Cherry-pick #15788 to v4.2.0-rhel branch per RHBZ 2157930
In view of https://github.com/containers/storage/pull/1337, do this:
for f in $(git grep -l stringid.GenerateNonCryptoID | grep -v '^vendor/'); do
sed -i 's/stringid.GenerateNonCryptoID/stringid.GenerateRandomID/g' $f;
done
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
follow-up to 6886e80b45caae27dda81a9b44d8dd179c414580
when "podman -rm -f" is used on a container in "stopping" state, also
make sure it is terminated before removing it from the local storage.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 4cf06fe7e074cb9a09670f8308ade12f30bb958d)
check that the container has a valid pid before attempting to use
kill($PID, 0) on it. If the PID==0, it means the container is already
stopped.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 494db3e166d80ee5fad2a49195339fa0b6a4842b)
do not allow removing containers that are in the stopping state,
otherwise it can lead to a race condition where a "podman rm" removes
the container from the storage while another process is stopping the
same container.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2155828
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
(cherry picked from commit 6886e80b45caae27dda81a9b44d8dd179c414580)
When restarting a container, clean up the healthcheck state by removing
the old log on disk. Carrying over the old state can lead to various
issues, for instance, in a wrong failing streak and hence wrong
behaviour after the restart.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2144754
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
When shutting down the image engine we always wait for the image
even goroutine to finish writing any outstanding events. However,
the loop for that always waits 100msec every iteration. This means
that (depending on the phase) shutdown is always delayed up to 100msec.
This is delaying "podman run" extra much because podman is run twice
(once for the run and once as cleanup via a conmon callback).
Changing the image loop to exit immediately when a libimageEventsShutdown
(but first checking for any outstanding events to write) improves podman
run times by about 100msec on average.
Note: We can't just block on the event loop reading the shutdown event
anymore, we need to wait until it read and processed any outstanding
events, so we now send the shutdown event and then block waiting for the
channel to be closed by the event loop.
[NO NEW TESTS NEEDED]
Signed-off-by: Alexander Larsson <alexl@redhat.com>
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
Fix the "stop" on-failure action by not removing the transient systemd
timer and service during container stop. Removing the service will
in turn cause systemd to terminate the Podman process attempting to
stop the container and hence leave it in the "stopping" state.
Instead move the removal into the restart sequence.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Make sure that the on-failure actions only kick in once the health check
has passed its retries. Also fix race conditions on reading/writing the
log.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
<MH: Addressed cherry-pick conflicts>
Backported to v4.2.0-rhel per RHBZ 2097708
Signed-off-by: Matthew Heon <mheon@redhat.com>
Also, do a general cleanup of all the timeout code. Changes
include:
- Convert from int to *uint where possible. Timeouts cannot be
negative, hence the uint change; and a timeout of 0 is valid,
so we need a new way to detect that the user set a timeout
(hence, pointer).
- Change name in the database to avoid conflicts between new data
type and old one. This will cause timeouts set with 4.2.0 to be
lost, but considering nobody is using the feature at present
(and the lack of validation means we could have invalid,
negative timeouts in the DB) this feels safe.
- Ensure volume plugin timeouts can only be used with volumes
created using a plugin. Timeouts on the local driver are
nonsensical.
- Remove the existing test, as it did not use a volume plugin.
Write a new test that does.
The actual plumbing of the containers.conf timeout in is one line
in volume_api.go; the remainder are the above-described cleanups.
Backported to v4.2.0-rhel per RHBZ 2125241
Signed-off-by: Matthew Heon <mheon@redhat.com>
For systems that have extreme robustness requirements (edge devices,
particularly those in difficult to access environments), it is important
that applications continue running in all circumstances. When the
application fails, Podman must restart it automatically to provide this
robustness. Otherwise, these devices may require customer IT to
physically gain access to restart, which can be prohibitively difficult.
Add a new `--on-failure` flag that supports four actions:
- **none**: Take no action.
- **kill**: Kill the container.
- **restart**: Restart the container. Do not combine the `restart`
action with the `--restart` flag. When running inside of
a systemd unit, consider using the `kill` or `stop`
action instead to make use of systemd's restart policy.
