Commit Graph

15816 Commits

Author SHA1 Message Date
Charlie Doern c00ea686fe resource limits for pods
added the following flags and handling for podman pod create

--memory-swap
--cpuset-mems
--device-read-bps
--device-write-bps
--blkio-weight
--blkio-weight-device
--cpu-shares

given the new backend for systemd in c/common, all of these can now be exposed to pod create.
most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here
as well!

Signed-off-by: Charlie Doern <cdoern@redhat.com>
2022-07-21 14:50:01 -04:00
OpenShift Merge Robot 5f53a67742
Merge pull request #15003 from giuseppe/create-etc-passwd
libpod: create /etc/passwd if missing
2022-07-21 19:45:56 +02:00
Giuseppe Scrivano dd2b794061
libpod: create /etc/passwd if missing
create the /etc/passwd and /etc/group files if they are missing in the
image.

Closes: https://github.com/containers/podman/issues/14966

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
2022-07-21 17:58:16 +02:00
OpenShift Merge Robot 04ed519e9d
Merge pull request #15021 from Luap99/e2e-timeout-output
e2e: show command and output when a timeout happens
2022-07-21 16:08:38 +02:00
OpenShift Merge Robot 53dfc23e42
Merge pull request #14984 from Luap99/logs
fix goroutine leaks in events and logs backend
2022-07-21 14:55:31 +02:00
Paul Holzinger 3a016c6e49
e2e: show command and output when a timeout happens
To make debugging easier we should see the command and its output when a
failure happens.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-07-21 14:43:00 +02:00
OpenShift Merge Robot 5abb38238d
Merge pull request #15004 from vrothberg/fix-duplicates
podman-remote pull: fix duplicate progress outputs
2022-07-21 14:29:40 +02:00
OpenShift Merge Robot 712267ee20
Merge pull request #14980 from n1hility/fix-leak
Fix potential body leak on mid-stream read error when fetching artifact version
2022-07-21 13:03:36 +02:00
Valentin Rothberg c1f04a024a podman-remote pull: fix duplicate progress outputs
By vendoring the fixes from containers/image.  Also add a test (thanks
@edsantiago) to make sure we won't regress in the future again.

Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
2022-07-21 10:04:45 +02:00
OpenShift Merge Robot 0de7e4662e
Merge pull request #14907 from flouthoc/remove-hooks
pkg,libpod: remove `pkg/hooks` and use `hooks` from `c/common`
2022-07-21 09:19:46 +02:00
OpenShift Merge Robot 039deece50
Merge pull request #14995 from ashley-cui/machtest
Fix machine test
2022-07-20 21:56:36 +02:00
OpenShift Merge Robot dd74ef4f58
Merge pull request #14958 from cdoern/network
[CI:DOCS] document isolate option for network create
2022-07-20 19:43:19 +02:00
OpenShift Merge Robot abfdd4b00c
Merge pull request #14977 from umohnani8/init
Update init ctr default for play kube
2022-07-20 19:37:25 +02:00
Ashley Cui 139d65be82 Fix machine test
DownloadVMImage takes an extra argument.

Signed-off-by: Ashley Cui <acui@redhat.com>
2022-07-20 13:29:46 -04:00
Aditya R 8d190fc481
vendor: remove unused deps
Some deps cleaned by `make vendor`

[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
2022-07-20 21:58:08 +05:30
Aditya R 013300a7c0
Makefile: remove building pages for man5
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
2022-07-20 21:58:04 +05:30
Aditya R 19495b9fc4
makefile: remove processing of pkg/docs
Since no pkg now containers this path

[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
2022-07-20 21:58:01 +05:30
Aditya R f649851350
rpkg: remove usage of pkg/hooks
Podman is using pkg/hooks from c/common and following man page is moved
to c/common

[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
2022-07-20 21:57:57 +05:30
Aditya R ffe5da20a0
pkg,libpod: remove pkg/hooks and use hooks from c/common
PR https://github.com/containers/common/pull/1071 moved `pkg/hooks` to
`c/common` hence remove that from podman and use `pkg/hooks` from
`c/common`

[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]

Signed-off-by: Aditya R <arajan@redhat.com>
2022-07-20 21:57:50 +05:30
Urvashi Mohnani da33f10055 Update init ctr default for play kube
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2022-07-20 10:02:32 -04:00
Paul Holzinger 4e72aa5860
fix goroutine leaks in events and logs backend
When running a single podman logs this is not really important since we
will exit when we finish reading the logs. However for the system
service this is very important. Leaking goroutines will cause an
increased memory and CPU ussage over time.

