| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
System tests: cleanup in --format test
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Followup to #15673 (--format with newlines). I cobbled up a test
for it, but I was sloppy, so the test had issues that I kept
having to band-aid. This is a cleaner way to handle podman-machine.
...and, another unexpected surprise with podman stats. It
fails under rootless cgroupsv1. We can't sweep it under the
rug via skip_if_ubuntu because tests will then fail on RHEL8.
So, add a similar mechanism for testing podman stats.
...plus a non-surprise, the 'search' test flakes. Try minimizing
that by searching only $IMAGE. If quay.io is down, other tests
will certainly fail.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Three tests were running 'container rm' on 'start'ed containers
that might not yet have exited. Fix. Also, tighten up the
tests themselves, to make even more sure that they test
what they're supposed to test.
Discovered, in CI, that 'podman-remote logs --timestamps'
was unimplemented. Thanks to @Luap99 for the fix to that.
Fixes: #15783
Fixes: #15795
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Fix go template parsing with "\n" in it
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This version does a much better job of error reporting and also catches
more commands.
Changes from edsantiago.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Now that commit d10e77e1bcd2 is merged, it will reuse the same template
logic as inspect and therefore should just work.
Also remove the FIXME from eds test.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the podman command --format output code uses a mix of
report.Formatter and report.Template.
I patched report.Formatter to correctly handle newlines[1]. Since we
cannot fix this with report.Template we have to migrate all users to
report.Formatter. This ensures consistent behavior for all commands.
This change does not change the output.
[1] https://github.com/containers/common/pull/1146
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the podman command --format output code uses a mix of
report.Formatter and report.Template.
I patched report.Formatter to correctly handle newlines[1]. Since we
cannot fix this with report.Template we have to migrate all users to
report.Formatter. This ensures consistent behavior for all commands.
This change does not change the output.
[1] https://github.com/containers/common/pull/1146
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently the podman command --format output code uses a mix of
report.Formatter and report.Template.
I patched report.Formatter to correctly handle newlines[1]. Since we
cannot fix this with report.Template we have to migrate all users to
report.Formatter. This ensures consistent behavior for all commands.
This change does not change the output.
[1] https://github.com/containers/common/pull/1146
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| | |
| | | |
TEMPORARY: instrumenting for 15488
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Trying to catch the wiley metacopy flake: add a debug
condition to run_podman, in system tests, to log all
instances in which output includes the metacopy warning.
The idea is to detect the very first time it happens,
and see what is triggering it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| | | |
| | | | |
health checks: restart timers
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Restart the health-check timers instead of starting them. This will
surpress annoying errors stating that an already running timer cannot be
started anymore.
Also make sure that the transient units/timers are stopped and removed
when stopping a container.
Fixes: #15691
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Ensure that the DF endpoint updated volume refcount
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The field was already exposed already in the `system df` output
so this just required a bit of plumbing and testing.
As part of this, fix `podman systemd df` volume in-use logic.
Previously, volumes were only considered to be in use if the
container using them was running. This does not match Docker's
behavior, where a volume is considered in use as long as a
container exists that uses the volume, even if said container is
not running.
Fixes #15720
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Emit a warning to the user when generating a unit with --new on a
container that was created with a custom --restart policy. As shown
in #15284, a custom --restart policy in that case can lead to issues
on system shutdown where systemd attempts to nuke the unit but Podman
keeps on restarting the container.
Fixes: #15284
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
- basic : add actual log-level tests
- events : clean up, add --format tests
- systemd : reorder proxy args for legibility
- auto-update : fix missing timeout that could lead to hang
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
In order to display all events we have to read until the event channel
is closed.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
podman --events-backend none events should return with an error since it
will never be able to actually list events.
Fixes part three of #15688
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
podman --events-backend file events --stream=false should never hang. The
problem is that our tail library will wait for the file to be created
which makes sense when we do not run with --stream=false. To fix this we
can just always create the file when the logger is initialized. This
would also help to report errors early on in case the file is not
accessible.
