145 Commits

Author SHA1 Message Date
bf0d359047 Remove lock existence checks when creating pods/containers
Given that we don't have a good way of cleaning up locks, these
could potential cause issues if we ever reuse a container or pod
ID

Also changes locks dir to use tmpfs, as we can't directly clean
up locks

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #138
Approved by: rhatdan
2017-12-14 18:18:16 +00:00
f820309413 Copy resolv.conf into container
For DNS to work properly, we need to copy the host's /etc/resolv.conf
into the container during Init().  We do this by copying it into the
containers rundir and then bind mounting it into the container.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #130
Approved by: baude
2017-12-14 01:12:10 +00:00
9cc0c8ae14 kpod stats
Move kpod stats to the libpod backend.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #113
Approved by: baude
2017-12-13 21:15:09 +00:00
74ee579375 Update kpod inspect to use the new container state
kpod inspect now uses the new libpod container state
and closely matches the output of docker inspect
some aspects of it are still WIP as the libpod container state
is still being worked on

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-12-12 09:46:23 -05:00
12682aa475 Merge pull request #72 from mheon/file_locking
Move containers to file locks from c/storage
2017-12-11 10:48:29 -06:00
62e19beeec Merge pull request #94 from mheon/restart
Add handling for system restart in libpod
2017-12-11 10:47:50 -06:00
e8a32e3722 kpod exec
Initial wiring of kpod exec. We wont support the following options
for exec:

* detach -- unsure of use case
* detach-keys -- not supported by runc
* interactive -- all terminals will be interactive

Not adding exec tests as we need to think about how to support a
test that requires console access but our CI tests have no console.

Signed-off-by: baude <bbaude@redhat.com>
2017-12-11 08:24:30 -06:00
8d31ec2ad7 Add Artifacts directory to containers
Create an artifacts directory in the container's
static directory so store container information
coming from outside of libpod to specified files
An example is to hold data from user specified flags
in kpod run/create such as --cap-add, --ipcMode, etc...

Signed-off-by: umohnani8 <umohnani@redhat.com>

Closes: #108
Approved by: mheon
2017-12-07 18:45:54 +00:00
b71cde19c8 Add ability to refresh state in DB
Also, ensure we always recreate runtime spec so our net namespace
paths will be correct

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-07 13:15:34 -05:00
b66287689a Do not recreate containers in runc after restart
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-06 11:15:17 -05:00
190b05209f Small comment update to make use of syncContainer more obvious
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-05 19:02:32 -05:00
ceb7fb1c60 Do not recreate OCI spec in init() if it exists
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-05 09:30:51 -05:00
92bc448624 Fix potential race condition in initializing libpod
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-04 14:45:49 -05:00
ae5aac50aa Add handling for system restart in libpod
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-04 14:29:59 -05:00
eb942b1b47 Fix lint
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-04 14:18:48 -05:00
e9298a533a Remove SQL state locking and rely on sqlite locking
Also renames some parameters from locksDir -> lockDir for
consistency.

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-04 13:40:27 -05:00
abfd18b0db Move containers to file locks from c/storage
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-12-04 13:39:44 -05:00
750fc239b5 Consolidate mount logic
There are still two places that don't use the new function,
export and mount, but both can probably be converted to it
in the future.

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #99
Approved by: rhatdan
2017-12-04 18:10:52 +00:00
1f482c9f1f You can only attach to running containers
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #98
Approved by: mheon
2017-12-04 17:53:23 +00:00
adf8809521 Add NetMode, UTSMode and IPCMode
Allow kpod create/run to create contianers in different network namespaces, uts namespaces and
IPC Namespaces.

This patch just handles the simple join the host, or another containers namespaces.

