I am constantly attempting to add the podname to the last
argument to podman pod create. Allowing this makes it match
podman volume create and podman network create.
It does not match podman container create, since podman container create
arguments specify the arguments to run with the container.
Still need to support the --name option for backwards compatibility.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
- Look for and prevent lower-case arg descriptions:
podman cmd [arg]
- Look for and prevent optional-mandatory misordering:
podman cmd [ARG] ARG
- Tighter whitespace checks (and fix podman pod ps)
- simplify a no-longer-necessary mess! #8635 fixed the
horrible "CONTAINER | IMAGE" strings (with spaces),
so there's no longer a need to special-case those.
The one-extra-arg check is now much cleaner.
Minor refactoring.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Make sure that `podman image mount` prints a pretty table unless there
is only argument passed and without a custom format. Fixing a TODO item
brought me to the specific code location and revealed the fart in the
logic.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
I have seen some system tests flake waiting for a container to
transition into a specific running state. My theory is that
the waiting time was not sufficient on nodes under high load.
Hence, increase the waiting time. Also replace the break with
a return to spare some cycles to redundantly compare with the
already checked state.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Create an auto-update event for each invocation, independent if images
and containers are updated or not. Those events will be indicated in
the events already but users will now know why.
Fixes: #14283
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Support running `podman play kube` in systemd by exploiting the
previously added "service containers". During `play kube`, a service
container is started before all the pods and containers, and is stopped
last. The service container communicates its conmon PID via sdnotify.
Add a new systemd template to dispatch such k8s workloads. The argument
of the template is the path to the k8s file. Note that the path must be
escaped for systemd not to bark:
Let's assume we have a `top.yaml` file in the home directory:
```
$ escaped=$(systemd-escape ~/top.yaml)
$ systemctl --user start podman-play-kube@$escaped.service
```
Closes: https://issues.redhat.com/browse/RUN-1287
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Use the host UID and host GID mapping when building the local pause
image for a Pod with a custom mapping. Otherwise, the mappings are off
and the build fails. Propagating the mapping to the build container is
not needed since the pause image ships merely a copied `catatonit` from
the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2083997
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Send the main PID only once. Previously, `(*Container).start()` and
the conmon handler sent them ~simultaneously and went into a race.
I noticed the issue while debugging a WIP PR.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add the notion of a "service container" to play kube. A service
container is started before the pods in play kube and is (reverse)
linked to them. The service container is stopped/removed *after*
all pods it is associated with are stopped/removed.
In other words, a service container tracks the entire life cycle
of a service started via `podman play kube`. This is required to
enable `play kube` in a systemd unit file.
The service container is only used when the `--service-container`
flag is set on the CLI. This flag has been marked as hidden as it
is not meant to be used outside the context of `play kube`. It is
further not supported on the remote client.
The wiring with systemd will be done in a later commit.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Rather than assuming a filesystem path, the API service URI is recorded
in the libpod runtime configuration and then reported as requested.
Note: All schemes other than "unix" are hard-coded to report URI exists.
Fixes#12023
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The default log driver is not used when using play kube
without --log-driver. The LogDriver function needs to
be called in order to use the default log driver.
fixes#13781
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
Add the notion of an "exit policy" to a pod. This policy controls the
behaviour when the last container of pod exits. Initially, there are
two policies:
- "continue" : the pod continues running. This is the default policy
when creating a pod.
- "stop" : stop the pod when the last container exits. This is the
default behaviour for `play kube`.
In order to implement the deferred stop of a pod, add a worker queue to
the libpod runtime. The queue will pick up work items and in this case
helps resolve dead locks that would otherwise occur if we attempted to
stop a pod during container cleanup.
Note that the default restart policy of `play kube` is "Always". Hence,
in order to really solve #13464, the YAML files must set a custom
restart policy; the tests use "OnFailure".
Fixes: #13464
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
When a container is run in the host network namespace we have to keep
the same resolv.conf content and not use the systemd-resolve detection
logic.
But also make sure we still allow --dns options.
Fixes#14055
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The files /etc/hosts, /etc/hostname and /etc/resolv.conf should always
be owned by the root user in the container. This worked correct for
/etc/hostname and /etc/hosts but not for /etc/resolv.conf.
A container run with --userns keep-id would have the reolv.conf file
owned by the current container user which is wrong.
Consolidate some common code in a new helper function to make the code more
cleaner.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This reverts commit cc3790f332.