- **stop**: Stop the container.
To remain backwards compatible, **none** is the default action.
Backport of commit aad29e759c78
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2097708
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The process of saving the OCI spec is not particularly
reboot-safe. Normally, this doesn't matter, because we recreate
the spec every time a container starts, but if one was to reboot
(or SIGKILL, or otherwise fatally interrupt) Podman in the middle
of writing the spec to disk, we can end up with a malformed spec
that sticks around until the container is next started. Some
Podman commands want to read the latest version of the spec off
disk (to get information only populated after a container is
started), and will break in the case that a partially populated
spec is present. Swap to just ignoring these errors (with a
logged warning, to let folks know something went wrong) so we
don't break important commands like `podman inspect` in these
cases.
[NO NEW TESTS NEEDED] Provided reproducer involves repeatedly
rebooting the system
Backported to v4.2.0-rhel for RHBZ 2126697
Signed-off-by: Matthew Heon <mheon@redhat.com>
Commit 30e7cbccc194 accidentally added a deadlock as Podman was waiting
for the exit code to show up when the container transitioned to stopped.
Code paths that require the exit code to be written (by the cleanup
process) should already be using `(*Container).Wait()` in a deadlock
free way.
[NO NEW TESTS NEEDED] as I did not manage to a reproducer that would
work in CI. Ultimately, it's a race condition.
Backport-for: #15492
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2124716
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2125647
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Allow the cleanup process (and others) to transition the container from
`stopping` to `exited`. This fixes a race condition detected in #14859
where the cleanup process kicks in _before_ the stopping process can
read the exit file. Prior to this fix, the cleanup process left the
container in the `stopping` state and removed the conmon files, such
that the stopping process also left the container in this state as it
could not read the exit files. Hence, `podman wait` timed out (see the
23 seconds execution time of the test [1]) due to the unexpected/invalid
state and the test failed.
Further turn the warning during stop to a debug message since it's a
natural race due to the daemonless/concurrent architecture and nothing
to worry about.
[NO NEW TESTS NEEDED] since we can only monitor if #14859 continues
flaking or not.
[1] https://storage.googleapis.com/cirrus-ci-6707778565701632-fcae48/artifacts/containers/podman/6210434704343040/html/sys-remote-fedora-36-rootless-host.log.html#t--00205Fixes: #14859
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
do not attempt to lock all containers on pod rm since it can cause
deadlocks when other podman cleanup processes are attempting to lock
the same containers in a different order.
[NO NEW TESTS NEEDED]
Closes: https://github.com/containers/podman/issues/14929
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Improve the error message when looking up the exit code of a container.
The state of the container may help us track down #14859 which flakes
rarely and is impossible to reproduce on my machine.
[NO NEW TESTS NEEDED]
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
When running a single podman logs this is not really important since we
will exit when we finish reading the logs. However for the system
service this is very important. Leaking goroutines will cause an
increased memory and CPU ussage over time.
Both the the event and log backend have goroutine leaks with both the
file and journald drivers.
The journald backend has the problem that journal.Wait(IndefiniteWait)
will block until we get a new journald event. So when a client closes
the connection the goroutine would still wait until there is a new
journal entry. To fix this we just wait for a maximum of 5 seconds,
after that we can check if the client connection was closed and exit
correctly in this case.
For the file backend we can fix this by waiting for either the log line
or context cancel at the same time. Currently it would block waiting for
new log lines and only check afterwards if the client closed the
connection and thus hang forever if there are no new log lines.
[NO NEW TESTS NEEDED] I am open to ideas how we can test memory leaks in
CI.
To test manually run a container like this:
`podman run --log-driver $driver --name test -d alpine sh -c 'i=1; while [ "$i" -ne 1000 ]; do echo "line $i"; i=$((i + 1)); done; sleep inf'`
where `$driver` can be either `journald` or `k8s-file`.
