Commit Graph

2822 Commits

Author SHA1 Message Date
baude b898b19e45 podman machine init --ignition-path
allow for the user to provide an alternate ignition-file rather than the
auto-generated one.

updated docs to describe ramifications of providing an alterate ignition
file.

[NO TESTS NEEDED]

Signed-off-by: baude <bbaude@redhat.com>
2021-03-30 09:44:04 -05:00
OpenShift Merge Robot 5e28b35aa5
Merge pull request #9872 from baude/vmaltimage
podman machine init user input
2021-03-30 16:07:02 +02:00
Anders F Björklund 870beaf137 Add machine support for qemu-system-aarch64
- Build machine also for podman-linux-arm64

- Add default machine type for linux arm64

- Add the required qemu-uefi bios parameter

- Remove hardcoded outdated path and show url

Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
2021-03-29 21:53:48 +02:00
baude 236798e001 podman machine init user input
users may now provide a fully qualified local file path or a URL to seed
the disk-image to be used in the VM.

[NO TESTS NEEDED]

Signed-off-by: baude <bbaude@redhat.com>
2021-03-29 14:42:45 -05:00
OpenShift Merge Robot aa96cb6739
Merge pull request #9855 from giuseppe/fix-service-race-condition
service: use LISTEN_FDS
2021-03-29 17:40:21 +00:00
OpenShift Merge Robot 26b0ebd22f
Merge pull request #9516 from rhatdan/shrink
[NO TESTS NEEDED] Shrink the size of podman bindings
2021-03-29 17:14:26 +00:00
OpenShift Merge Robot b7bb8a1fb9
Merge pull request #9842 from AlbanBedel/play-kube-env-from-secrets
Add support for env from secrets in play kube
2021-03-29 17:10:25 +00:00
OpenShift Merge Robot bb3e8a4d13
Merge pull request #9858 from rhatdan/warn
[NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted
2021-03-29 17:04:24 +00:00
OpenShift Merge Robot 58bf62f2d1
Merge pull request #9861 from TristanCacqueray/version-swagger
[CI:DOCS] swagger: update system version response body
2021-03-29 17:01:22 +00:00
OpenShift Merge Robot 236943d3c1
Merge pull request #9848 from Luap99/fix-9776
podman generate systemd --new do not duplicate params
2021-03-29 14:32:41 +00:00
Tristan Cacqueray 48549ccc17 swagger: update system version response body
This change updates the swagger documentation of the
system version response body to match the actual
response.

Fixes: #9522
Signed-off-by: Tristan Cacqueray <tdecacqu@redhat.com>
2021-03-29 14:25:25 +00:00
OpenShift Merge Robot 8e01f48d84
Merge pull request #9844 from afbjorklund/qemu-kvm
Add machine support for more Linux distros
2021-03-29 14:10:42 +00:00
Daniel J Walsh 127400880a
[NO TESTS NEEDED] Shrink the size of podman-remote
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-03-29 09:49:45 -04:00
OpenShift Merge Robot ac3499cc96
Merge pull request #9631 from rhatdan/pull
Fix podman build --pull-never
2021-03-29 13:41:42 +00:00
Daniel J Walsh 195f340ad4
[NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted
If I run podman within a container without /sys/fs/cgroups mounted,
we get this warning, which the user can not do much about.  I don't
see a reason for requiring this warning to show by default, so we
should drop it to Info.

User can not do anything about it either, and code works well with
the somewhat expected error.

Helps fix: https://github.com/containers/podman/issues/9753

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-03-29 08:45:11 -04:00
Giuseppe Scrivano 2446bdc7bb
rootless: use is_fd_inherited
since we already have an exported function that does the check,
refactor the code to use it instead of duplicating the logic.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2021-03-29 11:44:43 +02:00
Paul Holzinger aabafc5b1b podman generate systemd --new do not duplicate params
podman generate systemd --new inserts extra idfile arguments. The
generated unit can break when the user did provide their own idfile
arguments as they overwrite the arguments added by generate systemd.
This also happens when a user tries to generate the systemd unit on
a container already create with a --new unit. This should now
create a identical unit. The solution is to remove all user provided
idfile arguments.

This commit also ensures that we do not remove arguments that are part
off the containers entrypoint.

Fixes #9776

Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
2021-03-28 20:01:17 +02:00
OpenShift Merge Robot ccbe7e9456
Merge pull request #9829 from rhatdan/rmi
[NO TESTS NEEDED] Use same function podman-remote rmi as podman
2021-03-28 17:07:45 +00:00
Alban Bedel c59eb6f12b play kube: add support for env vars defined from secrets
Add support for secretRef and secretKeyRef to allow env vars to be set
from a secret. As K8S secrets are dictionaries the secret value must
be a JSON dictionary compatible with the data field of a K8S secret
object. The keys must consist of alphanumeric characters, '-', '_'
or '.', and the values must be base64 encoded strings.

