containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
podman/libpod
History
Stefano Brivio aa47e05ae4 libpod: Add pasta networking mode 
Conceptually equivalent to networking by means of slirp4netns(1),
with a few practical differences:

- pasta(1) forks to background once networking is configured in the
  namespace and quits on its own once the namespace is deleted:
  file descriptor synchronisation and PID tracking are not needed

- port forwarding is configured via command line options at start-up,
  instead of an API socket: this is taken care of right away as we're
  about to start pasta

- there's no need for further selection of port forwarding modes:
  pasta behaves similarly to containers-rootlessport for local binds
  (splice() instead of read()/write() pairs, without L2-L4
  translation), and keeps the original source address for non-local
  connections like slirp4netns does

- IPv6 is not an experimental feature, and enabled by default. IPv6
  port forwarding is supported

- by default, addresses and routes are copied from the host, that is,
  container users will see the same IP address and routes as if they
  were in the init namespace context. The interface name is also
  sourced from the host upstream interface with the first default
  route in the routing table. This is also configurable as documented

- sandboxing and seccomp(2) policies cannot be disabled

- only rootless mode is supported.

See https://passt.top for more details about pasta.

Also add a link to the maintained build of pasta(1) manual as valid
in the man page cross-reference checks: that's where the man page
for the latest build actually is -- it's not on Github and it doesn't
match any existing pattern, so add it explicitly.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
 		2022-11-08 00:16:35 +01:00
..
define bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
driver bump go module to version 4 2022-01-18 12:47:07 +01:00
events Events for containers in pods now include the pod's ID 2022-09-22 14:18:56 -04:00
layers
linkmode go fmt: use go 1.18 conditional-build syntax 2022-03-18 09:11:53 +01:00
lock bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
logs libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
plugin bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
shutdown libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
boltdb_state.go Add support for 'image' volume driver 2022-09-22 13:07:40 -04:00
boltdb_state_freebsd.go libpod: Re-work the container's network state to help code sharing 2022-09-12 16:11:25 +01:00
boltdb_state_internal.go Add support for 'image' volume driver 2022-09-22 13:07:40 -04:00
boltdb_state_linux.go Fix stutters 2022-09-10 07:52:00 -04:00
boltdb_state_unsupported.go libpod: Add definition of containerPlatformState for FreeBSD 2022-08-23 15:31:00 +01:00
common_test.go bump go module to version 4 2022-01-18 12:47:07 +01:00
container.go Add and use Container.LinuxResource() helper 2022-10-12 13:45:49 +02:00
container_api.go Ensure that StartAndAttach locks while sending signals 2022-10-27 10:52:55 -04:00
container_commit.go Fix stutters 2022-09-10 07:52:00 -04:00
container_config.go health check: add on-failure actions 2022-09-09 13:02:05 +02:00
container_copy_common.go libpod: Implement 'podman cp' for FreeBSD 2022-09-20 08:36:23 +01:00
container_copy_freebsd.go libpod: Implement 'podman cp' for FreeBSD 2022-09-20 08:36:23 +01:00
container_copy_linux.go libpod: Move jointMountAndExec to container_copy_linux.go 2022-09-20 08:36:23 +01:00
container_copy_unsupported.go libpod: Implement 'podman cp' for FreeBSD 2022-09-20 08:36:23 +01:00
container_exec.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
container_freebsd.go libpod: Re-work the container's network state to help code sharing 2022-09-12 16:11:25 +01:00
container_graph.go Introduce graph-based pod container removal 2022-09-14 13:44:48 -04:00
container_graph_test.go bump go module to version 4 2022-01-18 12:47:07 +01:00
container_inspect.go container inspect: include image digest 2022-09-30 14:10:21 +02:00
container_inspect_freebsd.go libpod: Factor out platform-specfic code from generateInspectContainerHostConfig 2022-09-15 08:10:34 +01:00
container_inspect_linux.go libpod: Factor out platform-specfic code from generateInspectContainerHostConfig 2022-09-15 08:10:34 +01:00
container_internal.go kill: wait for the container 2022-10-14 13:21:52 +02:00
container_internal_common.go deps: bump go-criu to v6 2022-11-01 13:57:24 +05:30
container_internal_freebsd.go libpod: Factor out jail name construction from stats_freebsd.go 2022-10-17 15:33:18 +01:00
