Commit Graph

13206 Commits

Author SHA1 Message Date
OpenShift Merge Robot 54c630aa0a
Merge pull request #12061 from dancerj/typo
[CI:DOCS] fuse-overlay probably means fuse-overlayfs.
2021-10-22 14:28:45 +00:00
OpenShift Merge Robot 5dd211f91b
Merge pull request #11991 from rhatdan/size
Allow API to specify size and inode quota
2021-10-22 14:18:45 +00:00
OpenShift Merge Robot 833d92d709
Merge pull request #12021 from rhatdan/kube
Generate Kube should not print default structs
2021-10-22 14:12:44 +00:00
Junichi Uekawa ce4ed7d133 fuse-overlay probably means fuse-overlayfs.
fuse-overlayfs is usually the package name.

Signed-off-by: Junichi Uekawa <dancer@debian.org>
2021-10-22 13:41:58 +09:00
OpenShift Merge Robot 9e453e242e
Merge pull request #12048 from rhatdan/man
Remove --kernel-memory options
2021-10-22 00:26:39 +00:00
OpenShift Merge Robot c09fab59dd
Merge pull request #12047 from mheon/remove_infra_from_db
[NO NEW TESTS NEEDED] Remove infra ID from DB before removing containers
2021-10-21 17:58:41 +00:00
Daniel J Walsh 8e3760c29f
Remove --kernel-memory options
Kernel memory option has been depracated in runtime-spec,  It is
believed that it will not work properly on certain kernels.  runc
ignores it.

This PR removes documentation of the flag and also prints a warning if
a user uses it.

[NO NEW TESTS NEEDED]

Helps Fix: https://github.com/containers/podman/issues/12045

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-21 13:29:44 -04:00
OpenShift Merge Robot 54f2c9a540
Merge pull request #12057 from flouthoc/allow-tagging-manifest-list
tag: Support tagging manifest list instead of resolving to images
2021-10-21 13:45:28 +00:00
OpenShift Merge Robot 6338e74cc9
Merge pull request #12028 from edsantiago/test_system_connection
Add test for system connection
2021-10-21 13:44:28 +00:00
Aditya Rajan f4f96962c0
tag: Support tagging manifest list instead of resolving to images
Following commit makes sure when buildah tag is invoked on a manifest
list, it tags the same manifest list instead of resolving to an image and
tagging it.

Port of: https://github.com/containers/buildah/pull/3483

Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-21 17:44:31 +05:30
OpenShift Merge Robot 4268a4afee
Merge pull request #12049 from edsantiago/test_dash_a_with_l
System tests: confirm that -a and -l clash
2021-10-20 19:14:08 +00:00
Matthew Heon 30245f5849 Remove infra ID from DB before removing containers
If we interrupt pod removal between removing containers and
removing the whole pod, the infra ID was still in the DB, and
most pod operations would try to retrieve the infra container
(and would this fail). Clear the infra ID from the DB just before
we remove all containers to prevent this.

Fixes #12034

[NO NEW TESTS NEEDED] This is a very narrow race and I have no
idea how to repro it.

Signed-off-by: Matthew Heon <mheon@redhat.com>
2021-10-20 14:56:22 -04:00
Ed Santiago 70a5d8cd1d System tests: confirm that -a and -l clash
...and fix one instance where there was no check

Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-10-20 11:09:32 -06:00
OpenShift Merge Robot eba281c3e0
Merge pull request #11851 from cdoern/podRm
Pod Rm Infra Handling Improvements
2021-10-20 13:20:12 +00:00
OpenShift Merge Robot 97f051f657
Merge pull request #12017 from nalind/exponential
Use exponential backoff when waiting for a journal entry
2021-10-20 12:49:10 +00:00
OpenShift Merge Robot a3dba7fdfb
Merge pull request #12032 from eastonman/eastonman-systemd-patch-1
[CI:DOCS] Change systemd service file to be compatible with rootless mode
2021-10-20 09:24:10 +00:00
OpenShift Merge Robot 2c6c801067
Merge pull request #12041 from edsantiago/container_env
system tests: CONTAINER_* and --help: cleanup
2021-10-20 08:40:10 +00:00
OpenShift Merge Robot fba7a05b1b
Merge pull request #12024 from rhatdan/podman
podman run --memory=0 ... should not set memory limit
2021-10-20 08:39:11 +00:00
Easton Man 12d0a85091
systemd: compatible with rootless mode
- change the type to forking to allow fork.
- add default.target for user systemd service