We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
golint, scopelint and interfacer are deprecated. golint is replaced by
revive. This linter is better because it will also check for our error
style: `error strings should not be capitalized or end with punctuation or a newline`
scopelint is replaced by exportloopref (already endabled)
interfacer has no replacement but I do not think this linter is
important.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When we connect or disconnect from a network we also have to update
/etc/hosts to ensure we only have valid entries in there.
This also fixes problems with docker-compose since this makes use of
network connect/disconnect.
Fixes#12533
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When we lookup the hostname for a given container we have to check if
the container is joined to another utsns and use this hostname then
instead.
This fixes a problem where the `hostname` command would use the correct
name but /etc/hostname would contain a different name.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Use the new logic from c/common to create the hosts file. This will help
to better allign the hosts files between buildah and podman.
Also this fixes several bugs:
- remove host entries when container is stopped and has a netNsCtr
- add entries for containers in a pod
- do not duplicate entries in the hosts file
- use the correct slirp ip when an userns is used
Features:
- configure host.containers.internal entry in containers.conf
- configure base hosts file in containers.conf
Fixes#12003Fixes#13224
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When run on an F36 host using netavark/aardvark-dns, for whatever
underlying reason most checkpoint/restore tests are emitting an error
similar to:
`criu: Symbol `__rseq_offset' has different size in shared object,
consider re-linking`
This extraneous output is causing the basic checkpoint system test to
fail. Since, all other testing of checkpoint/restore feature is
passing (also with the extraneous message) loosen the system test
sensitivity to match.
Signed-off-by: Chris Evich <cevich@redhat.com>
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
From a security point of view, it would be nice to be able to map a
rootless usernamespace that does not use your own UID within the
container.
This would add protection against a hostile process escapping the
container and reading content in your homedir.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
It seems this breaks older version of `podman-remote` users hence it
looks like this patch would be a better candidate for podman `5.0`
Problem
* Client with `4.0` cannot interact with a server of `4.1`
Plan this patch for podman `5.0`
This reverts commit 0cebd158b6.
Signed-off-by: Aditya R <arajan@redhat.com>
Problem: the system test 'is()' checker was poorly thought out.
For example, there is no way to check for inequality or for
absence of a substring.
Solution, step 1: introduce new assert(), copied almost verbatim
from buildah, where it has been successful in addressing the
gaps in is().
The logical next step is to search the tests for 'die' and
for 'run', looking for negative assertions which we can
replace with assert(). There were a lot, and in the process
I found a number of ugly bugs in the tests themselves. I've
taken the liberty of fixing these.
Important note: at this time we have both assert() and is().
Replacing all instances of is() would be impossible to review.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This reverts commit e133a06d2f.
@nalind found a proper fix in c/storage [1] to address the performance
issue. So we really don't need the flag anymore. Note the flag has
never made it into any release.
[1] d76b3606fc
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Add new functions to logfile.go for rotating and truncating
the events log file once the log file and its contents
exceed the maximum size limit while keeping 50% of the
log file's content
Also add tests to verify log rotation and truncation
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Current error messages are really awful, and cause great
suffering every time someone adds a new subcommand. Let's
see if these are better.
Signed-off-by: Ed Santiago <santiago@redhat.com>
--tail=1 is not working f you restart a container with journald logging.
We see the exit status and then call into the logging a second time
causing all of the logs to print.
Removing the tail log on exited seems to fix the problem.
Fixes: https://github.com/containers/podman/issues/13098
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Bad code got committed by accident: test description on run_podman
line, not test line.
Did not seem to affect tests, but fix it anyway.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Convert container entrypoint from string to an array inorder to make
sure there is parity between `podman inspect` and `docker inspect`
Signed-off-by: Aditya R <arajan@redhat.com>
Add a --size option to podman images to allow for disabling computing
the size of listed images. If listing images is critical to
performance, user may chose to turn off size computation to speed things
up.
Context: #13755
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The slirp4netns port forwarder was not updated to make use of the new
port format. This results in a problem when port ranges are used since
it does not read the range field from the port.
Update the logic to iterate through all ports with the range and
protocols. Also added a system test for port ranges with slirp4netns,
rootlesskit and the bridge network mode.
Fixes#13643
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
systemd expects the container_uuid environment variable be set
when it is running in a container.
Fixes: https://github.com/containers/podman/issues/13187
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
One of the pod tests was leaving a stray image behind,
causing scary red warnings in CI logs. Clean that up.
