Tremendous amount of changes in here, but all should amount to
the same thing: changing Go import paths from v5 to v6.
Also bumped go.mod to github.com/containers/podman/v6 and updated
version to v6.0.0-dev.
Signed-off-by: Matt Heon <mheon@redhat.com>
Problem: While removing cgroupsv1 code, I noticed my neovim Go config
automatically changed fileperms to the new octal format and I didn't
want that polluting my diffs.
Decision: I thought it best to switch to the new octal format in a dedicated PR.
Action:
- Cursor switched to new octal format for all fileperm ocurrences in Go
source and test files.
- vendor/, docs/ and non-Go files were ignored.
- Reviewed manually.
Ref: https://go.dev/ref/spec#Go_1.13
Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
With the recent release of krunkit 0.2.0, a CLI option was added to
enable nested virtualization on macOS hosts with an M3 or higher. Enable
this by default. If the host does not support this feature, krunkit will
ignore the argument and continue starting the VM.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
We only use the http URL endpoint so we can remove the other code. There
is the question if we should not use direct unix sockets instead as this
seems much safer but that seems like a larger change that might need
more discussion.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Via github.com/gin-gonic/gin , this depends on _several_
large encoding / decoding packages, including a JIT
compiler. Maintaining <60 lines of code ourselves
seems well worth it.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This is faster and, to my best knowledge, is equivalent to the old code.
Remove the error return (as we don't guarantee stable API here), and
simplify callers.
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
Recently was trying to start podman machine with krunkit and got:
Error: krunkit exited unexpectedly with exit code 1
which isn't very descriptive. Although this doesn't solve the
issue, it increases the debugability of this error.
Signed-off-by: Eric Curtin <ecurtin@redhat.com>
Fix one minor issue with vfkit error handling. First checking if err !=
nil OR errors.Is() is pointless as the err != is already true.
Second nilerr complains because we return nil when we hit an error
branch, in this case this is correct because an error means VM is
stopped.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
One problem on FCOS is that the root directory is immutable, as such in
order to mount arbitrary paths from the host we must make it mutable
again and create these dir on boot in order to be able to mount there.
The current logic was racy as it used one unit for each path and they
all did chattr -i /; mkdir -p $path; chattr -i / and systemd can run
these units in parallel. That means it was possible for another unit to
make / immutable before the unit could do the mkdir. I pointed this out
on the original PR[1] but we never followed up on it...
Now this here changes several things. First have one unit that does the
chattr -i / (immutable-root-off.service), it is hooked into
remote-fs-pre.target which means it is executed before the network
mounts (virtiofs) are done.
Then we have another unit that does chattr +i /
(immutable-root-on.service) which turn the immutable root back on after
remote-fs.target which means all mount are done at this point.
Additionally the automount unit is removed because it does not add any
value for us and it was borken anyway as it used the virtiofs tag as
path so systemd just ignored it.
[1] https://github.com/containers/podman/pull/20612#discussion_r1384846241Fixes#22569
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The current timeout was not long enough. Systemd default is 90s so we
should wait for at least that long. Also it really doesn't make sense to
throw an error we saying we failed waiting for stop. We should hard
terminate the VM in case a graceful shutdown did not happen.
Fixes#22515
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
I'm hitting a bug with 9p when trying to transfer large files.
In RHEL at least 9p isn't supported because it's known to have a
lot of design flaws; virtiofsd is the supported and recommended
way to share files between a host and guest.
Add a new hidden `PODMAN_MACHINE_VIRTFS` environment
variable that can be set to `virtiofs` to switch to virtiofsd.
Signed-off-by: Colin Walters <walters@verbum.org>
When running with "log-level=debug" and libkrun as machine provider,
spawn a Terminal to execute "krunkit" to enable users to have full
access to the VMs console for debugging purposes.
Users obtain an interactive, text console with scrollback. It's possible
to interact with both the kernel and GRUB2. To obtain even additional
debugging information, users can add "console=hvc0" to the linux kernel
command line through GRUB2 (it may be worth considering extending the
initial configuration of the VM to add that argument by default).
Signed-off-by: Sergio Lopez <slp@redhat.com>
In GetDefaultDevices(), make sure MachineConfig has an AppleHypervisor
instance before attempting to access it. This fixes a SIGSEGV when
running with libkrun as machine provider.
Signed-off-by: Sergio Lopez <slp@redhat.com>
AppleHV accepts a max 36 bytes for mount tags. Instead of using the fully qualified path for the mount tag, SHA256 the path, and truncate the shasum to 36 bytes.
Also correctly escape dashes in mounted paths.
Signed-off-by: Ashley Cui <acui@redhat.com>
This PR adds libkrun support to podman machine. This is an experimental feature and should not be marketed yet. Before we unmark the experimental status on this function, we will need to have full CI support and a full podman point release has pased.
This work relies on the fact that vfkit and libkrun share a reasonably (if not perfectly) same API. The --log-level debug option will not show a GUI screen for boots as krun is not capable of this.
Signed-off-by: Brent Baude <bbaude@redhat.com>
