summaryrefslogtreecommitdiff
path: root/test/system/200-pod.bats
Commit message (Collapse)AuthorAge
* pod: ps does not race with rmGiuseppe Scrivano2022-06-28
| | | | | | | | | | | | the "pod ps" command first retrieves the list of all pods, then iterates over the list to inspect each pod. This introduce a race since a pod could be deleted in the meanwhile by another process. Solve it by ignoring the define.ErrNoSuchPod error. Closes: https://github.com/containers/podman/issues/14736 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* podman cgroup enhancementcdoern2022-06-24
| | | | | | | | | | | currently, setting any sort of resource limit in a pod does nothing. With the newly refactored creation process in c/common, podman ca now set resources at a pod level meaning that resource related flags can now be exposed to podman pod create. cgroupfs and systemd are both supported with varying completion. cgroupfs is a much simpler process and one that is virtually complete for all resource types, the flags now just need to be added. systemd on the other hand has to be handeled via the dbus api meaning that the limits need to be passed as recognized properties to systemd. The properties added so far are the ones that podman pod create supports as well as `cpuset-mems` as this will be the next flag I work on. Signed-off-by: Charlie Doern <cdoern@redhat.com>
* Merge pull request #14333 from rhatdan/podOpenShift Merge Robot2022-05-25
|\ | | | | Allow podman pod create --share +pid
| * Allow podman pod create --share +pidDaniel J Walsh2022-05-24
| | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/13422 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Allow podman pod create to accept name argumentDaniel J Walsh2022-05-24
|/ | | | | | | | | | | | | I am constantly attempting to add the podname to the last argument to podman pod create. Allowing this makes it match podman volume create and podman network create. It does not match podman container create, since podman container create arguments specify the arguments to run with the container. Still need to support the --name option for backwards compatibility. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* play kube: service containerValentin Rothberg2022-05-12
| | | | | | | | | | | | | | | | | | | | Add the notion of a "service container" to play kube. A service container is started before the pods in play kube and is (reverse) linked to them. The service container is stopped/removed *after* all pods it is associated with are stopped/removed. In other words, a service container tracks the entire life cycle of a service started via `podman play kube`. This is required to enable `play kube` in a systemd unit file. The service container is only used when the `--service-container` flag is set on the CLI. This flag has been marked as hidden as it is not meant to be used outside the context of `play kube`. It is further not supported on the remote client. The wiring with systemd will be done in a later commit. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* pod: add exit policiesValentin Rothberg2022-05-02
| | | | | | | | | | | | | | | | | | | | | | | | Add the notion of an "exit policy" to a pod. This policy controls the behaviour when the last container of pod exits. Initially, there are two policies: - "continue" : the pod continues running. This is the default policy when creating a pod. - "stop" : stop the pod when the last container exits. This is the default behaviour for `play kube`. In order to implement the deferred stop of a pod, add a worker queue to the libpod runtime. The queue will pick up work items and in this case helps resolve dead locks that would otherwise occur if we attempted to stop a pod during container cleanup. Note that the default restart policy of `play kube` is "Always". Hence, in order to really solve #13464, the YAML files must set a custom restart policy; the tests use "OnFailure". Fixes: #13464 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Report properly whether pod shares host networkDaniel J Walsh2022-04-28
| | | | | | Fixes: https://github.com/containers/podman/issues/14028 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* use etchosts package from c/commonPaul Holzinger2022-04-22
| | | | | | | | | | | | | | | | | | | | Use the new logic from c/common to create the hosts file. This will help to better allign the hosts files between buildah and podman. Also this fixes several bugs: - remove host entries when container is stopped and has a netNsCtr - add entries for containers in a pod - do not duplicate entries in the hosts file - use the correct slirp ip when an userns is used Features: - configure host.containers.internal entry in containers.conf - configure base hosts file in containers.conf Fixes #12003 Fixes #13224 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Merge pull request #13935 from edsantiago/bats_assertOpenShift Merge Robot2022-04-22