Also, now that #13541 has merged, use 'rmi --ignore' instead of
ignoring exit status from rmi
Signed-off-by: Ed Santiago <santiago@redhat.com>
Add an `--ignore` flag to `podman image rm` to instruct ignoring image
if a specified image does not exist and to not throw an error. Other
commands (e.g., `podman container rm`) already support this flag.
Such an `--ignore` flag can come in handy in clean-up scripcts such as
the teardown phases in the Podman tests.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Make sure to ignore local {container,docker}ignore files when building a
local pause image. Otherwise, we may mistakenly not be able to copy
catatonit into the build container.
Fixes: #13529
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Allow users to add annotions in the podman play kube command.
This PR Also fixes the fact that annotations in the pod spec were
not being passed down to containers.
Fixes: https://github.com/containers/podman/issues/12968
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This option was requested so that users could specify alternate
locations to find context directories for each image build. It
requites the --build option to be set.
Partion Fix: https://github.com/containers/podman/issues/12485
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When removing a container created with a --volumes-from a container
created with a built in volume, we complain if the original container
still exists. Since this is an expected state, we should not complain
about it.
Fixes: https://github.com/containers/podman/issues/12808
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When a test which creates a network fail it will not remove the network.
The teardown logic should remove the networks. Since there is no --all
option for network rm we use network prune --force.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add a extra `See 'podman command --help'` to the error output.
With this patch you now get:
```
$ podman run -h
Error: flag needs an argument: 'h' in -h
See 'podman run --help'
```
Fixes#13082Fixes#13002
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We're running into problems that are impossible to diagnose
because we have no idea if the SUT is using netavark or CNI.
We've previously run into similar problems with runc/crun,
or cgroups 1/2.
This adds a one-line 'echo' with important system info. Now,
when viewing a full test log, it will be possible to view
system settings in one glance.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The CONTAINERS_CONF environment variable can be used to override the
configuration file, which is useful for testing. However, at the moment
this variable is not propagated to conmon. That means in particular, that
conmon can't propagate it back to podman when invoking its --exit-command.
The mismatch in configuration between the starting and cleaning up podman
instances can cause a variety of errors.
This patch also adds two related test cases. One checks explicitly that
the correct CONTAINERS_CONF value appears in conmon's environment. The
other checks for a possible specific impact of this bug: if we use a
nonstandard name for the runtime (even if its path is just a regular crun),
then the podman container cleanup invoked at container exit will fail.
That has the effect of meaning that a container started with -d --rm won't
be correctly removed once complete.
Fixes#12917
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This comment refers to overiding $PODMAN although the code below does
nothing of the sort. Presumbly the comment has been outdated by altering
the containers.conf / $CONTAINERS_CONF instead.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
When running podman inside systemd user units, it is possible that
systemd kills the rootless netns slirp4netns process because it was
started in the default unit cgroup. When the unit is stopped all
processes in that cgroup are killed. Since the slirp4netns process is
run once for all containers it should not be killed. To make sure
systemd will not kill the process we move it to the user.slice.
Fixes#13153
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
All the healthcheck return output now but systems tests is written to
expect empty output which seems wrong.
Modify jq output to contain newline character rather than actual newline
Signed-off-by: Aditya R <arajan@redhat.com>
Append the podman dns seach domain to the host search domains when we
use the dnsname/aardvark server. Previously it would only use podman
seach domains and discard the host domains.
Fixes#13103
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
separated cgroupNS sharing from setting the pod as the cgroup parent,
made a new flag --share-parent which sets the pod as the cgroup parent for all
containers entering the pod
remove cgroup from the default kernel namespaces since we want the same default behavior as before which is just the cgroup parent.
resolves#12765
Signed-off-by: cdoern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Signed-off-by: cdoern <cdoern@redhat.com>
This reverts commit a1bc8cb52c.
Please see resolv.conf(5) search domains must be on the same line. If
you use multiple seach key words only the last one is used. I tested this
with alpine and it works correctly when they are on the same line so I
am not sure what issues Dan had with it but this is not correct.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Alpine does not seem to use search correctly when there are multiple
search domains on the same line. It only uses the first with the advent.
When podman runs within a separate network we are appending on
dns.podman as a search, if you add a search domain, then this causes the
local search on network to fail.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
machinectl does not propogate error messages and adds extra lines in the output, exec.Cmd is able to clear the env besides PATH and TERM,
and use the given UID and GID to execute the command properly.
machinectl is still used to create a user session. Ubuntu support is limited by this.