container_internal_linux.go libpod: Factor out the call to PidFdOpen from (*Container).WaitForExit 2022-10-14 13:24:32 +01:00
container_internal_linux_test.go test: use `T.TempDir` to create temporary test directory 2022-05-05 21:09:41 +08:00
container_internal_test.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
container_internal_unsupported.go libpod: Add FreeBSD implementation of container internals 2022-09-05 10:12:12 +01:00
container_linux.go libpod: Move networkDisable to container_linux.go 2022-09-05 10:12:12 +01:00
container_log.go fix goroutine leaks in events and logs backend 2022-07-20 12:55:34 +02:00
container_log_linux.go fix goroutine leaks in events and logs backend 2022-07-20 12:55:34 +02:00
container_log_unsupported.go libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
container_path_resolution.go bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
container_path_resolution_test.go libpod: fix lookup for subpath in volumes 2022-09-14 17:09:04 +02:00
container_stat_common.go libpod: Implement 'podman cp' for FreeBSD 2022-09-20 08:36:23 +01:00
container_stat_freebsd.go libpod: Implement 'podman cp' for FreeBSD 2022-09-20 08:36:23 +01:00
container_stat_linux.go libpod: Move part of (*Container).stat to container_stat_linux.go 2022-09-20 08:36:23 +01:00
container_stat_unsupported.go libpod: Implement 'podman cp' for FreeBSD 2022-09-20 08:36:23 +01:00
container_top_freebsd.go libpod: Add support for 'podman top' on FreeBSD 2022-10-17 16:43:53 +01:00
container_top_linux.go Fix stutters 2022-09-10 07:52:00 -04:00
container_top_unsupported.go libpod: Add support for 'podman top' on FreeBSD 2022-10-17 16:43:53 +01:00
container_unsupported.go libpod: Add definition of containerPlatformState for FreeBSD 2022-08-23 15:31:00 +01:00
container_validate.go auto-update: validate container image 2022-09-26 17:07:05 +02:00
diff.go libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
doc.go document that using libpod package directly is not supported 2022-03-23 19:05:29 +01:00
events.go Events for containers in pods now include the pod's ID 2022-09-22 14:18:56 -04:00
healthcheck.go health checks: make on-failure action retry aware 2022-10-07 15:43:48 +02:00
healthcheck_linux.go health checks: restart timers 2022-09-13 10:56:44 +02:00
healthcheck_unsupported.go libpod: Add stubs for non-linux builds 2022-08-17 11:45:07 +01:00
info.go Fix stutters 2022-09-10 07:52:00 -04:00
info_freebsd.go Fix stutters 2022-09-10 07:52:00 -04:00
info_linux.go Fix stutters 2022-09-10 07:52:00 -04:00
info_test.go Robust whitespace split of cpu utilization line from /proc/stat 2022-05-14 00:34:56 +00:00
info_unsupported.go libpod: Enable 'podman info' for FreeBSD 2022-08-24 10:55:52 +01:00
kube.go Add and use Container.LinuxResource() helper 2022-10-12 13:45:49 +02:00
mounts_linux.go go fmt: use go 1.18 conditional-build syntax 2022-03-18 09:11:53 +01:00
networking_common.go libpod: Add pasta networking mode 2022-11-08 00:16:35 +01:00
networking_freebsd.go libpod: Move ocicniPortsToNetTypesPorts and compareOCICNIPorts to networking_common.go 2022-09-12 16:28:47 +01:00
networking_linux.go libpod: Add pasta networking mode 2022-11-08 00:16:35 +01:00
networking_linux_test.go enable unparam linter 2022-04-25 13:23:20 +02:00
networking_machine.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
networking_pasta_linux.go libpod: Add pasta networking mode 2022-11-08 00:16:35 +01:00
networking_slirp4netns.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
networking_unsupported.go libpod: Add FreeBSD implementation of container networking 2022-09-12 16:28:35 +01:00
oci.go bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
oci_conmon.go podman: add new cgroup mode split 2020-06-25 17:16:12 +02:00
oci_conmon_attach_common.go bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
oci_conmon_attach_freebsd.go libpod: Build oci_conmon_common.go and oci_conmon_attach_common on FreeBSD 2022-08-18 08:07:30 +01:00
oci_conmon_attach_linux.go libpod: Move openUnixSocket to oci_conmon_attach_linux.go 2022-08-18 08:05:42 +01:00
oci_conmon_common.go bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
oci_conmon_exec_common.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
oci_conmon_exec_freebsd.go libpod: Factor out capabilites code from prepareProcessExec 2022-09-07 07:58:37 +01:00
oci_conmon_exec_linux.go libpod: Factor out capabilites code from prepareProcessExec 2022-09-07 07:58:37 +01:00
oci_conmon_freebsd.go libpod: Make sure writeConmonPipeData is called on FreeBSD 2022-08-29 13:04:04 +01:00
oci_conmon_linux.go Add and use Container.LinuxResource() helper 2022-10-12 13:45:49 +02:00