|\ | | | | system tests: add assert(), and start using it
| * system tests: add assert(), and start using itEd Santiago2022-04-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Problem: the system test 'is()' checker was poorly thought out. For example, there is no way to check for inequality or for absence of a substring. Solution, step 1: introduce new assert(), copied almost verbatim from buildah, where it has been successful in addressing the gaps in is(). The logical next step is to search the tests for 'die' and for 'run', looking for negative assertions which we can replace with assert(). There were a lot, and in the process I found a number of ugly bugs in the tests themselves. I've taken the liberty of fixing these. Important note: at this time we have both assert() and is(). Replacing all instances of is() would be impossible to review. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Revert "container,inspect: convert Entrypoint to array instead of a string"Aditya R2022-04-22
|/ | | | | | | | | | | | | | It seems this breaks older version of `podman-remote` users hence it looks like this patch would be a better candidate for podman `5.0` Problem * Client with `4.0` cannot interact with a server of `4.1` Plan this patch for podman `5.0` This reverts commit 0cebd158b6d8da1828b1255982e27fe9224310d0. Signed-off-by: Aditya R <arajan@redhat.com>
* container,inspect: convert Entrypoint to array instead of a stringAditya R2022-04-08
| | | | | | | Convert container entrypoint from string to an array inorder to make sure there is parity between `podman inspect` and `docker inspect` Signed-off-by: Aditya R <arajan@redhat.com>
* pod system tests: clean up stray imageEd Santiago2022-03-21
| | | | | | | | | | One of the pod tests was leaving a stray image behind, causing scary red warnings in CI logs. Clean that up. Also, now that #13541 has merged, use 'rmi --ignore' instead of ignoring exit status from rmi Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman create: building local pause image: do not read ignore filesValentin Rothberg2022-03-17
| | | | | | | | | Make sure to ignore local {container,docker}ignore files when building a local pause image. Otherwise, we may mistakenly not be able to copy catatonit into the build container. Fixes: #13529 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
* Merge pull request #12930 from cdoern/podCgroupOpenShift Merge Robot2022-02-04
|\ | | | | Podman pod create --share-parent vs --share=cgroup
| * Podman pod create --share-parent vs --share=cgroupcdoern2022-02-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | separated cgroupNS sharing from setting the pod as the cgroup parent, made a new flag --share-parent which sets the pod as the cgroup parent for all containers entering the pod remove cgroup from the default kernel namespaces since we want the same default behavior as before which is just the cgroup parent. resolves #12765 Signed-off-by: cdoern <cdoern@redhat.com> Signed-off-by: cdoern <cbdoer23@g.holycross.edu> Signed-off-by: cdoern <cdoern@redhat.com>
* | Fix use of infra image to clarify defaultDaniel J Walsh2022-01-31
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* podman container rm: remove podValentin Rothberg2022-01-13
| | | | | | | | Support removing the entire pod when --depend is used on an infra container. --all now implies --depend to properly support removing all containers and not error out when hitting infra containers. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Add --noout option to prevent the output of idsDaniel J Walsh2022-01-12
| | | | | | Fixes: https://github.com/containers/podman/issues/11515 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Use the InfraImage defined in containers.confDaniel J Walsh2022-01-10
| | | | | | | | | Remove hard code use of the DefaultInfraImage and rely on getting this from containers.conf. Fixes: https://github.com/containers/podman/issues/12771 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* --hostname should be set when using --pod new:foobarDaniel J Walsh2021-12-09
| | | | | | | | | | | | Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2030599 When you create pod, it shares the UTS namespace with Containers. Currently the --hostname is not passed to the pod created when you create a container and pod in the same command. Also fix error message on supported --share flags Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System tests: remove rm_pause_image()Ed Santiago2021-12-09
