Currently it double counts connections because it's incrementing the
total for both the new and active states. Based on the comments, we
should only count new connections for the total count and perform the
timer stop actions when the connection has transitioned to an active
state.
Closes#8208
Signed-off-by: Alex Schultz <aschultz@redhat.com>
When creating a container in a pod the podname was always set as
the dns entry. This is incorrect when the container is not part
of the pods network namespace. This happend both rootful and
rootless. To fix this check if we are part of the pods network
namespace and if not use the container name as dns entry.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
If the image name not a manifest list type, enable manifest inspect to return manifest of single image manifest type vnd.docker.distribution.manifest.v2+json.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Remove the search limit check since the c/image v5.6.0 supports pagination and can give result over 100 entries.
Signed-off-by: Qi Wang <qiwan@redhat.com>
The sig-proxy code is set up to error on failing to forward
signals to a container. This is reasonable in cases where the
container is running, but something strange went wrong - but when
the Kill fails because the container is stopped, we shouldn't
bother with aggressive Error logging since this is an expected
part of the container lifecycle - it stops, and then `podman run`
also stops, but there is a timing window in between where signals
will fail to be proxied, and we should not print angry errors
during that.
Signed-off-by: Matthew Heon <mheon@redhat.com>
Most of the builtin golang functions like os.Stat and
os.Open report errors including the file system object
path. We should not wrap these errors and put the file path
in a second time, causing stuttering of errors when they
get presented to the user.
This patch tries to cleanup a bunch of these errors.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Containers that share IPC Namespaces share each others
/dev/shm, which means a private /dev/shm needs to be setup
for the infra container.
Added a system test and an e2e test to make sure the
/dev/shm is shared.
Fixes: https://github.com/containers/podman/issues/8181
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The behavior should be as follows: Unset, pull if missing by
default, obey the `--pull-never` and `--pull-always` flags. Set
to false, pull never. Set to true, pull always.
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
Add a new "image" mount type to `--mount`. The source of the mount is
the name or ID of an image. The destination is the path inside the
container. Image mounts further support an optional `rw,readwrite`
parameter which if set to "true" will yield the mount writable inside
the container. Note that no changes are propagated to the image mount
on the host (which in any case is read only).
Mounts are overlay mounts. To support read-only overlay mounts, vendor
a non-release version of Buildah.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Test VMs by design are to be single-purpose, single-use, and
readily disposable. Therefore it's unnecessary to overcomplicate
storage of runtime environment variables. This commit makes these
points clear, and reorganizes all CI-related env. vars on the system
into a single location, `/etc/ci_environment`. This file is then
automatically loaded, and variables exported, (by `lib.sh`) from
`runner.sh` prior to executing all forms of testing.
Signed-off-by: Chris Evich <cevich@redhat.com>
When the OCI Runtime tries to set certain settings in cgroups
it can get the error "no such file or directory", the wrapper
ends up reporting a bogus error like:
```
Request Failed(Internal Server Error): open io.max: No such file or directory: OCI runtime command not found error
{"cause":"OCI runtime command not found error","message":"open io.max: No such file or directory: OCI runtime command not found error","response":500}
```
On first reading of this, you would think the OCI Runtime (crun or runc) were not found. But the error is actually reporting
message":"open io.max: No such file or directory
Which is what we want the user to concentrate on.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
if podman failed to join the rootless namespaces, give users a better
errror message and possible solution.
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1891220
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
If you use additional stores and pull the same image into
writable stores, you can end up with the situation where
you have the same image twice. This causes image exists
to return the wrong error. It should return true in this
situation rather then an error.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
clean the paths before checking whether its value is different than
what is stored in the db.
Closes: https://github.com/containers/podman/issues/8160
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