Signed-off-by: Easton Man <manyang.me@outlook.com>
2021-10-20 10:31:13 +08:00
Ed Santiago 960a55c09d system tests: CONTAINER_* and --help: cleanup
A small part of this test was written in a confusing and fragile
way: it was very hard to understand, and in fact only worked
through pure luck (using 'echo $output', which emitted everything
in one long line, vs the standard quoted 'echo "$output"' which
would've kept the formatting and caused the test to pass,
incorrectly, no matter whether --remote was in the output
or not). Plus, the '$?' check in the next line would never
trigger on failure anyway, so the failure message would've
been unhelpful if the test were ever to fail.

Anyhow. Make it readable and make it work.

(Followup to #11990)

Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-10-19 14:22:50 -06:00
OpenShift Merge Robot 7fa99358bd
Merge pull request #12030 from rhatdan/man
[CI:DOCS] Add information on how to discover default log driver
2021-10-19 19:40:39 +00:00
Daniel J Walsh 20b5a8599b
podman run --memory=0 ... should not set memory limit
On Docker this is ignored, and it should be on Podman as
well. This is documented in the man page.

Fixes: https://github.com/containers/podman/issues/12002

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-19 14:06:33 -04:00
Daniel J Walsh c3801f0fa9
Add information on how to discover default log driver
Fixes: https://github.com/containers/podman/issues/12008

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-19 13:55:30 -04:00
OpenShift Merge Robot 82fd2999b2
Merge pull request #11937 from flouthoc/overlay-rootfs-chown
libpod: change mountpoint ownership when creating overlays on top of external rootfs
2021-10-19 17:14:40 +00:00
Ed Santiago d24ce0a33f Add test for system connection
First a basic (connectionless) one to make sure we 'add', 'ls',
and 'rm' work; then an actual one with a service; then (if
ssh to localhost is set up and works) test ssh

Requires a little trickery to work around the CI definition
of $PODMAN, which includes "--url /path/to/sock", which
overrides podman's detection of whether to use a connection
or not.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-10-19 09:18:51 -06:00
OpenShift Merge Robot 139dca038c
Merge pull request #12027 from rhatdan/connect
Change podman connection list to use default field
2021-10-19 15:03:41 +00:00
Daniel J Walsh 517b56b02d
Generate Kube should not print default structs
If podman uses Workdir="/" or the workdir specified in the image, it
should not add it to the yaml.
If Podman find environment variables in the image, they should not
get added to the yaml.

If the container or pod do not have changes to SELinux we should not
print seLinuxOpt{}

If the container or pod do not change any dns options the yaml should
not have a dnsOption={}

If the container is not privileged it should not have privileged=false
in the yaml.

Fixes: https://github.com/containers/podman/issues/11995

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-19 08:31:35 -04:00
Aditya Rajan 9500e11a8f
libpod: change mountpoint ownership c.Root when using overlay on top of external rootfs
Allow chainging ownership of mountpoint created on top external overlay
rootfs to support use-cases when custom --uidmap and --gidmap are
specified.

Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-19 16:12:07 +05:30
Daniel J Walsh 34dcbc9491
Change podman connection list to use default field
Stop using "*" to indicate default.  Add default field to make
it more obvios and the json field more machine usable.

Fixes: https://github.com/containers/podman/issues/12019

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-18 16:52:52 -04:00
Daniel J Walsh 087f8fc73b
Allow API to specify size and inode quota
Fixes: https://github.com/containers/podman/issues/11016

[NO NEW TESTS NEEDED] We have no easy way to tests this in
CI/CD systems.  Requires quota to be setup on directories to work.

Fixes: https://github.com/containers/podman/issues/11016

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-18 14:44:10 -04:00
Nalin Dahyabhai db7a98de40 Use exponential backoff when waiting for a journal entry
When looking for a cursor that matches the first journal entry for a
given container, wait and try to find it using exponential backoff.