Signed-off-by: Alban Bedel <albeu@free.fr>
2021-03-28 15:03:29 +02:00
Alban Bedel e5ff694855 play kube: support optional/mandatory env var from config map
In K8S the pod creation fails if an env var reference a non existing
config map key. It can be marked as optional, but per default it is
mandatory. Podman on the other hand always treat such references as
optional.

Rework envVarsFrom() and envVarValue() to additionaly return an error
and add support for the optional attribute in configMapRef and
configMapKeyRef.

Signed-off-by: Alban Bedel <albeu@free.fr>
2021-03-28 15:02:31 +02:00
Alban Bedel 9f92b8b0d8 play kube: prepare supporting other env source than config maps
Rework envVarsFromConfigMap() and envVarValue() to simplify supporting
other env sources than config maps. For this we pass the whole spec
generator options struct as parameter instead of just the config maps
list. Then we rename envVarsFromConfigMap() to envVarsFrom() and in
envVarValue() we reposition the loop over the config maps to only run
it when a configMapRef element exists.

Signed-off-by: Alban Bedel <albeu@free.fr>
2021-03-28 15:01:24 +02:00
Anders F Björklund f606e9e3c4 Add machine support for more Linux distros
There are no regression tests for machine

[NO TESTS NEEDED]

Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
2021-03-28 13:35:56 +02:00
OpenShift Merge Robot 7e4b13b946
Merge pull request #9467 from rhatdan/buildah
[NO TESTS NEEDED] Turn on podman-remote build --isolation
2021-03-28 11:00:45 +00:00
Daniel J Walsh eb82c48cc5
[NO TESTS NEEDED] Use same function podman-remote rmi as podman
Make sure fixes that go into local podman commands also work in
podman-remote, by using the same function.

Since this is just a rewrite of existing code, existing tests should
handle it.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-03-28 06:56:44 -04:00
OpenShift Merge Robot b2e7a3e45c
Merge pull request #9836 from baude/vmcreateresize
Podman machine enhancements
2021-03-28 10:55:45 +00:00
OpenShift Merge Robot 4831d41346
Merge pull request #9838 from xordspar0/kubeVolumeErrors
Add problematic volume name to kube play error messages
2021-03-28 10:54:44 +00:00
baude 7a79f708a4 Podman machine enhancements
Podman machine remove is now called `rm`.

Podman machine create now supports resizing the image to the value of
--disk-size as provided.  The default is to 10G.

Added systemd unit file on guest via ignition that sends a Ready message
to the host over a virtio-socket so that we know when the VM is booted
and ready for use.

Podman machine commands no longer require a VM name as an argument.  A
default VM name is defined and if no VM name is provided as a arg, the
default will be used.

[NO TESTS NEEDED]

Signed-off-by: baude <bbaude@redhat.com>
2021-03-27 10:08:11 -05:00
Jordan Christiansen dce877c5ca Add problematic volume name to kube play error messages
When kube play fails to create a volume, it should say which volume had
the problem so the user doesn't have to guess. For the following pod
spec:

	apiVersion: v1
	kind: Pod
	metadata:
	  name: mypod
	spec:
	  containers:
	    - name: myfrontend
	      image: nginx
	      volumeMounts:
	      - mountPath: "/var/www/html"
		name: mypd
	  volumes:
	    - name: mypd
	      hostPath:
		path: /var/blah

podman will now report:

	Error: failed to create volume "mypd": error in parsing HostPath
	in YAML: error checking path "/var/blah": stat /var/blah: no such
	file or directory

Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
2021-03-27 09:46:30 -05:00
OpenShift Merge Robot ec47312eeb
Merge pull request #9822 from jmguzik/fix-pods-list-filters-http-api
Fix list pods filter handling in libpod api
2021-03-27 12:36:47 +00:00
Daniel J Walsh 4d51995377
Fix podman build --pull-never
Currently pull policy is set incorrectly when users set --pull-never.

Also pull-policy is not being translated correctly when using
podman-remote.

Fixes: #9573

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-03-27 05:33:30 -04:00
Daniel J Walsh 6e250c317c
[NO TESTS NEEDED] Turn on podman-remote build --isolation
Currently podman only works with --isolation chroot.  This PR
fixes this by allowing the isolation mode to default to OCI and to
also allow users to pass the isolation mode into the containers.