Fixes part one from #15688
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Podman adds an Error: to every error message. So starting an error
message with "error" ends up being reported to the user as
Error: error ...
This patch removes the stutter.
Also ioutil.ReadFile errors report the Path, so wrapping the err message
with the path causes a stutter.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
health check: add on-failure actions
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For systems that have extreme robustness requirements (edge devices,
particularly those in difficult to access environments), it is important
that applications continue running in all circumstances. When the
application fails, Podman must restart it automatically to provide this
robustness. Otherwise, these devices may require customer IT to
physically gain access to restart, which can be prohibitively difficult.
Add a new `--on-failure` flag that supports four actions:
- **none**: Take no action.
- **kill**: Kill the container.
- **restart**: Restart the container. Do not combine the `restart`
action with the `--restart` flag. When running inside of
a systemd unit, consider using the `kill` or `stop`
action instead to make use of systemd's restart policy.
- **stop**: Stop the container.
To remain backwards compatible, **none** is the default action.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |\ \
| | |
| | | |
system tests for update
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The e2e tests are incomplete, because they're just too hard
for any human to read/maintain. This defines tests in a
table, so they're easily reviewed and updated. This makes
it very easy to see which options are actually tested and
which are not, under root/rootless cgroups v1/v2.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \ \
| | | |
| | | | |
Update buildah and c/common to latest
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This commit was automatically cherry-picked
by buildah-vendor-treadmill v0.3
from the buildah vendor treadmill PR, #13808
Changes since 2022-08-16:
- buildah 4139: minor line-number changes to the diff
file because helpers.bash got edited
- buildah 4190: skip the new test if remote
- buildah 4195: add --retry / --retry-delay
- changes to deal with vendoring gomega, units
- changes to the podman login error message in system test
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |/ /
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/14767
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
--debug should not be a global flag, you can only use this as podman
--debug never podman ps --debug. This matches docker and allows us to
add the shorthand "D" since they now no longer conflict.
Fixes changes from commit 2d30b4dee596 which claims to add -D but never
did.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \
| | |
| | | |
system tests: fix systemd tests in proxy environment
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Under proxy environment, we need to add
proxy environment variables.
Related to: #15639
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \ \
| |/ /
|/| | |
Closes #15617: emit container labels for container exited and exec died events
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
- adds unit test for container labels on container die event
- implements #15617
Signed-off-by: Harald Albrecht <harald.albrecht@gmx.net>
|
| |\ \ \
| |/ /
|/| | |
Support auto updates for Kubernetes workloads
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add auto-update support to `podman kube play`. Auto-update policies can
be configured for:
* the entire pod via the `io.containers.autoupdate` annotation
* a specific container via the `io.containers.autoupdate/$name` annotation
To make use of rollbacks, the `io.containers.sdnotify` policy should be
set to `container` such that the workload running _inside_ the container
can send the READY message via the NOTIFY_SOCKET once ready. For
further details on auto updates and rollbacks, please refer to the
specific article [1].
Since auto updates and rollbacks bases on Podman's systemd integration,
the k8s YAML must be executed in the `podman-kube@` systemd template.
For further details on how to run k8s YAML in systemd via Podman, please
refer to the specific article [2].
An examplary k8s YAML may look as follows:
```YAML
apiVersion: v1
kind: Pod
metadata:
annotations:
io.containers.autoupdate: "local"
io.containers.autoupdate/b: "registry"
labels:
app: test
name: test_pod
spec:
containers:
- command:
- top
image: alpine
name: a
- command:
- top
image: alpine
name: b
```
[1] https://www.redhat.com/sysadmin/podman-auto-updates-rollbacks
[2] https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
Some system tests in `255-auto-update.bats` and `500-networking.bats`
fail under proxy environment.
This PR fixes this problem.
