podman does not use any service account token, so we set the automount flag
to false in podman generate kube.
Signed-off-by: François Poirotte <clicky@erebot.net>
Went with the podman-run version, where the "example" is
in the option template as per our guidelines.
I could not include the network- or volume-create
man pages, nor podman build.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The e2e tests are incomplete, because they're just too hard
for any human to read/maintain. This defines tests in a
table, so they're easily reviewed and updated. This makes
it very easy to see which options are actually tested and
which are not, under root/rootless cgroups v1/v2.
Signed-off-by: Ed Santiago <santiago@redhat.com>
podman update allows users to change the cgroup configuration of an existing container using the already defined resource limits flags
from podman create/run. The supported flags in crun are:
this command is also now supported in the libpod api via the /libpod/containers/<CID>/update endpoint where
the resource limits are passed inthe request body and follow the OCI resource spec format
–memory
–cpus
–cpuset-cpus
–cpuset-mems
–memory-swap
–memory-reservation
–cpu-shares
–cpu-quota
–cpu-period
–blkio-weight
–cpu-rt-period
–cpu-rt-runtime
-device-read-bps
-device-write-bps
-device-read-iops
-device-write-iops
-memory-swappiness
-blkio-weight-device
resolves#15067
Signed-off-by: Charlie Doern <cdoern@redhat.com>
Only for podman-create and -run, unfortunately: all the
others are too different, and can't easily be combined.
I went with the podman-run version because it was most
recently updated in #5192.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The format used for setting the bind-mount-options annotations
in the kube yaml was incorrect and caused k8s to throw an error
when trying to play the generated kube yaml.
Fix the annotation format to match the rules of k8s.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
See https://github.com/containers/conmon/pull/352
As of a few days ago, Ubuntu still hadn't built a fixed conmon.
Just skip the test until we get a fixed Ubuntu or until we
figure out a better solution to the test-something-RHEL8ish
problem.
UPDATE: WEIRD: this 'skip' triggered a baffling failure
on Ubuntu: the "Kubernetes only allows 63 characters"
warning message stopped appearing, on Ubuntu only, which
then caused the kube-generate tests to fail because they
actually checked for that. The message doesn't appear
because generate-kube is no longer spitting out a line
for org.opencontainers.image.base.digest/CONTAINER.
(Why this line is gone, I don't know, and choose not
to investigate). Solution: stop checking for the kube-63
warning. It's just not that important.
Signed-off-by: Ed Santiago <santiago@redhat.com>
There are concerns with Packit causing flakes and delays on Podman so
let's have Packit prove itself in other repos and only then make its way
into Podman.
See: https://github.com/containers/podman/pull/15549#issuecomment-1233230573
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Since podman doesn't set/use the needed service env
variable, always set enableServiceLinks to false in
the generated kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
If we get a SIGTERM immediately after Conmon starts but before we
record its PID in the database, we end up leaking a Conmon and
associated OCI runtime process. Inhibit shutdown using the logic
we originally wrote to prevent similar issues during container
creation to prevent this problem.
[NO NEW TESTS NEEDED] No real way to test this I can think of.
Fixes#15557
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Would've been an easy one, except I decided to fix the text
to conform to our guidelines. I haven't been doing this,
but in this case it's only two man pages and the text is
short enough to make for easy review.
Signed-off-by: Ed Santiago <santiago@redhat.com>
OpenShift Merge Robot
François Poirotte
Ed Santiago
Matthew Heon
Lokesh Mandvekar
Toshiki Sonoda
tomsweeneyredhat
Charlie Doern
Urvashi Mohnani
Doug Rabson
Matthew Heon
Daniel J Walsh
Jason Ertel