From 2c5382ba981217ef751649302ad15ecd493a6e90 Mon Sep 17 00:00:00 2001 From: Anders F Björklund Date: Wed, 22 Sep 2021 12:29:24 +0200 Subject: Show cpus and memory in machine list MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [NO TESTS NEEDED] Signed-off-by: Anders F Björklund --- pkg/machine/config.go | 2 ++ pkg/machine/qemu/machine.go | 2 ++ 2 files changed, 4 insertions(+) (limited to 'pkg') diff --git a/pkg/machine/config.go b/pkg/machine/config.go index 8db2335aa..583eacbaa 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -58,6 +58,8 @@ type ListResponse struct { LastUp time.Time Running bool VMType string + CPUs uint64 + Memory uint64 } type SSHOptions struct { diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index b9b66c123..281a8b7a9 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -574,6 +574,8 @@ func GetVMInfos() ([]*machine.ListResponse, error) { listEntry.Name = vm.Name listEntry.VMType = "qemu" + listEntry.CPUs = vm.CPUs + listEntry.Memory = vm.Memory fi, err := os.Stat(fullPath) if err != nil { return err -- cgit v1.2.3-54-g00ecf From da67c719980ed7e64e168f74b01a2d9105c0b9d0 Mon Sep 17 00:00:00 2001 From: Anders F Björklund Date: Wed, 22 Sep 2021 12:29:28 +0200 Subject: Also show the (initial) disk size MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [NO TESTS NEEDED] Signed-off-by: Anders F Björklund --- cmd/podman/machine/list.go | 25 ++++++++++++++----------- pkg/machine/config.go | 1 + pkg/machine/qemu/config.go | 2 ++ pkg/machine/qemu/machine.go | 2 ++ 4 files changed, 19 insertions(+), 11 deletions(-) (limited to 'pkg') diff --git a/cmd/podman/machine/list.go b/cmd/podman/machine/list.go index b9dc62d6d..fe9d712e3 100644 --- a/cmd/podman/machine/list.go +++ b/cmd/podman/machine/list.go @@ -40,12 +40,13 @@ type listFlagType struct { } type machineReporter struct { - Name string - Created string - LastUp string - VMType string - CPUs uint64 - Memory string + Name string + Created string + LastUp string + VMType string + CPUs uint64 + Memory string + DiskSize string } func init() { @@ -56,7 +57,7 @@ func init() { flags := lsCmd.Flags() formatFlagName := "format" - flags.StringVar(&listFlag.format, formatFlagName, "{{.Name}}\t{{.VMType}}\t{{.Created}}\t{{.LastUp}}\t{{.CPUs}}\t{{.Memory}}\n", "Format volume output using Go template") + flags.StringVar(&listFlag.format, formatFlagName, "{{.Name}}\t{{.VMType}}\t{{.Created}}\t{{.LastUp}}\t{{.CPUs}}\t{{.Memory}}\t{{.DiskSize}}\n", "Format volume output using Go template") _ = lsCmd.RegisterFlagCompletionFunc(formatFlagName, completion.AutocompleteNone) flags.BoolVar(&listFlag.noHeading, "noheading", false, "Do not print headers") } @@ -87,10 +88,11 @@ func list(cmd *cobra.Command, args []string) error { func outputTemplate(cmd *cobra.Command, responses []*machineReporter) error { headers := report.Headers(machineReporter{}, map[string]string{ - "LastUp": "LAST UP", - "VmType": "VM TYPE", - "CPUs": "CPUS", - "Memory": "MEMORY", + "LastUp": "LAST UP", + "VmType": "VM TYPE", + "CPUs": "CPUS", + "Memory": "MEMORY", + "DiskSize": "DISK SIZE", }) row := report.NormalizeFormat(listFlag.format) @@ -142,6 +144,7 @@ func toHumanFormat(vms []*machine.ListResponse) ([]*machineReporter, error) { response.VMType = vm.VMType response.CPUs = vm.CPUs response.Memory = units.HumanSize(float64(vm.Memory) * units.MiB) + response.DiskSize = units.HumanSize(float64(vm.DiskSize) * units.GiB) humanResponses = append(humanResponses, response) } diff --git a/pkg/machine/config.go b/pkg/machine/config.go index 583eacbaa..3ff5c7fe7 100644 --- a/pkg/machine/config.go +++ b/pkg/machine/config.go @@ -60,6 +60,7 @@ type ListResponse struct { VMType string CPUs uint64 Memory uint64 + DiskSize uint64 } type