| | | | | | | | ...it's not needed: teardown() already does it. Or, it would, if it had been updated to deal with the new pause image naming convention, which I've just done. Signed-off-by: Ed Santiago <santiago@redhat.com>
* pod create: read infra image from containers.confValentin Rothberg2021-11-10
| | | | | | | | | Fix a bug where pods would be created with the hard-coded default infra image instead of the custom one from containers.conf. Add a simple regression test. Fixes: #12245 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* pod create: remove need for pause imageValentin Rothberg2021-10-26
| | | | | | | | | So far, the infra containers of pods required pulling down an image rendering pods not usable in disconnected environments. Instead, build an image locally which uses local pause binary. Fixes: #10354 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Add --time out for podman * rm -f commandsDaniel J Walsh2021-10-04
| | | | | | | | | Add --time flag to podman container rm Add --time flag to podman pod rm Add --time flag to podman volume rm Add --time flag to podman network rm Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* system tests: new random_free_port helperEd Santiago2021-09-08
| | | | | | | Picks a pseudorandom open port within a range. Refactor existing instances of such code. Signed-off-by: Ed Santiago <santiago@redhat.com>
* --infra-name command line argumentJosé Guilherme Vanz2021-07-15
| | | | | | | | | Adds the new --infra-name command line argument allowing users to define the name of the infra container Issue #10794 Signed-off-by: José Guilherme Vanz <jvanz@jvanz.com>
* Add --noheading flag to all list commandsDaniel J Walsh2021-04-21
| | | | | | | | | | Currently we have only podman images list --noheading. This PR Adds this option to volumes, containers, pods, networks, machines, and secrets. Fixes: https://github.com/containers/podman/issues/10065 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System tests: reenable a bunch of skipped testsEd Santiago2021-03-20
| | | | | | | | Checking for 'skip.*[0-9]{4,5}', and checking status on said issues, finds several that have been closed. Let's see if they're really fixed. Signed-off-by: Ed Santiago <santiago@redhat.com>
* BATS: add ping testEd Santiago2020-12-01
| | | | | | | | | | | | | | | | | | | - run test : tweaks to recently-added network-conflict test: * remove "-d" in run * confirm exact warning text, and also that container runs successfully * test multiple --net options (regression #8057) - images, run, build, exec tests: add multiple-flag testing for various flags, confirming as appropriate whether options are overridden or accumulated. - ps test : add --filter and --sort tests - pod test: run 'ping' inside container (confirms that container gets PING capability) Signed-off-by: Ed Santiago <santiago@redhat.com>
* Pod's that share the IPC Namespace need to share /dev/shmDaniel J Walsh2020-10-30
| | | | | | | | | | | | | Containers that share IPC Namespaces share each others /dev/shm, which means a private /dev/shm needs to be setup for the infra container. Added a system test and an e2e test to make sure the /dev/shm is shared. Fixes: https://github.com/containers/podman/issues/8181 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* System test additionsEd Santiago2020-10-14
| | | | | | | | | | | | | | | | | | | | | | | | - run --userns=keep-id: confirm that $HOME gets set (#8013) - inspect: confirm that JSON output is a sane number of lines (10 or more), not an unreadable one-liner (#8011 and #8021). Do so with image, pod, network, volume because the code paths might be different. - cgroups: confirm that 'run' preserves cgroup manager (#7970) - sdnotify: reenable tests, and hope CI doesn't hang. This test was disabled on August 18 because CI jobs were hanging and timing out. My suspicion was that it was #7316, which in turn seems to have hinged on conmon #182. The latter was merged on Sep 16, so let's cross our fingers and see what happens. Also: remove inaccurate warning from a networking test. And, wow, fix is_cgroupsv2(), it has never actually worked. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: new testsEd Santiago2020-09-19
| | | | | | | | | | | | | | | | | | | | | - podman network create: new test - podman pull by-sha + podman images -a (#7651) - podman image mount: new test - podman pod: --infra-image and --infra-command (#7167) For convenience and robustness, build a new testimage containing a custom file /home/podman/testimage-id with contents YYYYMMDD (same as image tag). The image-mount test checks that this file exists and has the desired content. New testimage also includes a dummy 'pause' executable, for testing pod infra. Updates from testimage:20200902 to :20200917 Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests: enable more remote tests; cleanupEd Santiago2020-08-19