[NO NEW TESTS NEEDED]

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2021-10-18 14:16:09 -04:00
OpenShift Merge Robot e0ffc431fe
Merge pull request #11959 from rhatdan/selinux
We should only be relabeling when on first run
2021-10-18 19:53:46 +02:00
OpenShift Merge Robot abc6527c96
Merge pull request #12016 from edsantiago/socktest_cleanup
system tests: socket activation: clean up
2021-10-18 19:50:45 +02:00
OpenShift Merge Robot 8ce1c625db
Merge pull request #12009 from flouthoc/rootfs-overlay-cleanup-leak
rootfs-overlay: fix overlaybase path for cleanups
2021-10-18 18:14:45 +02:00
cdoern 4f7a431daf Pod Rm Infra Improvements
Made changes so that if the pod contains all exited containers and only infra is running, remove the pod.

resolves #11713

Signed-off-by: cdoern <cdoern@redhat.com>
2021-10-18 11:39:12 -04:00
Ed Santiago c8cffe1b35 system tests: socket activation: clean up
Multiarch folks are seeing flakes in this test. I can't reproduce
them, but I did notice that the test isn't doing the best possible
job of reporting failures nor of confirming what it purports to test.

Major fix here is to check the exit status of each curl: if we
see the flake again, that will help us track down the failure.

Other fixes are just refactoring, cleanup, and disambiguation
(using the random service name consistently)

Signed-off-by: Ed Santiago <santiago@redhat.com>
2021-10-18 08:47:15 -06:00
Aditya Rajan d0f7b99c6d
rootfs-overlay: fix overlaybase path for cleanups
Following commit ensures not dandling mounts are left behind when we are
creating an overlay on top of external rootfs.

Co-authored-by: Valentin Rothberg <rothberg@redhat.com>
Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-18 19:01:55 +05:30
OpenShift Merge Robot 0144f46ac5
Merge pull request #11990 from rhatdan/remote
Move CONTAINER_HOST and _CONNECTION to IsRemote Function
2021-10-16 14:29:40 +02:00
Daniel J Walsh 468e7c689b
Move CONTAINER_HOST and _CONNECTION to IsRemote Function
Current code does not check early enough.

Follow up to https://github.com/containers/podman/pull/11978

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-15 14:40:02 -04:00
Daniel J Walsh 207abc4a9a
We should only be relabeling when on first run
On the second runs, the labels should be the same so no
need to relabel.

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2013548

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-15 14:27:14 -04:00
OpenShift Merge Robot 171f7b8975
Merge pull request #11955 from adrianreber/2021-10-13-f35-checkpoint-test-fix
Checkpoint/Restore test fixes
2021-10-15 16:57:37 +02:00
OpenShift Merge Robot 673cc5054c
Merge pull request #11982 from umohnani8/targetPort
Set targetPort to the port value in the kube yaml
2021-10-15 16:56:43 +02:00
OpenShift Merge Robot 3f6fd8a7bd
Merge pull request #11978 from rhatdan/remote
If CONTAINER_HOST env variable is set default podman --remote=true
2021-10-15 16:50:49 +02:00
OpenShift Merge Robot 5ac617ae8a
Merge pull request #11976 from jwhonce/issues/10737
Use CGO_ENABLED=1 when building natively on darwin
2021-10-15 15:28:45 +02:00
OpenShift Merge Robot a5c13bb8f7
Merge pull request #11979 from cevich/more_criu_fix
Test-hang fix: Wait for ready + timeout on connect.
2021-10-15 15:26:46 +02:00
OpenShift Merge Robot 307b1b43b2
Merge pull request #11977 from rhatdan/log
Don't include ctr.log if not using file logging
2021-10-15 15:25:46 +02:00
OpenShift Merge Robot fecef15332
Merge pull request #11980 from umohnani8/kube
Do not add TCP to protocol in generated kube yaml
2021-10-15 01:22:55 +02:00
Daniel J Walsh 4f857bc106
If CONTAINER_HOST env variable is set default podman --remote=true
Users enabling CONTAINER_HOST==PATH is indicating to podman they intend
to use remote functionality.

Fixes: https://github.com/containers/podman/issues/11196

Update man pages to document all of the environment variables.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-10-14 17:08:48 -04:00
Urvashi Mohnani 8db62d04fd Set targetPort to the port value in the kube yaml
When the targetPort is not defined, it is supposed to
be set to the port value according to the k8s docs.
Add tests for targetPort.
Update tests to be able to check the Service yaml that
is generated.

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2021-10-14 17:03:26 -04:00
Urvashi Mohnani 16e7cc8bf1 Do not add TCP to protocol in generated kube yaml
As the default protocol in k8s is TCP, don't add it
to the generate yaml when using protocol.
Add UDP to the protocol of the generated yaml when udp
is being used.
Add tests for this as well.

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2021-10-14 17:03:14 -04:00