SSHOptions struct { diff --git a/pkg/machine/qemu/config.go b/pkg/machine/qemu/config.go index 3d0fa4094..9f5f45b58 100644 --- a/pkg/machine/qemu/config.go +++ b/pkg/machine/qemu/config.go @@ -17,6 +17,8 @@ type MachineVM struct { ImagePath string // Memory in megabytes assigned to the vm Memory uint64 + // Disk size in gigabytes assigned to the vm + DiskSize uint64 // Name of the vm Name string // SSH port for user networking diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go index 281a8b7a9..d0f48da5f 100644 --- a/pkg/machine/qemu/machine.go +++ b/pkg/machine/qemu/machine.go @@ -64,6 +64,7 @@ func NewMachine(opts machine.InitOptions) (machine.VM, error) { vm.CPUs = opts.CPUS vm.Memory = opts.Memory + vm.DiskSize = opts.DiskSize // Look up the executable execPath, err := exec.LookPath(QemuCommand) @@ -576,6 +577,7 @@ func GetVMInfos() ([]*machine.ListResponse, error) { listEntry.VMType = "qemu" listEntry.CPUs = vm.CPUs listEntry.Memory = vm.Memory + listEntry.DiskSize = vm.DiskSize fi, err := os.Stat(fullPath) if err != nil { return err -- cgit v1.2.3-54-g00ecf From 0f87cfd288e48f55cb16e8ed8839485d22f0764c Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Wed, 22 Sep 2021 13:39:18 -0400 Subject: podman generate kube should not include images command If the command came from the underlying image, then we should not include it in the generate yaml file. Fixes: https://github.com/containers/podman/issues/11672 Signed-off-by: Daniel J Walsh --- libpod/kube.go | 33 +++++++++++++++++++++++---------- pkg/domain/infra/abi/generate.go | 8 ++++---- test/e2e/generate_kube_test.go | 39 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 66 insertions(+), 14 deletions(-) (limited to 'pkg') diff --git a/libpod/kube.go b/libpod/kube.go index af3b0916e..e6b9b0477 100644 --- a/libpod/kube.go +++ b/libpod/kube.go @@ -1,9 +1,11 @@ package libpod import ( + "context" "fmt" "math/rand" "os" + "reflect" "sort" "strconv" "strings" @@ -27,14 +29,14 @@ import ( // GenerateForKube takes a slice of libpod containers and generates // one v1.Pod description that includes just a single container. -func GenerateForKube(ctrs []*Container) (*v1.Pod, error) { +func GenerateForKube(ctx context.Context, ctrs []*Container) (*v1.Pod, error) { // Generate the v1.Pod yaml description - return simplePodWithV1Containers(ctrs) + return simplePodWithV1Containers(ctx, ctrs) } // GenerateForKube takes a slice of libpod containers and generates // one v1.Pod description -func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) { +func (p *Pod) GenerateForKube(ctx context.Context) (*v1.Pod, []v1.ServicePort, error) { // Generate the v1.Pod yaml description var ( ports []v1.ContainerPort //nolint @@ -78,7 +80,7 @@ func (p *Pod) GenerateForKube() (*v1.Pod, []v1.ServicePort, error) { servicePorts = containerPortsToServicePorts(ports) hostNetwork = infraContainer.NetworkMode() == string(namespaces.NetworkMode(specgen.Host)) } - pod, err := p.podWithContainers(allContainers, ports, hostNetwork) + pod, err := p.podWithContainers(ctx, allContainers, ports, hostNetwork) if err != nil { return nil, servicePorts, err } @@ -218,7 +220,7 @@ func containersToServicePorts(containers []v1.Container) []v1.ServicePort { return sps } -func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPort, hostNetwork bool) (*v1.Pod, error) { +func (p *Pod) podWithContainers(ctx context.Context, containers []*Container, ports []v1.ContainerPort, hostNetwork bool) (*v1.Pod, error) { deDupPodVolumes := make(map[string]*v1.Volume) first := true podContainers := make([]v1.Container, 0, len(containers)) @@ -239,7 +241,7 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor isInit := ctr.IsInitCtr() - ctr, volumes, _, err := containerToV1Container(ctr) + ctr, volumes, _, err := containerToV1Container(ctx, ctr) if err != nil { return nil, err } @@ -267,7 +269,7 @@ func (p *Pod) podWithContainers(containers []*Container, ports []v1.ContainerPor deDupPodVolumes[vol.Name] = &vol } } else { - _, _, infraDNS, err := containerToV1Container(ctr) + _, _, infraDNS, err := containerToV1Container(ctx, ctr) if err != nil { return nil, err } @@ -337,7 +339,7 @@ func newPodObject(podName string, annotations map[string]string, initCtrs, conta // simplePodWithV1Containers is a function used by inspect when kube yaml needs to be generated // for a single container. we "insert" that container description in a pod. -func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { +func simplePodWithV1Containers(ctx context.Context, ctrs []*Container) (*v1.Pod, error) { kubeCtrs := make([]v1.Container, 0, len(ctrs)) kubeInitCtrs := []v1.Container{} kubeVolumes := make([]v1.Volume, 0) @@ -355,7 +357,7 @@ func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { if !ctr.HostNetwork() { hostNetwork = false } - kubeCtr, kubeVols, ctrDNS, err := containerToV1Container(ctr) + kubeCtr, kubeVols, ctrDNS, err := containerToV1Container(ctx, ctr) if err != nil { return nil, err } @@ -411,7 +413,7 @@ func simplePodWithV1Containers(ctrs []*Container) (*v1.Pod, error) { // containerToV1Container converts information we know about a libpod container // to a V1.Container specification. -func containerToV1Container(c *Container) (v1.Container, []v1.Volume, *v1.PodDNSConfig, error) { +func containerToV1Container(ctx context.Context, c *Container) (v1.Container, []v1.Volume, *v1.PodDNSConfig, error) { kubeContainer := v1.Container{} kubeVolumes := []v1.Volume{} kubeSec, err := generateKubeSecurityContext(c) @@ -463,6 +465,17 @@ func containerToV1Container(c *Container) (v1.Container, []v1.Volume, *v1.PodDNS _, image := c.Image() kubeContainer.Image = image kubeContainer.Stdin = c.Stdin() + img, _, err := c.runtime.libimageRuntime.LookupImage(image, nil) + if err != nil { + return kubeContainer, kubeVolumes, nil, err + } + imgData, err := img.Inspect(ctx, false) + if err != nil { + return kubeContainer, kubeVolumes, nil, err + } + if reflect.DeepEqual(imgData.Config.Cmd, kubeContainer.Command) { + kubeContainer.Command = nil + } kubeContainer.WorkingDir = c.WorkingDir() kubeContainer.Ports = ports diff --git a/pkg/domain/infra/abi/generate.go b/pkg/domain/infra/abi/generate.go index 1e614ce58..081a2464b 100644 --- a/pkg/domain/infra/abi/generate.go +++ b/pkg/domain/infra/abi/generate.go @@ -107,7 +107,7 @@ func (ic *ContainerEngine) GenerateKube(ctx context.Context, nameOrIDs []string, // Generate kube pods and services from pods. if len(pods) >= 1 { - pos, svcs, err := getKubePods(pods, options.Service) + pos, svcs, err := getKubePods(ctx, pods, options.Service) if err != nil { return nil, err } @@ -120,7 +120,7 @@ func (ic *ContainerEngine) GenerateKube(ctx context.Context, nameOrIDs []string, // Generate the kube pods from containers. if len(ctrs) >= 1 { - po, err := libpod.GenerateForKube(ctrs) + po, err := libpod.GenerateForKube(ctx, ctrs) if err != nil { return nil, err } @@ -153,12 +153,12 @@ func (ic *ContainerEngine) GenerateKube(ctx context.Context, nameOrIDs []string, } // getKubePods returns kube pod and service YAML files from podman pods. -func getKubePods(pods []*libpod.Pod, getService bool) ([][]byte, [][]byte, error) { +func getKubePods(ctx context.Context, pods []*libpod.Pod, getService bool) ([][]byte, [][]byte, error) { pos := [][]byte{} svcs := [][]byte{} for _, p := range pods { - po, sp, err := p.GenerateForKube() + po, sp, err := p.GenerateForKube(ctx) if err != nil { return nil, nil, err } diff --git