Provides Docker API client access, allowing compose to work by default
for HyperV. Basically the HyperV equiv of the work done here by #12916.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
We shouldn't hardcode `~/.local` - we should use the internal
config helper APIs which honor the XDG_DATA_DIR etc. standard
environment variables.
Signed-off-by: Colin Walters <walters@verbum.org>
Changes SSH key behavior such that there is a single persisted key for all
machines across all providers. If there is no key that is located at
`.local/share/containers/podman/machine/` then it is created. The keys are
not deleted when the last machine on the host is removed.
The main motivation for this change is it leads to fewer files created on the
host as a result of vm configuration. Having `n` machines on your system doesn't
result in `2n` machine-related files in `.ssh` on your system anymore.
As a result of ssh keys being persisted by default, the `--save-keys` flag
on `podman machine rm` will no longer be supported.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves all of the ignitionfiles out of the `machine` package and into
its own called `ignition`. This required `VMType` to get moved out of
the `machine` package and into the `define` package in order to prevent
a circular dependency.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
The following PR is the very first step in what will a series of steps
to apply a "common" machine configuration file to all providers.
Function names, method names, struct names, and field names are all up
for debate. The purpose of this PR is to offer a glimpse at the
direction we intend to take.
This PR also contains temporary structs (i.e. aThing) that are not
exported. These are merely placeholders.
The configuration work in this PR is also unused of yet. But the code
is compiled. Once merged, we can begin the next step of development.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Previously the WSL user-mode networking distribution was only installed as part
of a change, when it should have been also applied installs. This mean that the
init flag usage only worked after a previous set command.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Fixed a bug where `podman machine rm -f` would cause a deadlock when
running with WSL.
The deadlock is caused by the Remove() function calling the Stop()
function after Remove() locks the VM. Stop() also has a lock call, which
fails and deadlocks because Remove() already claimed lock. Fix this by
moving the stop call before the lock
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
QEMU usb-host driver which is the one for passthrough, supports two
options for selecting an USB devices in the host to provide it to the
VM:
- Bus and Device number the device is plugged
- Vendor and Product information of the USB devices
https://qemu-project.gitlab.io/qemu/system/devices/usb.html
This commit allows a user to configure podman machine with either of
options, with new --usb command line option for podman machine init.
Examples
podman machine init tosovm4 --usb vendor=13d3,product=5406
podman machine init tosovm3 --usb bus=1,devnum=4 --usb bus=1,devnum=3
This commit also allows a user to change the USBs configured with
--usb command line option for podman machine set.
Note that this commit does not handle host device permissions nor
verify that the USB devices exists.
Signed-off-by: Victor Toso <victortoso@redhat.com>
In #20538, I was asked to consider refactoring the new OCI pull code
from within the generic machine directory. This is something I had
tried when originally coding it but it became apparent that a much
larger refactor to prevent circular deps was needed. Because I did not
want to pollute the initial PR with that refactor, I asked for the PR to
merge first. This is the refactor that needed to be done.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Implements a shared `GetLock` function for virtualization providers. Returns
a pointer to a lockfile used for serializing write operations.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
If init fails, or if a SIGINT is sent during init, podman machine should remove all files and configs
created during the init. This includes config jsons, image files, ssh
id's, and system connections. On Windows, the VM instances are also
unregistered.
Signed-off-by: Ashley Cui <acui@redhat.com>
This reverts commit 5b990c3835.
PR #19994
Causes wsl nsenter script to infinitely loop in standard operation
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Since wsl --version triggers help, which triggers an error code,
use that instead of text detection.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
After creating a podman machine, and before starting it, the LastUp value for podman machine ls should display Never. Previously, the LastUp value was the same as creation time. This also changes the LastUp value for inspect to ZeroTime instead of creation time.
Signed-off-by: Ashley Cui <acui@redhat.com>
allow the machine stop test to pass.
small change to WSL stop on an already stopped machine to allow for it
to behave like hyperv and qemu
Signed-off-by: Brent Baude <bbaude@redhat.com>
the emitted message for starting a machine that is is already started
needed to be slightly altered for wsl.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
This PR is a mishmash of updates needed so that the hyperv provider can
begin to passd the machine e2e tests.
Summary as follows:
* Added custom error handling for machine errors so that all providers
can generate the same formatted error messages. The ones implemented
thus far are needed for the basic and init tests. More will come as
they are identified.
* Vendored new libhvee for better memory inspection. The memory type
changed from uint32 to uint64.