Both the the event and log backend have goroutine leaks with both the
file and journald drivers.

The journald backend has the problem that journal.Wait(IndefiniteWait)
will block until we get a new journald event. So when a client closes
the connection the goroutine would still wait until there is a new
journal entry. To fix this we just wait for a maximum of 5 seconds,
after that we can check if the client connection was closed and exit
correctly in this case.

For the file backend we can fix this by waiting for either the log line
or context cancel at the same time. Currently it would block waiting for
new log lines and only check afterwards if the client closed the
connection and thus hang forever if there are no new log lines.

[NO NEW TESTS NEEDED] I am open to ideas how we can test memory leaks in
CI.
To test manually run a container like this:
`podman run --log-driver $driver  --name test -d alpine sh -c 'i=1; while [ "$i" -ne 1000 ]; do echo "line $i"; i=$((i + 1)); done; sleep inf'`
where `$driver` can be either `journald` or `k8s-file`.
Then start the podman system service and use:
`curl -m 1 --output -  --unix-socket $XDG_RUNTIME_DIR/podman/podman.sock -v 'http://d/containers/test/logs?follow=1&since=0&stderr=1&stdout=1' &>/dev/null`
to get the logs from the API and then it closes the connection after 1 second.
Now run the curl command several times and check the memory usage of the service.

Fixes #14879

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-07-20 12:55:34 +02:00
OpenShift Merge Robot 8c9eff5b12
Merge pull request #14945 from sstosh/pod-pause-cgroupv1
"podman pod pause" return error if cgroups v1 rootless container
2022-07-20 12:01:10 +02:00
Jason T. Greene a652659429 Fix potential leak on mid-stream read error
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
2022-07-19 14:06:47 -05:00
openshift-ci[bot] 6d9f34c630
Merge pull request #14961 from edsantiago/systemd_test_cleanup
system tests: new system-service bats file
2022-07-19 15:13:09 +00:00
openshift-ci[bot] 21cf30f2f8
Merge pull request #14963 from lsm5/main-remove-f35-cirrus
Cirrus: comment out f35 for podman4
2022-07-19 14:19:48 +00:00
openshift-ci[bot] 6947746bbb
Merge pull request #14962 from n1hility/improve-fetch-message
Improve download message on Windows
2022-07-19 10:22:50 +00:00
openshift-ci[bot] 870edf08e8
Merge pull request #14970 from sstosh/manifest-man-typo
[CI:DOCS] Fix typo in manifest manpage
2022-07-19 08:42:57 +00:00
Toshiki Sonoda 0a2ddc9bd6 [CI:DOCS] Fix typo in manifest manpage
rme -> rm

Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
2022-07-19 17:22:52 +09:00
Toshiki Sonoda 26ae055a24 Remove return error from "containers.pause"
When we pause `rootless cgroups v1 container`, podman returns error from `libpod.(*Container).pause`.
Podman does not need to return error from `containers.pause` because of duplicate.

[NO NEW TESTS NEEDED]

Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
2022-07-19 10:00:53 +09:00
Toshiki Sonoda eef39b69ee "pod pause/unpause/stop" append "report.Errs" to "reports"
There is a possibility that podman does not output expected error message.
(e.g. When pause rootless cgroups v1 container on host)
This problem is solved by appending `report.Errs` to `reports` before `continue`.

[NO NEW TESTS NEEDED]

Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
2022-07-19 10:00:33 +09:00
openshift-ci[bot] 252fc7cb9a
Merge pull request #14960 from rhatdan/VENDOR
Vendor in latests containers/common and opencontainers/runtime-tools
2022-07-18 19:36:38 +00:00
Lokesh Mandvekar aa1711e3d6
Cirrus: comment out f35 for podman4
We are not shipping podman4 on f35, so it's not worth CI time at
this point.

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2022-07-18 15:12:27 -04:00
Ed Santiago 1f0116817d system tests: new system-service bats file
Followup to #14957, which added a new test that doesn't
actually belong in the 250-systemd.bats file. It was
copy-pasted from another test that doesn't belong there.