a/test/e2e/generate_kube_test.go b/test/e2e/generate_kube_test.go index bf89a0708..cb556991c 100644 --- a/test/e2e/generate_kube_test.go +++ b/test/e2e/generate_kube_test.go @@ -792,6 +792,45 @@ var _ = Describe("Podman generate kube", func() { Expect(containers[0].Args).To(Equal([]string{"10s"})) }) + It("podman generate kube - no command", func() { + session := podmanTest.Podman([]string{"create", "--name", "test", ALPINE}) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + kube := podmanTest.Podman([]string{"generate", "kube", "test"}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Now make sure that the container's command is not set to the + // entrypoint and it's arguments to "10s". + pod := new(v1.Pod) + err := yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + + containers := pod.Spec.Containers + Expect(len(containers)).To(Equal(1)) + Expect(len(containers[0].Command)).To(Equal(0)) + + cmd := []string{"echo", "hi"} + session = podmanTest.Podman(append([]string{"create", "--name", "test1", ALPINE}, cmd...)) + session.WaitWithDefaultTimeout() + Expect(session).Should(Exit(0)) + + kube = podmanTest.Podman([]string{"generate", "kube", "test1"}) + kube.WaitWithDefaultTimeout() + Expect(kube).Should(Exit(0)) + + // Now make sure that the container's command is not set to the + // entrypoint and it's arguments to "10s". + pod = new(v1.Pod) + err = yaml.Unmarshal(kube.Out.Contents(), pod) + Expect(err).To(BeNil()) + + containers = pod.Spec.Containers + Expect(len(containers)).To(Equal(1)) + Expect(containers[0].Command).To(Equal(cmd)) + }) + It("podman generate kube - use entrypoint from image", func() { // Build an image with an entrypoint. containerfile := `FROM quay.io/libpod/alpine:latest -- cgit v1.2.3-54-g00ecf From 5e9aa13dc03e022db91135be2cb001c35eef0d08 Mon Sep 17 00:00:00 2001 From: Sankalp Rangare Date: Thu, 16 Sep 2021 20:34:39 +0530 Subject: added healthcheck to ps command Signed-off-by: Sankalp Rangare --- cmd/podman/containers/ps.go | 4 ++++ pkg/ps/ps.go | 7 +++++++ test/e2e/healthcheck_run_test.go | 5 +++++ 3 files changed, 16 insertions(+) (limited to 'pkg') diff --git a/cmd/podman/containers/ps.go b/cmd/podman/containers/ps.go index 2566c57de..920ad0d4a 100644 --- a/cmd/podman/containers/ps.go +++ b/cmd/podman/containers/ps.go @@ -375,6 +375,10 @@ func (l psReporter) State() string { // Status is a synonym for State() func (l psReporter) Status() string { + hc := l.ListContainer.Status + if hc != "" { + return l.State() + " (" + hc + ")" + } return l.State() } diff --git a/pkg/ps/ps.go b/pkg/ps/ps.go index 54079baa1..e65400555 100644 --- a/pkg/ps/ps.go +++ b/pkg/ps/ps.go @@ -241,6 +241,13 @@ func ListContainerBatch(rt *libpod.Runtime, ctr *libpod.Container, opts entities UTS: uts, } } + + if hc, err := ctr.HealthCheckStatus(); err == nil { + ps.Status = hc + } else { + logrus.Debug(err) + } + return ps, nil } diff --git a/test/e2e/healthcheck_run_test.go b/test/e2e/healthcheck_run_test.go index 1445a634b..b30e8b810 100644 --- a/test/e2e/healthcheck_run_test.go +++ b/test/e2e/healthcheck_run_test.go @@ -80,6 +80,11 @@ var _ = Describe("Podman healthcheck run", func() { time.Sleep(1 * time.Second) } Expect(exitCode).To(Equal(0)) + + ps := podmanTest.Podman([]string{"ps"}) + ps.WaitWithDefaultTimeout() + Expect(ps).Should(Exit(0)) + Expect(ps.OutputToString()).To(ContainSubstring("(healthy)")) }) It("podman healthcheck that should fail", func() { -- cgit v1.2.3-54-g00ecf From 7395459c761a1bc03448d2c81a887014d04da9d1 Mon Sep 17 00:00:00 2001 From: Paul Holzinger Date: Mon, 27 Sep 2021 10:15:18 +0200 Subject: podman machine: do not join userns The go logic already prevents podman from joining the userns for machine commands but the c shortcut code did