* Some machine e2e tests used linux-specific utilities to check various
error conditions and messages (like pgrep). Those were made into
functions and implemented on an operating system level.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
When passing the force flag to machine rm, wsl needs to stop the VM if
it is running before attempting to remove it.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
As promised in #19596, this pr deduplicates and refactors image
acquisition. All virt providers that use FCOS as its default now use
the same code.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Registers a rootless and rootful socket underneath /mnt/wsl/podman-sockets/[machine name]/
This allows podman remote clients on other Linux distributions to access podman.
This also registers the podman root socket under the wheel group, to allow for rootful
linking against /var/run/docker.sock, a use case expected by some clients and APIs.
While this is not recommended practice on a Linux host, a WSL guest is user-isolated
and already enables escalation trivially.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
While only leveraged by the WSL backend, this commit also adds core
infrastructure for all other backends for future enhancement.
- Adds a common port cross backend allocation registry to prevent duplicate
assignment across multiple machine instances
- Introduces logic in Start() that detects OS port conflicts and scans for a
viable replacement port
- Updates connection definitions and server configuration accordingly
- Utilizes a coordinated file lock strategy to prevent racing overwrites of port
and connection registries
- WSL backend coordinates locking for containers.conf until a future common
enhancement exists to replace it
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
container/common Config was recently updated to use FCOS
default names, since Windows HyperV backend needs them,
and these are common with other providers.
Map this to values the WSL backend expects.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
now that we have public hypverv fcos artifacts, we can download them
instead of requiring a special build.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Moves the shared logic from `writeConfig` into a shared function in
`pkg/machine/machine_common.go`
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves most of the logic of `setRootful` to the common file
`pkg/machine/machine_common.go`.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Ensures that for each hypervisor implementation, their `config.go` file
deals with implementing the `VirtProvider` interface while the
`machine.go` file is for implementing the `VM` interface.
Moves the `Virtualization` type into a common file and
created wrappers for the individual hypervisors. Allows for shared
functions that are exactly the same while providing the flexibility to
create hypervisor-specific implementations of the functions.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
gvproxy listens on 127.0.0.1, using localhost as hostname can result in
the client trying to connect to the ipv6 localhost (`::1`). This will
fail as shown in the issue. This switches the hostname in the system
connection to 127.0.0.1 to fix this problem.
I switched the qemu, hyperV and WSL backend. I haven't touched the
applehv code because it uses two different ips and I am not sure what is
the correct thing there. I leave this to Brent to figure out.
[NO NEW TESTS NEEDED]
[1] https://github.com/containers/gvisor-tap-vsock/blob/main/cmd/gvproxy/main.go#L197-L199Fixes#16470
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It really does not make sense to call RemoveConnection() twice and then
update the config file a third time in updateDefaultMachineinConfig().
This results in unnecessary reads/writes and more code.
Simplyfy this into one function that is only called once and do all
updates at once.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Resolves Win Installer CI issues where dep processing variance can
pull in gpgme, which doesn't compile on Windows without a
specialized msys2 setup.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Windows: Flush machine config writes before renaming
Windows: Previously this code was changed to improve atomicity by changing
the persitence approach to a two-step process (write + rename).
However, the first-step write operation was not fully flushed,
leading to the possibility of incomplete writes.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
with libhvee, we are able to do the basics of podman machine management
on hyperv. The basic functions like init, rm, stop, and start are all
functional. Start and stop will periodically throw a benign error
processing the hyperv message being returned from the action. The error
is described in the todo's below.
notable items:
* no podman commands will work (like ps, images, etc)
* the machine must be initialized with --image-path and fed a custom image.
* disk size is set to 100GB statically.
* the vm joins the default hyperv network which is TCP/IP network based.
* podman machine ssh does not work
* podman machine set does not work
* you can grab the ip address from hyperv and fake a machine connection
with `podman system connection`.
* when booting, use the hyperv console to know the boot is complete.
TODOs:
* podman machine ssh
* podman machine set
* podman machine rm needs force bool
* disk size in NewMachine is set to 100GB
* podman start needs to wait until fully booted
* establish a boot complete signal from guest
* implement gvproxy like user networking
* fix benign failures in stop/start -> Error: error 2147749890 (FormatMessage failed with: The system cannot find message text for message number 0x%1 in the message file for %2.)
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
in preparation for adding hyper as a machine option, several common
functions needed to be moved specifically from qemu to a common area in
pkg/machine. this usually involved functions and variables related to
using fcos as a machine image as well as its compression, artifact, and
image format.
