Podman is using pkg/hooks from c/common and following man page is moved
to c/common
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
PR https://github.com/containers/common/pull/1071 moved `pkg/hooks` to
`c/common` hence remove that from podman and use `pkg/hooks` from
`c/common`
[NO NEW TESTS NEEDED]
[NO TESTS NEEDED]
Signed-off-by: Aditya R <arajan@redhat.com>
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
When running a single podman logs this is not really important since we
will exit when we finish reading the logs. However for the system
service this is very important. Leaking goroutines will cause an
increased memory and CPU ussage over time.
Both the the event and log backend have goroutine leaks with both the
file and journald drivers.
The journald backend has the problem that journal.Wait(IndefiniteWait)
will block until we get a new journald event. So when a client closes
the connection the goroutine would still wait until there is a new
journal entry. To fix this we just wait for a maximum of 5 seconds,
after that we can check if the client connection was closed and exit
correctly in this case.
For the file backend we can fix this by waiting for either the log line
or context cancel at the same time. Currently it would block waiting for
new log lines and only check afterwards if the client closed the
connection and thus hang forever if there are no new log lines.
[NO NEW TESTS NEEDED] I am open to ideas how we can test memory leaks in
CI.
To test manually run a container like this:
`podman run --log-driver $driver --name test -d alpine sh -c 'i=1; while [ "$i" -ne 1000 ]; do echo "line $i"; i=$((i + 1)); done; sleep inf'`
where `$driver` can be either `journald` or `k8s-file`.
Then start the podman system service and use:
`curl -m 1 --output - --unix-socket $XDG_RUNTIME_DIR/podman/podman.sock -v 'http://d/containers/test/logs?follow=1&since=0&stderr=1&stdout=1' &>/dev/null`
to get the logs from the API and then it closes the connection after 1 second.
Now run the curl command several times and check the memory usage of the service.
Fixes#14879
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
--latest : pause/unpause the latest container.
--filter : pause/unpause the filtered container.
--cidfile : Read container ID from the specified file and pause/unpause the container.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
podman-remote has a dependency on $(SRCBINDIR), because on
Mac and Windows that's a special dir that may not exist.
But depending on a directory means depending on its mtime,
which changes every time a file in it is updated, which
means running 'make' twice in a row will rebuild podman-remote
for no good reason.
Solution: GNU Make has the concept of "order-only" prerequisites,
precisely for this situation. Use it. Since it's an obscure
feature, document it.
UPDATE: This exposed some nasty duplication wrt podman-remote rules.
Clean those up, and add comments to some confusing sections.
Fixes: #14756
(Also, drive-by edit to remove a stray misdocumented non-option)
Signed-off-by: Ed Santiago <santiago@redhat.com>
When we pause `rootless cgroups v1 container`, podman returns error from `libpod.(*Container).pause`.
Podman does not need to return error from `containers.pause` because of duplicate.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
There is a possibility that podman does not output expected error message.
(e.g. When pause rootless cgroups v1 container on host)
This problem is solved by appending `report.Errs` to `reports` before `continue`.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
Followup to #14957, which added a new test that doesn't
actually belong in the 250-systemd.bats file. It was
copy-pasted from another test that doesn't belong there.
Move both tests to a new .bats file, because (1) they
need a custom cleanup, and (2) one of the tests should
very definitely run under podman-remote, and the 250
bats file has a global skip_if_remote().
Signed-off-by: Ed Santiago <santiago@redhat.com>
- Also save the file using this convention.
- Change the general pull mechanism to print the local file
as opposed to the remote to enable this - no change in
observed behavior on mac
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
[CI:DOCS]
document the podman network create -o=isolate which allows networks to cut themselves off
from external connections.
resolves#5805
Signed-off-by: Charlie Doern <cdoern@redhat.com>
As you run --sync, please update this commit message with your
actual changes.
Changes since 2022-06-14:
- apply-podman-deltas: (minor) buildah 4057 changed the name
of a test; make corresponding change here
- apply-podman-deltas: buildah 4071 adds a new OCI-hook
test that's failing in remote. Skip it.
- apply-podman-deltas: buildah 4096 changed an error message
- apply-podman-deltas: buildah 4097 added a test that doesn't
work with podman-remote
- run-buildah-bud-tests: only run 'sudo --validate' if we
need to sudo later (for running tests). Otherwise, same
thing: I run the treadmill script, step away, and come
back to an unnecessary sudo prompt.
- system tests: the new containers-storage changes some
error messages; fix tests to reflect that. (And, unrelated,
fix a red cleanup warning)
Signed-off-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Docker supports -H and --host for specify the listening socket. Podman
should support them also in order to match the CLI.
These will not be documented since Podman defaults to using the
--url option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When initing a machine, we generate ssh keys in `$HOME/.ssh`. If there
is not .ssh dir, we should create it, so the init does not fail.
Signed-off-by: Ashley Cui <acui@redhat.com>
When initing machines, we download a machine image, and uncompress and
copy the image for the actual vm image. When a user constantly pulls new
machines, there may be a buildup of old, unused machine images. This
commit cleans ups the unused cached images.
Changes:
- If the machine is pulled from a URL or from the FCOS releases, we pull
them into XDG_DATA_HOME/containers/podman/machine/vmType/cache
- Cache cleanups only happen if there is a cache miss, and we need to
pull a new image
- For Fedora and FCOS, we actually use the cache, so we go through the
cache dir and remove any images older than 2 weeks (FCOS's release cycle), on a cache miss.
- For generic files pulled from a URL, we don't actually cache, so we
delete the pulled file immediately after creating a machine image
- For generic files from a local path, the original file will never be
cleaned up
Note that because we cache in a different dir, this will not clean up
old images pulled before this commit.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
Previously the reply JSON was examined for the literal presence of the
string 'error'. This was intended to catch server or query errors and
the like. However it's not a sound design as valid/legitimate contents
could potentially contain the string. Fix this by using the `-e` option
to `jq`, with a filter that should always result in a non-empty/null
match. If this fails or returns null for some reason, then it's safe to
throw a real error code & message.
Signed-off-by: Chris Evich <cevich@redhat.com>
Instead of requiring developers to search for a magic button, make the
task trigger at the time a special PR label is added. Update comments
accordingly.
Signed-off-by: Chris Evich <cevich@redhat.com>
Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in
getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy.
Signed-off-by: Karthik Elango <kelango@redhat.com>
I added the shorthand option for `podman pull --all-tags`. Like Docker,
Podman can now do `podman pull -a`.
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
This is a follow up to fix some of the apiv2
tests related to "podman kube play" while also
removing reduntant system tests.
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