not. [NO TESTS NEEDED] Fixes #11731 Signed-off-by: Paul Holzinger --- pkg/rootless/rootless_linux.c | 1 + 1 file changed, 1 insertion(+) (limited to 'pkg') diff --git a/pkg/rootless/rootless_linux.c b/pkg/rootless/rootless_linux.c index 4d8443fcb..6ce4b1e29 100644 --- a/pkg/rootless/rootless_linux.c +++ b/pkg/rootless/rootless_linux.c @@ -212,6 +212,7 @@ can_use_shortcut () continue; if (strcmp (argv[argc], "mount") == 0 + || strcmp (argv[argc], "machine") == 0 || strcmp (argv[argc], "search") == 0 || (strcmp (argv[argc], "system") == 0 && argv[argc+1] && strcmp (argv[argc+1], "service") != 0)) { -- cgit v1.2.3-54-g00ecf From 7bfc5250d82e540757e205b81d8d68d79875ee2d Mon Sep 17 00:00:00 2001 From: Nalin Dahyabhai Date: Mon, 27 Sep 2021 09:23:04 -0400 Subject: remote build: EvalSymlinks() the context directory Use EvalSymlinks() to find the context directory, in case there's shenanigans. Signed-off-by: Nalin Dahyabhai --- pkg/bindings/images/build.go | 3 +++ test/system/070-build.bats | 9 +++++++++ 2 files changed, 12 insertions(+) (limited to 'pkg') diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 9d5aad23b..4d667d90a 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -230,6 +230,9 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO params.Add("platform", platform) } } + if contextDir, err := filepath.EvalSymlinks(options.ContextDirectory); err == nil { + options.ContextDirectory = contextDir + } params.Set("pullpolicy", options.PullPolicy.String()) diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 0e1396fc6..3faa260e1 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -956,6 +956,15 @@ EOF run_podman build -t build_test $tmpdir } +@test "podman build build context is a symlink to a directory" { + tmpdir=$PODMAN_TMPDIR/build-test + mkdir -p $tmpdir/target + ln -s target $tmpdir/link + echo FROM alpine > $tmpdir/link/Dockerfile + echo RUN echo hello >> $tmpdir/link/Dockerfile + run_podman build -t build_test $tmpdir/link +} + function teardown() { # A timeout or other error in 'build' can leave behind stale images # that podman can't even see and which will cascade into subsequent -- cgit v1.2.3-54-g00ecf From b3af5a92cc710724471285fe3aa06205323a3c24 Mon Sep 17 00:00:00 2001 From: Aditya Rajan Date: Mon, 27 Sep 2021 15:17:38 +0530 Subject: stop: Do nothing if container was never created in runtime Following commit ensures we silently return container id on `stop` if container was never created in OCI runtime. Following behaviour ensures that we are in parity with docker. Signed-off-by: Aditya Rajan --- pkg/domain/infra/abi/containers.go | 4 ++++ test/e2e/stop_test.go | 11 +++++++++++ 2 files changed, 15 insertions(+) (limited to 'pkg') diff --git a/pkg/domain/infra/abi/containers.go b/pkg/domain/infra/abi/containers.go index affed64d1..774362d03 100644 --- a/pkg/domain/infra/abi/containers.go +++ b/pkg/domain/infra/abi/containers.go @@ -169,6 +169,10 @@ func (ic *ContainerEngine) ContainerStop(ctx context.Context, namesOrIds []strin logrus.Debugf("Container %s is already stopped", c.ID()) case options.All && errors.Cause(err) == define.ErrCtrStateInvalid: logrus.Debugf("Container %s is not running, could not stop", c.ID()) + // container never created in OCI runtime + // docker parity: do nothing just return container id + case errors.Cause(err) == define.ErrCtrStateInvalid: + logrus.Debugf("Container %s is either not created on runtime or is in a invalid state", c.ID()) default: return err } diff --git a/test/e2e/stop_test.go b/test/e2e/stop_test.go index a984bf6d0..7f178d719 100644 --- a/test/e2e/stop_test.go +++ b/test/e2e/stop_test.go @@ -234,6 +234,17 @@ var _ = Describe("Podman stop", func() { Expect(strings.TrimSpace(finalCtrs.OutputToString())).To(Equal("")) }) + It("podman