands:
* systemd generate
* networks inspect
* pod stats
* Fixed test where format was quoted and then quoted again
* Fixed bug where output never printed '--' on missed reads
* pod ps
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| | | |
| | | | |
Port V1 --format table to V2 podman
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
* volume ls
* container ps
* updated broken tests when skip removed
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \
| |_|/
|/| | |
This PR allows users to remove external containers directly
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currenly if a user specifies the name or ID of an external storage
container, we report an error to them.
buildah from scratch
working-container-2
podman rm working-container-2
Error: no container with name or ID working-container-2 found: no such container
Since the user specified the correct name and the container is in storage we
force them to specify --storage to remove it. This is a bad experience for the
user.
This change will just remove the container from storage. If the container
is known by libpod, it will remove the container from libpod as well.
The podman rm --storage option has been deprecated, and removed from docs.
Also cleaned documented options that are not available to podman-remote.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | |
| | | |
| | | | |
andylibrian/kube-generate-support-resource-limits-7855
Add support for resource cpu limit to generate kube
|
| | |/
| |/|
| | |
| | |
| | |
| | | |
fixes #7855
Signed-off-by: Andy Librian <andylibrian@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Enable k8s configmaps as flags for play kube
|
| | |
| | |
| | |
| | | |
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
|
|\ \ \
| | | |
| | | | |
Ports given only by number should have random host port
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In Podman 1.9.3, `podman run -p 80` would assign port 80 in the
container to a random port on the host. In Podman 2.0 and up, it
assigned Port 80 in the container to Port 80 on the host. This is
an easy fix, fortunately - just need to remove the bit that
assumed host port, if not given, should be set to container port.
We also had a test for the bad behavior, so fix it to test for
the correct way of doing things.
Fixes #7947
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\ \ \ \
| | | | |
| | | | | |
Restore V1 --format "table..." support
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
* 'containers mount'
* 'image history'
* 'images mount'
* 'images search'
* Correct spelling errors
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
|\ \ \ \
| |_|_|/
|/| | | |
Move pod jobs to parallel execution
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | | |
Ensure that we actually print the output of all commands when
cleaning up the results of the E2E tests.
Signed-off-by: Matthew Heon <mheon@redhat.com>
|