oci_conmon_unsupported.go libpod: Build oci_conmon_common.go and oci_conmon_attach_common on FreeBSD 2022-08-18 08:07:30 +01:00
oci_missing.go implement podman update 2022-09-01 13:02:01 -04:00
oci_util.go libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
options.go Add podman volume create --ignore 2022-10-24 17:30:31 +02:00
pod.go resource limits for pods 2022-07-21 14:50:01 -04:00
pod_api.go Fix deadlock between 'podman ps' and 'container inspect' commands 2022-10-28 10:12:34 +03:00
pod_internal.go libpod: Factor out cgroups handling from (*Pod).refresh 2022-10-07 08:26:10 +01:00
pod_internal_freebsd.go libpod: Factor out cgroups handling from (*Pod).refresh 2022-10-07 08:26:10 +01:00
pod_internal_linux.go libpod: Factor out cgroups handling from (*Pod).refresh 2022-10-07 08:26:10 +01:00
pod_status.go bump go module to version 4 2022-01-18 12:47:07 +01:00
pod_top_linux.go libpod/pod_top_linux.go: s/TODO/NOTE/ 2022-05-25 12:30:19 +02:00
pod_top_unsupported.go libpod: Add stubs for non-linux builds 2022-08-17 11:45:07 +01:00
reset.go Merge pull request #16336 from rhatdan/VENDOR 2022-10-31 09:42:08 -04:00
runtime.go Update vendor containers/(common,storage,buildah,image) 2022-10-28 06:16:22 -04:00
runtime_cstorage.go Add support for 'image' volume driver 2022-09-22 13:07:40 -04:00
runtime_ctr.go Merge pull request #16377 from giuseppe/add-check-for-valid-pod-systemd-cgroup 2022-11-04 07:59:22 -04:00
runtime_ctr_freebsd.go libpod: Don't mount /dev/shm in containers on FreeBSD 2022-09-05 10:20:50 +01:00
runtime_ctr_linux.go libpod: Don't mount /dev/shm in containers on FreeBSD 2022-09-05 10:20:50 +01:00
runtime_img.go Add support for 'image' volume driver 2022-09-22 13:07:40 -04:00
runtime_migrate.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
runtime_migrate_unsupported.go libpod: Add stubs for non-linux builds 2022-08-17 11:45:07 +01:00
runtime_pod.go libpod/runtime: switch to golang native error wrapping 2022-07-04 15:39:00 +02:00
runtime_pod_common.go libpod: Add support for 'podman pod' on FreeBSD 2022-10-07 08:27:27 +01:00
runtime_pod_freebsd.go libpod: Add support for 'podman pod' on FreeBSD 2022-10-07 08:27:27 +01:00
runtime_pod_linux.go libpod: Factor out cgroup validation from (*Runtime).NewPod 2022-10-07 08:27:27 +01:00
runtime_pod_unsupported.go libpod: Add support for 'podman pod' on FreeBSD 2022-10-07 08:27:27 +01:00
runtime_renumber.go Fix stutters 2022-09-10 07:52:00 -04:00
runtime_test.go libpod: Ensure that generated container names are random 2022-09-01 10:27:04 +01:00
runtime_volume.go libpod/runtime: switch to golang native error wrapping 2022-07-04 15:39:00 +02:00
runtime_volume_common.go Add podman volume create --ignore 2022-10-24 17:30:31 +02:00
runtime_volume_unsupported.go libpod: Add volume support for FreeBSD 2022-09-27 16:31:40 +01:00
runtime_worker.go work queue: simplify and use a wait group 2022-05-25 10:17:46 +02:00
service.go libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
state.go bump golangci-lint to v1.49.0 2022-10-17 09:19:41 +02:00
state_test.go Replace deprecated ioutil 2022-09-20 15:34:27 -04:00
stats_common.go libpod: Split out the common code from GetContainerStats 2022-09-14 08:29:26 +01:00
stats_freebsd.go libpod: Factor out jail name construction from stats_freebsd.go 2022-10-17 15:33:18 +01:00
stats_linux.go Add and use Container.LinuxResource() helper 2022-10-12 13:45:49 +02:00
stats_unsupported.go libpod: Add support for 'podman stats' on FreeBSD 2022-09-14 08:29:26 +01:00
storage.go libpod: switch to golang native error wrapping 2022-07-05 16:06:32 +02:00
util.go Fix stutters 2022-09-10 07:52:00 -04:00
util_freebsd.go libpod: Add support for 'podman pod' on FreeBSD 2022-10-07 08:27:27 +01:00
util_linux.go Fix stutters 2022-09-10 07:52:00 -04:00
util_linux_test.go Fix mismatch between log messages and behavior of libpod.LabelVolumePath. 2020-09-13 23:24:15 -04:00
util_test.go bump go module to version 4 2022-01-18 12:47:07 +01:00
util_unsupported.go libpod: Add volume support for FreeBSD 2022-09-27 16:31:40 +01:00
volume.go Merge pull request #16243 from alexlarsson/volume-create-ignore 2022-10-26 15:00:51 -04:00
volume_inspect.go Add support for 'image' volume driver 2022-09-22 13:07:40 -04:00
volume_internal.go Add support for 'image' volume driver 2022-09-22 13:07:40 -04:00
volume_internal_common.go libpod: Add volume support for FreeBSD 2022-09-27 16:31:40 +01:00
volume_internal_freebsd.go libpod: Add volume support for FreeBSD 2022-09-27 16:31:40 +01:00
volume_internal_linux.go libpod: Factor out usage of unix.MNT_DETACH from (*Volume).unmount 2022-09-27 16:31:40 +01:00
volume_internal_unsupported.go libpod: Add volume support for FreeBSD 2022-09-27 16:31:40 +01:00