If no entrypoint or command is set in the podman create
command, and the image command or entrypoint is being
used as the default, then do not add the image command or
entrypoint to the generated kube yaml.
Kubernetes knows to default to the image command and/or
entrypoint settings when not defined in the kube yaml.
Add and modify tests for this case.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Change the default format of `podman search` to only display the name
and the description of each image. The index is redundant to the name
and consumes a lot of space, and other descriptors (i.e., stars,
official, automated) are specific to Docker Hub and also consume a lot
space. Users can still use `--format` for displaying the descriptors
they want to.
Add a `--compatible` flag to offer an easy way to get them back.
Also update the man page to account for the behavior and get some fresh
data in the examples.
Motivated by a recent conversation in libimage:
https://github.com/containers/common/pull/802#issuecomment-937108734
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Cleanup some other errors in the podman build man page.
Also slip a link between .dockerignore and containerignore.5 man page
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The --ip-range option did not work correctly. The endIP was accidentally
assigned to the start IP. New tests are added to make sure it works.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Removed the inclusion of RunAsUser or RunAsGroup unless a container is run with the --user flag. When building from an image
the user will be pulled from there anyway
resolves#11914
Signed-off-by: cdoern <cdoern@redhat.com>
Don't use reexec for the rootlessport process, instead make it a
separate binary to reduce the memory usage. The problem with reexec is
that it will import all packages that podman uses and therefore loads a
lot of stuff into the heap. The rootlessport process however only needs
the rootlesskit library.
The memory usage is a concern since the rootlessport process will spawn
two process per container which has ports forwarded. The processes stay
until the container dies. On my laptop the current reexec version uses
47800 KB RSS. The new separate binary only uses 4540 KB RSS. This is
more than a 90% improvement.
The Makefile has been updated to compile the new binary and install it
to the libexec directory.
Fixes#10790
[NO TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Kubernetes fails to deal with an annotation that has a space in it.
Trim these strings to remove spaces.
Fixes: #11929
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO TESTS NEEDED]
* Increase timeout for tests to 10s
* To aid in debugging add PID to shutdown package logging
* Added new message for forced service shutdown
* Always wait for HTTP server to shutdown, duration of 0 not friendly
to clients
Note: The log event
"IdleTracker: StateClosed transition by connection marked un-managed"
denotes a TCP connection has been initiated but no HTTP request was sent.
And is expected during these tests.
Fixes#11921
Signed-off-by: Jhon Honce <jhonce@redhat.com>
* JSON and API description fields are no longer truncated. Formatting
moved to client, better support of MVP.
* --no-trunc now defaults to true
* Updated tests for changes
Closes#11894
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Don't hardcode /usr/bin/podman in unit files: instead, use
template files with a path replaced at install time.
Because 'make' can be invoked repeatedly, with different
PREFIX, do not leave the generated files behind in our
work directory: wipe them immediately after install.
To get this to work, fix a longstanding bug in podman.spec.in,
a PREFIX that should've been DESTDIR.
Side note: #7023 made contrib/systemd/user a symlink
to .../system but did not update paths in Makefile.
The unrelated-looking path change you see here is
a belated correction for that.
Fixes: #10787
Signed-off-by: Ed Santiago <santiago@redhat.com>
use the cgroup.controllers file instead of cgroup.subtree_control to
read the list of controllers available in the current cgroup.
Closes: https://github.com/containers/podman/issues/11931
[NO TESTS NEEDED] we have disabled this test in the CI because it is
difficult to know what controllers are going to be enabled for
rootless under all conditions we test.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Docker has support for docker builder prune and
docker builder build
This patch will add a hidden command to support scripts using this
syntax. We don't want to encourage this deviation.
Add podman build prune to implement docker builder prune
functionality.
Co-authored-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Currently we are not passing the force flag down to the removal of
the running container. If the container is running, and we set
--force when removing the volume, the container should be stopped.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Podman stats is not supported for rootless cgroupv1 setups. The check
for this must be on the server side and not the client.
[NO NEW TESTS NEEDED] we cannot test this because remote and server are
always on the same machine in CI
Fixes#11909
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Refactor sidecar HTTP service for /debug/pprof endpoints to use a TCP
address given via new podman system service --pprof-address flag
* Allow same URL parsing in "system service" as bindings/connection.go
* Refactor NewServerWithSettings() to use entities.ServiceOptions
in place of deleted server.Options
* Updated godoc for impacted functions and types
* Fixed API service Shutdown() to do an orderly shutdown when
terminated and running with --time=0
Signed-off-by: Jhon Honce <jhonce@redhat.com>
When using custom output formats like table, some of the booleans
introduced for json format were not initialized correctly (wrong).
[NO TESTS NEEDED]
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
Vendor the latest HEAD in c/common to pull in changes for a faster
inspection of images. Previously, only the size computation was
optional, now the one for the parent image is as well.
In many cases, the parent image is not needed but it takes around 10ms
on my local machine. With this change, we cut off 10ms from many code
paths, most importantly, container creation.
[NO NEW TESTS NEEDED]
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Daniel J Walsh
OpenShift Merge Robot
Urvashi Mohnani
Valentin Rothberg
Paul Holzinger
cdoern
Brent Baude
Jhon Honce
Ed Santiago
dependabot[bot]
Giuseppe Scrivano
Aditya Rajan
chenkang
Reinhard Tartler
Anders F Björklund