Then start the podman system service and use:
`curl -m 1 --output - --unix-socket $XDG_RUNTIME_DIR/podman/podman.sock -v 'http://d/containers/test/logs?follow=1&since=0&stderr=1&stdout=1' &>/dev/null`
to get the logs from the API and then it closes the connection after 1 second.
Now run the curl command several times and check the memory usage of the service.
Fixes#14879
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
PR https://github.com/containers/common/pull/1071 moved `pkg/hooks` to
`c/common` hence remove that from podman and use `pkg/hooks` from
`c/common`
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
NFS Servers will thrown ENOTSUPP error if you attempt to
chown a directory to the same UID and GID as the directory
already has. If volumes are stored on NFS directories this
throws an ugly error and then works on the next try.
Bottom line don't chown directories that already have the correct
UID and GID.
Fixes: https://github.com/containers/podman/issues/14766
[NO NEW TESTS NEEDED] Difficult to setup an NFS Server in testing.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
[NO NEW TESTS NEEDED]
Empty path to runtime binary was printed instead of a real path.
Before fix:
TRAC[0000] found runtime ""
TRAC[0000] found runtime ""
After:
TRAC[0000] found runtime "/usr/bin/crun"
TRAC[0000] found runtime "/usr/bin/runc"
Signed-off-by: Mikhail Khachayants <khachayants@arrival.com>
* Correct spelling and typos.
* Improve language.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
While for some call paths we may be doing this redundantly we need to
make sure the exit code is always read at this point.
[NO NEW TESTS NEEDED] as I do not manage to reproduce the issue which
is very likely caused by a code path not writing the exit code when
running concurrently.
Fixes: #14859
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
If a pod is created without net sharing, allow adding
separate ports for each container to the kube yaml
and also set the pod level hostname correctly if the
uts namespace is not being shared.
Add a warning if the default namespace sharing options
have been modified by the user.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Since conmon-rs also uses this code we moved it to c/common. Now podman
should has this also to prevent duplication.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
add support for the --uts flag in pod create, allowing users to avoid
issues with default values in containers.conf.
uts follows the same format as other namespace flags:
--uts=private (default), --uts=host, --uts=ns:PATH
resolves#13714
Signed-off-by: Charlie Doern <cdoern@redhat.com>
Previously, if a container had healthchecks disabled in the
docker-compose.yml file and the user did a `podman inspect <container>`,
they would have an incorrect output:
```
"Healthcheck":{
"Test":[
"CMD-SHELL",
"NONE"
],
"Interval":30000000000,
"Timeout":30000000000,
"Retries":3
}
```
After a quick change, the correct output is now the result:
```
"Healthcheck":{
"Test":[
"NONE"
]
}
```
Additionally, I extracted the hard-coded strings that were used for
comparisons into constants in `libpod/define` to prevent a similar issue
from recurring.
Closes: #14493
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
Make sure `Sync()` handles state transitions and exit codes correctly.
The function was only being called when batching which could render
containers in an unusable state when running concurrently with other
state-altering functions/commands since the state must be re-read from
the database before acting upon it.
Fixes: #14761
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
[NO NEW TESTS NEEDED]
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
using the new resource backend, implement podman pod create --memory which enables
users to modify memory.max inside of the parent cgroup (the pod), implicitly impacting all
children unless overriden
Signed-off-by: Charlie Doern <cdoern@redhat.com>
PR containers/podman/pull/14449 had an outdated base. Merging it broke
builds.
[NO NEW TESTS NEEDED]
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
the new version of runc has the same check in place and it
automatically resume the container if it is paused. So when Podman
tries to resume it again, it fails since the container is not in the
paused state.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2100740
[NO NEW TESTS NEEDED] the CI doesn't use a new runc on cgroup v1 systems.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
[NO NEW TESTS NEEDED] now that podman's cgroup config tries to initialize controllers, cgroupfs errors out on pod creation
we need to mimic the behavior that used to exist and only create the cgroup when running as rootful
Signed-off-by: Charlie Doern <cdoern@redhat.com>
add two new options to the volume create command: copy and nocopy.
When nocopy is specified, the files from the container image are not
copied up to the volume.
Closes: https://github.com/containers/podman/issues/14722
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