Signed-off-by: cdoern <cdoern@redhat.com>
Minimal: only test Fedora.Latest.
Reason: podman 4.0.0-0.2.rc2 broke bodhi gating tests:
https://github.com/containers/podman/issues/12989
Requires skipping two recently-added tests that use 'podman unshare',
which doesn't work on remote.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Amongst other things 030-run.bats checks for sensible error messages when
attempting a "podman run" with a non-existent or inaccessible path. It
checks for these messages, which come from the low-level runtime, in a lot
of detail, including separate versions for runc and crun. This is fragile
in several ways:
* It's likely to fail if using a runtime other than crun or runc
* It relies on detecting whether the runtime is crun vs. runc using the
path, which could fail if the binary has been named something unusual
* It will break if crun or runc ever alter their error message (even if
it's just changing case)
This replaces the checked versions with a much more accepting regex which
will work for both the runc and crun messages, while still looking for the
essential pieces. This isn't guaranteed to work with other runtimes, but
it's much more likely to.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Amongst other things 005-info.bats tests that the host.ociRuntime.package
field in the output from "podman info" reports something containing "crun"
or "runc".
While those are obviously the dominant runtimes in practice, it seems
undesirable to explicitly exclude them in testing. So, remove this
specific test.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
systemd 250 on f36 has changed the output format of a message
our tests rely on. This breaks bodhi gating tests. Fix test
so it accepts a continually-growing set of systemd outputs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
viz, rootful system tests. The rootless account will be
used by image-scp tests.
Unfortunately, having ssh available means the system-connection
tests will start running, which is very bad because they will
fail, because system connection doesn't actually work (long story).
Add a few more checks to prevent this test from running.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Start inching our way back to having tests for the sudo form
of podman image scp. Basically, copy an image to another user
and then back, using a pseudorandom name. Confirm that the
image makes it to the remote end, and that when we copy it
back, the original image digest is preserved.
When scp'ing as root, we identify the destination rootless
user account via the $PODMAN_ROOTLESS_USER envariable. Setting
this and creating the account is left as an exercise for the
CI framework (be it github, or Fedora/CentOS/RHEL gating, or
other).
Also: amend hack/bats to set and relay $PODMAN_ROOTLESS_USER,
so developers can test locally.
Also: remove what I'm 99% sure is a debugging printf.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Improve our compatibility with Docker by better handling the
state strings that we print in `podman ps`. Docker capitalizes
all states in `ps` (we do not) - fix this in our PS code. Also,
stop normalizing ContainerStateConfigured to the "Created" state,
and instead make it always be Created, with the existing Created
state becoming Initialized.
I didn't rename the actual states because I'm somewhat reticent
to make such a large change a day before we leave for break. It's
somewhat confusing that ContainerStateConfigured now returns
Created, but internally and externally we're still consistent.
[NO NEW TESTS NEEDED] existing tests should catch anything that
broke.
I also consider this a breaking change. I will flag appropriately
on Github.
Fixes RHBZ#2010432 and RHBZ#2032561
Signed-off-by: Matthew Heon <mheon@redhat.com>
Support removing the entire pod when --depend is used on an infra
container. --all now implies --depend to properly support removing all
containers and not error out when hitting infra containers.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
move the check after the cgroup manager is set, so to correctly detect
--cgroup-manager=cgroupfs and do not raise a warning about dbus not
being present.
Closes: https://github.com/containers/podman/issues/12802
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This directory needs to be world searchable so users can access it from
different user namespaces.
Fixes: https://github.com/containers/podman/issues/12779
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This option causes Podman to not only remove the specified containers
but all of the containers that depend on the specified
containers.
Fixes: https://github.com/containers/podman/issues/10360
Also ran codespell on the code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Remove hard code use of the DefaultInfraImage and rely on
getting this from containers.conf.
Fixes: https://github.com/containers/podman/issues/12771
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a fix for RHEL8 gating tests. This resolves yet another
journald/file events/logger mismatch bug.
Also, while I'm at it, more log cleanup: a recently-added test was
missing final rm/rmi, resulting in big red scary output in test logs.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Emergency fix to image-scp tests. DO NOT CREATE A USER!
These tests are run in all sorts of environments. We
do not have the right to vandalize a production system.