The current tests for --isolation should cause this code to be tested.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-03-26 22:04:14 -04:00
Jakub Guzik 85015a5e23 Fix list pods filter handling in libpod api
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
2021-03-26 20:19:12 +01:00
Daniel J Walsh dcabf6dd71
Remove resize race condition
Since podman-remote resize requests can come in at random times, this
generates a real potential for race conditions. We should only be
attempting to resize TTY on running containers, but the containers can
go from running to stopped at any time, and returning an error to the
caller is just causing noice.

This change will basically ignore requests to resize terminals if the
container is not running and return the caller to success.  All other
callers will still return failure.

Fixes: https://github.com/containers/podman/issues/9831

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2021-03-26 15:15:17 -04:00
OpenShift Merge Robot 47006d32ed
Merge pull request #9726 from tunacado/add_runroot_mount_require_to_systemd_gen
Add RequiresMountsFor= to systemd generate
2021-03-26 15:59:12 +00:00
OpenShift Merge Robot 25525ff834
Merge pull request #9820 from ashley-cui/machineinit
[NO TESTS NEEDED] Rename podman machine create to init and clean up
2021-03-26 13:45:11 +00:00
Robb Manes 748826fc88 Add RequiresMountsFor= to systemd generate
It is rare but possible that storage locations for the graphroot and the
runroot are not mounted at boot time, and therefore might race when
doing container operations.  An example we've seen in the wild is that a
slow tmpfs mount for the runroot would suddenly mount over /run, causing
the container to lose all currently-running data, requiring a system
refresh to get it back.

This patch adds RequiresMountsFor= to the systemd.unit header to ensure
the paths for both the graphroot and runroot are mounted prior to
starting any generated unit files.

Signed-off-by: Robb Manes <rmanes@redhat.com>
2021-03-26 08:53:26 -04:00
Anders F Björklund 826c228035 Fix swapped dimensions from terminal.GetSize
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
2021-03-26 07:14:47 +01:00
Ashley Cui f663857103 Rename podman machine create to init and clean up
Rename podman machine create to init because we're initing a VM, not
really creating it
Wire up CPUs flag
Suppress QEMU GUI from popping up when not in debug mode

[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
2021-03-25 17:45:27 -04:00
OpenShift Merge Robot 9e23e0b3e3
Merge pull request #9810 from jmguzik/fix-impages-filter-http-api
Fix filters list/prune in image http compat/libpod api endpoints
2021-03-25 14:40:21 -07:00
OpenShift Merge Robot 8eb36320ca
Merge pull request #9816 from jwhonce/wip/namespace
Correct json encoding field name for Namespace type
2021-03-25 11:44:00 -07:00
OpenShift Merge Robot db35674873
Merge pull request #9781 from baude/addqemu
introduce podman machine
2021-03-25 10:50:01 -07:00
Jhon Honce f5e2c53678 Correct json field name
[NO TESTS NEEDED]

* When using the Namespace type, the field Value was json encoded
  with the name "string" vs "value".

Signed-off-by: Jhon Honce <jhonce@redhat.com>
2021-03-25 09:55:13 -07:00
baude 4ab8a6f67e Improvements for machine
clean up ci failures and add appropriate arch,os exclusion tags

Signed-off-by: baude <bbaude@redhat.com>
2021-03-25 11:02:33 -05:00
Ashley Cui e766113737 Add --execute flag to podman machine ssh
--execute, -e allows to execute a command through ssh

Signed-off-by: Ashley Cui <acui@redhat.com>
2021-03-25 08:46:43 -05:00
baude b5f54a9b23 introduce podman machine
podman machine allows podman to create, manage, and interact with a vm
running some form of linux (default is fcos).  podman is then configured
to be able to interact with the vm automatically.

while this is usable on linux, the real push is to get this working on
both current apple architectures in macos.

Ashley Cui contributed to this PR and was a great help.

[NO TESTS NEEDED]

Signed-off-by: baude <bbaude@redhat.com>
2021-03-25 08:43:51 -05:00
Eduardo Vega cbf53c166d Support multi doc yaml for generate/play kube
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
2021-03-25 06:54:12 -06:00
Jakub Guzik 429a655866 Fix filters in image http compat/libpod api endpoints
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
2021-03-25 12:29:53 +01:00
OpenShift Merge Robot af91f27d85
Merge pull request #9790 from matejvasek/fix-isolation-serde
fix: build endpoint for compat API
2021-03-24 05:32:27 -07:00
Jakub Guzik 914218c1e8 Unification of until filter across list/prune endpoints
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
2021-03-24 00:56:00 +01:00
Jakub Guzik 5eab1b0742 Unification of label filter across list/prune endpoints
Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
2021-03-24 00:40:30 +01:00