stop should return silent success on stopping configured containers", func() { + // following container is not created on OCI runtime + // so we return success and assume that is is stopped + session2 := podmanTest.Podman([]string{"create", "--name", "stopctr", ALPINE, "/bin/sh"}) + session2.WaitWithDefaultTimeout() + Expect(session2).Should(Exit(0)) + session3 := podmanTest.Podman([]string{"stop", "stopctr"}) + session3.WaitWithDefaultTimeout() + Expect(session3).Should(Exit(0)) + }) + It("podman stop --cidfile", func() { tmpDir, err := ioutil.TempDir("", "") -- cgit v1.2.3-54-g00ecf From 4fc40c82f7e916a3d164a26f6f2ee51f1f323ab6 Mon Sep 17 00:00:00 2001 From: Ashley Cui Date: Tue, 28 Sep 2021 17:01:57 -0400 Subject: Remind user to check connection or use podman machine Remind user to check their remote linux connection or use podman machine. Move the warning from bindings to cmd/podman. Signed-off-by: Ashley Cui --- cmd/podman/root.go | 5 +++++ pkg/bindings/connection.go | 4 ++-- 2 files changed, 7 insertions(+), 2 deletions(-) (limited to 'pkg') diff --git a/cmd/podman/root.go b/cmd/podman/root.go index c798e6634..2ab011631 100644 --- a/cmd/podman/root.go +++ b/cmd/podman/root.go @@ -92,6 +92,11 @@ func Execute() { if registry.GetExitCode() == 0 { registry.SetExitCode(define.ExecErrorCodeGeneric) } + if registry.IsRemote() { + if strings.Contains(err.Error(), "unable to connect to Podman") { + fmt.Fprintln(os.Stderr, "Cannot connect to Podman. Please verify your connection to the Linux system using `podman system connection list`, or try `podman machine init` and `podman machine start` to manage a new Linux VM") + } + } fmt.Fprintln(os.Stderr, formatError(err)) } os.Exit(registry.GetExitCode()) diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go index 4127ad2f0..e2c46e481 100644 --- a/pkg/bindings/connection.go +++ b/pkg/bindings/connection.go @@ -112,12 +112,12 @@ func NewConnectionWithIdentity(ctx context.Context, uri string, identity string) return nil, errors.Errorf("unable to create connection. %q is not a supported schema", _url.Scheme) } if err != nil { - return nil, errors.Wrapf(err, "failed to create %sClient", _url.Scheme) + return nil, errors.Wrapf(err, "unable to connect to Podman. failed to create %sClient", _url.Scheme) } ctx = context.WithValue(ctx, clientKey, &connection) if err := pingNewConnection(ctx); err != nil { - return nil, errors.Wrap(err, "cannot connect to the Podman socket, please verify the connection to the Linux system, or use `podman machine` to create/start a Linux VM.") + return nil, errors.Wrap(err, "unable to connect to Podman socket") } return ctx, nil } -- cgit v1.2.3-54-g00ecf From 2247d5f1b8b64432607e42f3e03749c1b50b6c5d Mon Sep 17 00:00:00 2001 From: "Jason T. Greene" Date: Tue, 21 Sep 2021 22:32:49 -0500 Subject: Disable docker and alias to podman in FCOS ignition Signed-off-by: Jason Greene Co-authored-by: Dusty Mabe --- pkg/machine/ignition.go | 88 ++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 84 insertions(+), 4 deletions(-) (limited to 'pkg') diff --git a/pkg/machine/ignition.go b/pkg/machine/ignition.go index 89b556b14..e211f5ea6 100644 --- a/pkg/machine/ignition.go +++ b/pkg/machine/ignition.go @@ -6,6 +6,7 @@ import ( "encoding/json" "fmt" "io/ioutil" + "net/url" ) /* @@ -80,6 +81,7 @@ func NewIgnitionFile(ign DynamicIgnition) error { // so a listening host knows it can being interacting with it ready := `[Unit] Requires=dev-virtio\\x2dports-%s.device +After=remove-moby.service OnFailure=emergency.target OnFailureJobMode=isolate [Service] @@ -89,6 +91,23 @@ ExecStart=/bin/sh -c '/usr/bin/echo Ready >/dev/%s' [Install] RequiredBy=multi-user.target ` + deMoby := `[Unit] +Description=Remove moby-engine +# Run once for the machine +After=systemd-machine-id-commit.service +Before=zincati.service +ConditionPathExists=!