Move both tests to a new .bats file, because (1) they
need a custom cleanup, and (2) one of the tests should
very definitely run under podman-remote, and the 250
bats file has a global skip_if_remote().

Signed-off-by: Ed Santiago <santiago@redhat.com>
2022-07-18 13:06:09 -06:00
Daniel J Walsh fdba0d7909
Vendor in latests containers/storage and opencontainers/runtime-tools
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-07-18 13:25:01 -04:00
openshift-ci[bot] 5e4d729434
Merge pull request #14890 from rhatdan/VENDOR
Vendor in containers/(storage,image, common, buildah)
2022-07-18 17:17:26 +00:00
openshift-ci[bot] d890c4d98e
Merge pull request #14947 from rhatdan/root
Add --host and -H as equivalent options to --url
2022-07-18 17:12:30 +00:00
Jason T. Greene 82b1d85ebe Print rootfs download as a specific version on Win
- Also save the file using this convention.
- Change the general pull mechanism to print the local file
  as opposed to the remote to enable this - no change in
  observed behavior on mac

Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
2022-07-18 10:47:21 -05:00
Charlie Doern 5763217296 document isolate option for network create
[CI:DOCS]

document the podman network create -o=isolate which allows networks to cut themselves off
from external connections.

resolves #5805

Signed-off-by: Charlie Doern <cdoern@redhat.com>
2022-07-18 11:32:13 -04:00
Ed Santiago 1aafb01a99
buildah vendor treadmill
As you run --sync, please update this commit message with your
actual changes.

Changes since 2022-06-14:
 - apply-podman-deltas: (minor) buildah 4057 changed the name
   of a test; make corresponding change here

 - apply-podman-deltas: buildah 4071 adds a new OCI-hook
   test that's failing in remote. Skip it.

 - apply-podman-deltas: buildah 4096 changed an error message

 - apply-podman-deltas: buildah 4097 added a test that doesn't
   work with podman-remote

 - run-buildah-bud-tests: only run 'sudo --validate' if we
   need to sudo later (for running tests). Otherwise, same
   thing: I run the treadmill script, step away, and come
   back to an unnecessary sudo prompt.

 - system tests: the new containers-storage changes some
   error messages; fix tests to reflect that. (And, unrelated,
   fix a red cleanup warning)

Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-07-18 10:49:33 -04:00
Daniel J Walsh f67ab1eb20
Vendor in containers/(storage,image, common, buildah)
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-07-18 10:42:04 -04:00
Daniel J Walsh 5f848d89ed
Run codespell
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-07-18 10:42:04 -04:00
Daniel J Walsh 18c0c19aa9
Add --host and -H as equivalent options to --url
Docker supports -H and --host for specify the listening socket. Podman
should support them also in order to match the CLI.

These will not be documented since Podman defaults to using the
--url option.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-07-18 10:41:00 -04:00
openshift-ci[bot] 5201ea8e41
Merge pull request #14777 from rhatdan/nfs
Use SafeChown rather then chown for volumes on NFS
2022-07-18 07:32:14 +00:00
openshift-ci[bot] b680e117ba
Merge pull request #14951 from eriksjolund/add_socket_activation_entry_to_tutorial_list
[CI:DOCS] Tutorials.rst: add socket activation
2022-07-17 10:18:24 +00:00
openshift-ci[bot] 20a3c9969f
Merge pull request #14900 from ashley-cui/machcache
Clean up cached machine images
2022-07-16 12:02:55 +00:00
Erik Sjölund c9722c0b16 [CI:DOCS] socket_activation.md: fix typo and layout
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
2022-07-16 06:41:57 +02:00
openshift-ci[bot] bbb7d4a9fb
Merge pull request #14952 from ashley-cui/ssh
Machine init: create .ssh dir if not exist
2022-07-15 21:14:40 +00:00
Ashley Cui 5f04f9961a Machine init: create .ssh dir if not exist
When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there
is not .ssh dir, we should create it, so the init does not fail.

Signed-off-by: Ashley Cui <acui@redhat.com>
2022-07-15 15:36:17 -04:00
Erik Sjölund 56cfdffe47 [CI:DOCS] Tutorials.rst: add socket activation
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
2022-07-15 17:36:33 +02:00
openshift-ci[bot] 98b22e29c9
Merge pull request #14932 from jakecorrenti/pull-all-tags-shorthand
Podman pull --all-tags shorthand option
2022-07-15 15:12:58 +00:00