| | | | | | | | | | | | | | | | | | | | | | | | info, images, run, networking tests: remove some skip_if_remote()s that were added in the varlink days. All of these tests now seem to work with APIv2. help test: check that first output line from 'podman --help' is the program description (regression check for #7273). load test: clean up stray images, rewrite test to make it conform to existing convention. In the process, discover and file #7337 exec test (and networking): file #7360, and add FIXME comment to skip()s suggesting evaluating those tests once that is fixed. pod test: now that #6328 is fixed, use 'podman pod inspect --format' instead of relying on jq Various other tests: add an explanation of why test is disabled so we can more easily distinguish "this will never be meaningful under remote" vs "hey, doesn't work for now, but maybe someday". Signed-off-by: Ed Santiago <santiago@redhat.com>
* Handle podman-remote run --rmDaniel J Walsh2020-08-04
| | | | | | | | We need to remove the container after it has exited for podman-remote run --rm commands. If we don't remove this container at this step, we open ourselves up to race conditions. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Reenable remote system testsEd Santiago2020-08-03
| | | | | | | | | | | | | | | | | | | podman-remote is in better shape now. Let's see what needs to be done to reenable remote system tests. - logs test: skip multilog, it doesn't work remote - diff test: use -l only when local, not with remote - many other tests: skip_if_remote, with 'FIXME: pending #xxxx' where xxxx is a filed issue. Unrelated: added new helper to skip_if_remote and _if_rootless, where we check if the source message includes "remote"/"rootless" and insert it if missing. This is a minor usability enhancement to make it easier to understand at-a-glance why a skip triggers. Signed-off-by: Ed Santiago <santiago@redhat.com>
* Error on rootless mac and ip addressesBrent Baude2020-07-15
| | | | | | | | When creating a pod or container where a static MAC or IP address is provided, we should return a proper error and exit as 125. Fixes: #6972 Signed-off-by: Brent Baude <bbaude@redhat.com>
* system tests: add pod, inspect testingEd Santiago2020-06-26
| | | | | | | | | | | | | | | | Followup to #6761: confirm that 'podman ps' shows the ports on a running container in a pod created with -p (not to be confused with the container itself running with -p, tested in 500-networking.bats). While we're at it, test that the port handling itself works, by sending random text to the container and making sure the container receives it. Followup to #6752: 'podman inspect' should show multiple security opts Signed-off-by: Ed Santiago <santiago@redhat.com>
* BATS and APIv2: more tests and tweaksEd Santiago2020-06-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | - (minor): apiv2 tests: check for full ID Observation made while reviewing #6461: tests were checking only for a 12-character container/image ID in return value. It's actually 64, and we should test for that. This should also minimize confusion in a future maintainer. - podman pause/unpause: new test Runs a 'date/sleep' loop, pauses container, sleeps 3s, restarts, then confirms that there's a 3- to 6-second gap in the logs for the container. - podman healthcheck: new test run a container with healthcheck, test both healthy and unhealthy conditions - podman pod: check '{{.Pod}}' field in podman ps Hey, as long as we have a pod with two running containers, might as well confirm that 'podman ps' returns the expected pod ID. Signed-off-by: Ed Santiago <santiago@redhat.com>
* system tests : more testsEd Santiago2020-06-01
| | | | | | | | | | | | | | - exec: add test for #5046, in which conmon swallowed chars on a large byte transfer - pod: add 'pod exists' tests, both positive and negative; consolidate tests; add '--label', and check in 'pod inspect' add 'pod ps' tests - networking: add test for #5466, in which detached run with --userns=keep-id would not forward a port Signed-off-by: Ed Santiago <santiago@redhat.com>
* Add --format to pod inspectBoaz Shuster2020-05-27
| | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* Enables iidfile test as issue fixed nowSujil022020-05-21
| | | | Signed-off-by: Sujil02 <sushah@redhat.com>
* system tests: more podman-pod testsEd Santiago2020-05-20
* rename pod-top.bats to pod.bats * add test for TCP port communication between pods * add test for various podman-pod-create options Signed-off-by: Ed Santiago <santiago@redhat.com>