Signed-off-by: Tsubasa Watanabe <w.tsubasa@fujitsu.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
See https://github.com/containers/conmon/pull/352
As of a few days ago, Ubuntu still hadn't built a fixed conmon.
Just skip the test until we get a fixed Ubuntu or until we
figure out a better solution to the test-something-RHEL8ish
problem.
UPDATE: WEIRD: this 'skip' triggered a baffling failure
on Ubuntu: the "Kubernetes only allows 63 characters"
warning message stopped appearing, on Ubuntu only, which
then caused the kube-generate tests to fail because they
actually checked for that. The message doesn't appear
because generate-kube is no longer spitting out a line
for org.opencontainers.image.base.digest/CONTAINER.
(Why this line is gone, I don't know, and choose not
to investigate). Solution: stop checking for the kube-63
warning. It's just not that important.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
| |
Emit untag events for each tag when removing an image.
Fixes: #15485
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
| |
Misspellings, broken code, missing tests
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
| |
Fixes: https://github.com/containers/podman/issues/15430
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
podman kube play/down --read from URL
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
`podman kube play` can create pods and containers from YAML
read from a URL poiniting to a YAML file.
For example: `podman kube play https://example.com/demo.yml`.
`podman kube down` can also teardown pods and containers created
from that YAML file by also reading YAML from a URL, provided the
YAML file the URL points to has not been changed or altered since
it was used to create pods and containers
Closes #14955
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When an unsupported limit on cgroups V1 rootless systems
is requested, podman prints an warning message and
ignores the option/flag.
```
Target options/flags:
--cpu-period, --cpu-quota, --cpu-rt-period, --cpu-rt-runtime,
--cpus, --cpu-shares, --cpuset-cpus, --cpuset-mems, --memory,
--memory-reservation, --memory-swap, --memory-swappiness,
--blkio-weight, --device-read-bps, --device-write-bps,
--device-read-iops, --device-write-iops, --blkio-weight-device
```
Related to https://github.com/containers/podman/discussions/10152
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This exposed a nasty bug in our system-test setup: Ubuntu (runc)
was writing a scratch containers.conf file, and setting CONTAINERS_CONF
to point to it. This was well-intentionedly introduced in #10199 as
part of our long sad history of not testing runc. What I did not
understand at that time is that CONTAINERS_CONF is **dangerous**:
it does not mean "I will read standard containers.conf and then
override", it means "I will **IGNORE** standard containers.conf
and use only the settings in this file"! So on Ubuntu we were
losing all the default settings: capabilities, sysctls, all.
Yes, this is documented in containers.conf(5) but it is such
a huge violation of POLA that I need to repeat it.
In #14972, as yet another attempt to fix our runc crisis, I
introduced a new runc-override mechanism: create a custom
/etc/containers/containers.conf when OCI_RUNTIME=runc.
Unlike the CONTAINERS_CONF envariable, the /etc file
actually means what you think it means: "read the default
file first, then override with the /etc file contents".
I.e., we get the desired defaults. But I didn't remember
this helpers.bash workaround, so our runc testing has
actually been flawed: we have not been testing with
the system containers.conf. This commit removes the
no-longer-needed and never-actually-wanted workaround,
and by virtue of testing the cap-drops in kube generate,
we add a regression test to make sure this never happens
again.
It's a little scary that we haven't been testing capabilities.
Also scary: this PR requires python, for converting yaml to json.
I think that should be safe: python3 'import yaml' and 'json'
works fine on a RHEL8.7 VM from 1minutetip.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Fix podman kube generate --help to show correct help message
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
| |
Run machine tests on every PR as label-driven machine test
triggering is currently hard to predict and debug.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Co-authored-by: Miloslav Trmač <mitr@redhat.com>
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #14613, which was never actually tested until this
week in RHEL8 gating tests (see issue #15337).
* add missing backslash in '|' expression
* allow extra text after error (e.g., "invalid argument")
No way to test this until it makes its way into RHEL8,
so, fingers crossed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Add compatibility support for --debug flag from docker
|
