Windows is not guaranteed to have the SSH feature installed, so prefer the use
of the built-in ssh client for all operations other than podman machine ssh,
which requires terminal pty logic. This restores previous behavior in 4.x.
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Fix following issues:
- create container API handler ignores Annotations from HostConfig
- inspect container API handler does not provide Annotations as
part of HostConfig
Signed-off-by: diplane <diplane3d@gmail.com>
The cgroupv1 warning uses PODMAN_IGNORE_CGROUPSV1_WARNING in the code
while the text says PODMAN_CGROUPSV1_WARNING.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Follow up to 493179be45 which only fixed the issue on the server despite
me trying to fix it on the client as well, with this change here we
always correctly unset the default on the remote client as the
root/rootless status will be wrong.
This means it is enough for users to either have a new server or client
with the bug fix which should make the update process easier.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
I am really not sure why the caller even should have the option to set
this. We should always use the correct isolation type based on the
privileges the server runs under never the client. podman-remote build
seems to send the default based on its local privs which was wrong as
well. To fix this I also changed the client to send the default if the
isolation flag is not set.
Fixes#22109
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
when the "bind" option is used, do not use the "rprivate" propagation
as it would inhibit the effect of "bind", instead default to "private".
Closes: https://github.com/containers/podman/issues/22107
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
New run_minikube() helper, modeled after run_podman(). Echoes
each command being run and its output. On failure, runs minikube logs.
Addresses (does not close) #21931 which is hitting us hard in CI.
Probably quay flakes, but it's impossible to tell without logs.
Also: bug fix: one "run podman" fixed to run_podman
Signed-off-by: Ed Santiago <santiago@redhat.com>
Always teardown the network, trying to reuse the netns has caused
a significant amount of bugs in this code here. It also never worked
for containers with user namespaces. So once and for all simplify this
by never reusing the netns. Originally this was done to have a faster
restart of containers but with netavark now we are much faster so it
shouldn't be that noticeable in practice. It also makes more sense to
reconfigure the netns as it is likely that the container exited due
some broken network state in which case reusing would just cause more
harm than good.
The main motivation for this change was the pasta change to use
--dns-forward by default. As the restarted contianer had no idea what
nameserver to use as pasta just kept running.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
By default we just ignored any localhost reolvers, this is problematic
for anyone with more complicated dns setups, i.e. split dns with
systemd-reolved. To address this we now make use of the build in dns
proxy in pasta. As such we need to set the default nameserver ip now.
A second change is the option to exclude certain ips when generating the
host.containers.internal ip. With that we no longer set it to the same
ip as is used in the netns. The fix is not perfect as it could mean on a
system with a single ip we no longer add the entry, however given the
previous entry was incorrect anyway this seems like the better behavior.
Fixes#22044
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
do not generate a duplicated range when --userns=keep-id:uid=0 or
--userns=keep-id:gid=0 are used.
Closes: https://github.com/containers/podman/issues/22078
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
openshift-merge-bot[bot]
Jason T. Greene
diplane
Paul Holzinger
availhang
Garth Bushell
Giuseppe Scrivano
JiaLing Zhang
renovate[bot]
Ed Santiago