[NO NEW TESTS NEEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
before we can support hyperv as a virtualization option for podman
machine, several areas in machine will require cleanup. this is the
first pass of these changes to keep the review burden low. changes
include:
* convert artifact, format (image format) and compression to enums
with string methods
* rename Provider interface to VirtProvider
* change Provider implementation in QEMU to QEMUVirt
* change Provider implementation in WSL to WSLVirt
as mentioned earlier, there will be several more of these refactoring
PRs because assumptions were made about associations of platforms and
virt providers as well as compression and image formats.
Signed-off-by: Brent Baude <bbaude@redhat.com>
If podman is the default wsl distribution, the (default) string is appended and result is assigned false.
[NO NEW TESTS NEEDED]
Fixes#17227
Signed-off-by: shblue21 <jihunkimkw@gmail.com>
Small amount of refactoring to make WSL specific stuff into the WSL
package where possible. This is in preparation for the possibility of
adding more virtualization backends.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Add quiet and no-info flags to podman machine start.
No-info suppresses helpful informational tips
Quiet suppresses machine start progress output, as well as informational
tips.
Signed-off-by: Ashley Cui <acui@redhat.com>
Safe guards calls to os.RemoveAll in order to prevent calls from accidently
deleting the root file system in very strange edge cases. Did this by creating
GuardedRemoveAll and migrated machine os.RemoveAll calls to it.
Signed-off-by: Mike Perry <mike@bitbistro.org>
Motivated to have a working `make lint` on Fedora 37 (beta).
Most changes come from the new `gofmt` standards.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Package `io/ioutil` was deprecated in golang 1.16, preventing podman from
building under Fedora 37. Fortunately, functionality identical
replacements are provided by the packages `io` and `os`. Replace all
usage of all `io/ioutil` symbols with appropriate substitutions
according to the golang docs.
Signed-off-by: Chris Evich <cevich@redhat.com>
Podman adds an Error: to every error message. So starting an error
message with "error" ends up being reported to the user as
Error: error ...
This patch removes the stutter.
Also ioutil.ReadFile errors report the Path, so wrapping the err message
with the path causes a stutter.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When the break out or the WSL environment fails to start, the config
and connections should not be written. Placing them at the end of the
provisioning step will mitigate the issue.
[NO NEW TESTS NEEDED]
Signed-off-by: Gerard Braad <me@gbraad.nl>
This commit introduces a prepared image for setting up the WSL2
environment. This means that the deployment will take considerable
less time to finish (as it does not need to run an update and package
install), but also allows to rely on a cached image to re-init the
environment without the need for an internet connection.
[NO NEW TESTS NEEDED]
Signed-off-by: Gerard Braad <me@gbraad.nl>
We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
- The State() function now returns machine.Starting status instead of an
empty string if the VM is in the process of starting.
- The `CheckExclusiveActiveVM()` function returns `true` to prevent
starting a VM while another is in the process of starting.
- `podman machine ls` displays "Currently starting" under "Last Up" for
the starting VM
- `podman machine ls` supports `{{.Starting}}` boolean field in the format
- `podman machine inspect` displays "starting" in the "State" field for
the starting VM
Signed-off-by: Shane Smith <shane.smith@shopify.com>
podman system reset did not clean up machines fully, leaving some config
files, and breaking machines. Now it removes all machines files fully.
Signed-off-by: Ashley Cui <acui@redhat.com>
I was asked to refactor machine inspect output to represent more common
and basic information. machine inspect now has information that would
be appropriate for different machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Allow podman machine set to change CPUs, Memory and Disk size of a QEMU machine after its been created.
Disk size can only be increased.
If one setting fails to be changed, the other settings will still be applied.
Signed-off-by: Ashley Cui <acui@redhat.com>
Based on WSL2 9p support: remaps windows paths to /mnt/<drive> locations for
both podman and Docker API clients.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
podman machine was using the file modification time to get the running status
add three new config entries Starting (bool) Created (time) LastUp (time) to actually
keep track of when these events happened. This means we can use the config file
to actually store this data and not mess up the created/last-up time.
This fixes the issues where the machine would report running 15 seconds before it was up.
Also fixes the issue of modifying the file manually and saying the machine is "up"
[NO NEW TESTS NEEDED]
resolves#13711
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
This reverts commit cc3790f332.
We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Allow users to inspect their podman virtual machines. This will be
helpful for debug and development alike, because more details about the
machine can be collected.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
WalkDir should be faster the Walk, since we often do
not need to stat files.
[NO NEW TESTS NEEDED] Existing tests should find errors.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Ashley Cui