Also remove some misleading unneeded tests; and refactor a
little; and add a bunch of FIXMEs which will need to be
addressed later.
Also, super-low priority, add 'crun: ' to expected error
message in a run test (minor followup to #12758).
Signed-off-by: Ed Santiago <santiago@redhat.com>
It would be easier to diagnose OCI runtime errors if the error actually
had the name of the OCI runtime that produced the error.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently Docker copies up the first volume on a mountpoint with
data.
Fixes: https://github.com/containers/podman/issues/12714
Also added NeedsCopyUP, NeedsChown and MountCount to the podman volume
inspect code.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Fix handling of "bind" and "tmpfs" olumes to actually work.
Allow bind, tmpfs local volumes to work in rootless mode.
Also removed the string "error" from all error messages that begine with it.
All Podman commands are printed with Error:, so this causes an ugly
stutter.
Fixes: https://github.com/containers/podman/issues/12013
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This test case is used for covering rhbz#1854566.
Replaces: #12220
Signed-off-by: Alex Jia <ajia@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This test case is used for covering rhbz#1763007.
Replaces: #12221
Signed-off-by: Alex Jia <ajia@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Podman image scp should never enter the Podman UserNS unless it needs to. This allows for
a sudo exec.Command to transfer images to and from rootful storage. If this command is run using sudo,
the simple sudo podman save/load does not work, machinectl/su is necessary here.
This modification allows for both rootful and rootless transfers, and an overall change of scp to be
more of a wrapper function for different load and save calls as well as the ssh component
Signed-off-by: cdoern <cdoern@redhat.com>
Some containers require certain user account(s) to exist within the
container when they are run. This option will allow callers to add a
bunch of passwd entries from the host to the container even if the
entries are not in the local /etc/passwd file on the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
It has been deprecated and is no longer supported. Fully remove it and
only print a warning if a user uses it.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2011695
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add first non localhost ipv4 of all host interfaces as destination
for host.contaners.internal for rootless containers.
Fixes: https://github.com/containers/podman/issues/12000
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when using the default userns value, make sure its value is parsed so
that userns=auto is parsed and the options for the storage are filled.
Closes: https://github.com/containers/podman/issues/12615
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Force removal of images will also remove associated containers.
Historically, infra containers have been excluded resulting in
rather annoying errors, for instance, when running `rmi -af`.
Since there is not reasons to exclude infra containers, allow for
removing the entire pod when an infra image is force removed.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Old build tests were expecting genric error code `125` however another
commit in this PR ensures that we relay exact exit code from build to
registry.
Hence adjusting tests
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Make sure that `kill -a` is printing the IDs of killed containers.
Previously, it was only printing empty lines.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
We currently do not show --external containers when the user specifies
it, unless they also specify the --all flag. This has led to confusion.
I see no reason not to list them without the --all flag if the user
specifies the option.
Fixes: https://github.com/containers/podman/issues/12353
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Rework the --network parse logic to support multiple networks with
specific network configuration settings.
--network can now be set multiple times. For bridge network mode the
following options have been added:
- **alias=name**: Add network-scoped alias for the container.
- **ip=IPv4**: Specify a static ipv4 address for this container.
- **ip=IPv6**: Specify a static ipv6 address for this container.
- **mac=MAC**: Specify a static mac address address for this container.
- **interface_name**: Specify a name for the created network interface inside the container.
So now you can set --network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99
for the default bridge network as well as for network names.
This is better than using --ip because we can set the ip per network
without any confusion which network the ip address should be assigned
to.
The --ip, --mac-address and --network-alias options are still supported
but --ip or --mac-address can only be set when only one network is set.
This limitation already existed previously.
The ability to specify a custom network interface name is new
Fixes#11534
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The new network backend stores the networks in a map so the returned
order is not deterministic. Lets sort the network names alphabetically
to ensure a deterministic order.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2030599
When you create pod, it shares the UTS namespace with Containers.
Currently the --hostname is not passed to the pod created when
you create a container and pod in the same command.
Also fix error message on supported --share flags
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Daniel J Walsh
OpenShift Merge Robot
Ed Santiago
Valentin Rothberg
Niall Crowe
Paul Holzinger
Ashley Cui
Chris Evich
Aditya R
Giuseppe Scrivano
Romain Geissler
David Gibson
cdoern
Matthew Heon
Erik Sjölund
Valentin Rothberg