/var/lib/%N.stamp + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/rpm-ostree override remove moby-engine +ExecStart=/usr/bin/rpm-ostree ex apply-live --allow-replacement +ExecStartPost=/bin/touch /var/lib/%N.stamp + +[Install] +WantedBy=multi-user.target + ` _ = ready ignSystemd := Systemd{ Units: []Unit{ @@ -101,6 +120,21 @@ RequiredBy=multi-user.target Name: "ready.service", Contents: strToPtr(fmt.Sprintf(ready, "vport1p1", "vport1p1")), }, + { + Enabled: boolToPtr(false), + Name: "docker.service", + Mask: boolToPtr(true), + }, + { + Enabled: boolToPtr(false), + Name: "docker.socket", + Mask: boolToPtr(true), + }, + { + Enabled: boolToPtr(true), + Name: "remove-moby.service", + Contents: &deMoby, + }, }} ignConfig := Config{ Ignition: ignVersion, @@ -161,6 +195,22 @@ func getFiles(usrName string) []File { var ( files []File ) + + lingerExample := `[Unit] +Description=A systemd user unit demo +After=network-online.target +Wants=network-online.target podman.socket +[Service] +ExecStart=/usr/bin/sleep infinity +` + containers := `[containers] +netns="bridge" +rootless_networking="cni" +` + rootContainers := `[engine] +machine_enabled=true +` + // Add a fake systemd service to get the user socket rolling files = append(files, File{ Node: Node{ @@ -171,7 +221,7 @@ func getFiles(usrName string) []File { FileEmbedded1: FileEmbedded1{ Append: nil, Contents: Resource{ - Source: strToPtr("data:,%5BUnit%5D%0ADescription%3DA%20systemd%20user%20unit%20demo%0AAfter%3Dnetwork-online.target%0AWants%3Dnetwork-online.target%20podman.socket%0A%5BService%5D%0AExecStart%3D%2Fusr%2Fbin%2Fsleep%20infinity%0A"), + Source: encodeDataURLPtr(lingerExample), }, Mode: intToPtr(0744), }, @@ -188,7 +238,7 @@ func getFiles(usrName string) []File { FileEmbedded1: FileEmbedded1{ Append: nil, Contents: Resource{ - Source: strToPtr("data:,%5Bcontainers%5D%0D%0Anetns%3D%22bridge%22%0D%0Arootless_networking%3D%22cni%22"), + Source: encodeDataURLPtr(containers), }, Mode: intToPtr(0744), }, @@ -213,7 +263,7 @@ func getFiles(usrName string) []File { FileEmbedded1: FileEmbedded1{ Append: nil, Contents: Resource{ - Source: strToPtr("data:,%5Bengine%5D%0Amachine_enabled%3Dtrue%0A"), + Source: encodeDataURLPtr(rootContainers), }, Mode: intToPtr(0644), }, @@ -233,7 +283,22 @@ func getFiles(usrName string) []File { FileEmbedded1: FileEmbedded1{ Append: nil, Contents: Resource{ - Source: strToPtr("data:,unqualified-search-registries%3D%5B%22docker.io%22%5D"), + Source: encodeDataURLPtr("unqualified-search-registries=[\"docker.io\"]\n"), + }, + Mode: intToPtr(0644), + }, + }) + + files = append(files, File{ + Node: Node{ + Path: "/etc/tmpfiles.d/podman-docker.conf", + }, + FileEmbedded1: FileEmbedded1{ + Append: nil, + // Create a symlink from the docker socket to the podman socket. + // Taken from https://github.com/containers/podman/blob/main/contrib/systemd/system/podman-docker.conf + Contents: Resource{ + Source: encodeDataURLPtr("L+ /run/docker.sock - - - - /run/podman/podman.sock\n"), }, Mode: intToPtr(0644), }, @@ -253,5 +318,20 @@ func getLinks(usrName string) []Link { Hard: boolToPtr(false), Target: "/home/" + usrName + "/.config/systemd/user/linger-example.service", }, + }, { + Node: Node{ + Group: getNodeGrp("root"), + Path: "/usr/local/bin/docker", + Overwrite: boolToPtr(true), + User: getNodeUsr("root"), + }, + LinkEmbedded1: LinkEmbedded1{ + Hard: boolToPtr(false), + Target: "/usr/bin/podman", + }, }} } + +func encodeDataURLPtr(contents string) *string { + return strToPtr(fmt.Sprintf("data:,%s", url.PathEscape(contents))) +} -- cgit v1.2.3-54-g00ecf