Lots more work needed to full integrate  --net

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #64
Approved by: mheon
2017-12-02 15:32:56 +00:00
1f9c8942f1 Add randomly generates container names
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #88
Approved by: baude
2017-11-30 02:03:23 +00:00
13e833a388 Change location of created runc specs to make them survive reboot
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #78
Approved by: rhatdan
2017-11-29 18:43:56 +00:00
66ed73f89f First pass at fixing test errors
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #68
Approved by: rhatdan
2017-11-29 12:15:16 +00:00
bbef986214 Fix comment on container.Stop()
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #68
Approved by: rhatdan
2017-11-29 12:15:15 +00:00
831e2c30d4 Add ability to kill and stop containers
Also migrates kpod kill and kpod stop to libpod to use the new code

Fixes force removing containers, and actually deletes containers in runc when
removing them

Start is now capable of starting even when the container is unmounted

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #68
Approved by: rhatdan
2017-11-29 12:15:15 +00:00
342ce4db50 kpod ps
Wire up kpod ps with the new libpod container backend.

Signed-off-by: baude <bbaude@redhat.com>

Closes: #67
Approved by: rhatdan
2017-11-28 14:47:35 +00:00
52ea0deee6 kpod_wait
Convert to libpod container backend

Signed-off-by: baude <bbaude@redhat.com>

Closes: #70
Approved by: rhatdan
2017-11-27 19:05:59 +00:00
b1a3b03068 Update kpod pause and unpause to use new container state
Signed-off-by: umohnani8 <umohnani@redhat.com>

Closes: #66
Approved by: mheon
2017-11-24 15:53:17 +00:00
40dce698d3 Update kpod mount and umount to use the new state
The new state for containers has been added
moved kpod mount and umount over to use it

Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>

Closes: #57
Approved by: rhatdan
2017-11-22 18:23:19 +00:00
34ba0cb8a9 Order containers returned from state and make container config public
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #63
Approved by: baude
2017-11-22 18:12:57 +00:00
2a3934f1da Update kpod export to use the new container state and runtime
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>

Closes: #59
Approved by: rhatdan
2017-11-22 16:17:06 +00:00
152882bf19 Add ability to retrieve container's log path to API
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #56
Approved by: rhatdan
2017-11-21 20:09:09 +00:00
8e76ebcf6e Add ability to update container status from runc
Wire this in to all state-bound container operations to ensure
syncronization of container state.

Also exposes PID of running containers via API.

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>

Closes: #56
Approved by: rhatdan
2017-11-21 20:09:09 +00:00
51fc8827f5 Add tests for SQL-backed state impl
Minor changes to container.go and sql_state.go to fix issues
identified by the tests

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-20 16:24:28 -05:00
4bc3acc7aa Rename Create to Init for containers to be less confusing
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-18 12:58:48 -05:00
763e372649 Wire SQL backed state into rest of libpod
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-18 12:58:48 -05:00
cb56716fc4 Address review comments, fix gofmt and lint
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-18 12:54:05 -05:00
c6fe4430b7 Compile-tested implementation of SQL-backed state
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-18 12:54:05 -05:00
d2eda1a864 Enhancements to papr tests
The PR contains several enhancements to our CI testing.

- enable lint testing on Fedora
- add Centos Atomic as test platform
- integration tests on run on the OS natively (uncontainerized)
- builds are done in containers
- inclusion of Vagrant file for local testing

Signed-off-by: baude <bbaude@redhat.com>

Closes: #18
Approved by: mheon
2017-11-17 02:07:18 +00:00
acd9c66864 Fix terminal attach
Re-order the startup of a new container via run from
initialize > start > attach to initialize > attach > start.

This fixes output when running:

kpod run -i -t IMAGE command

and

kpod run IMAGE command

Signed-off-by: baude <bbaude@redhat.com>
2017-11-15 16:27:57 -06:00
098389dc3e Parse SecurityOpts
This should turn on handling of SELinux, NoNewPrivs, seccomp and Apparmor

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Closes: #15
Approved by: rhatdan
2017-11-03 20:55:10 +00:00
92818fdfb7 Fix gofmt errors
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-11-02 15:30:39 -04:00
8cf07b2ad1 libpod create and run
patched version of the same code that went into crio

Signed-off-by: baude <bbaude@redhat.com>
2017-11-01 14:19:19 -05:00
c13f61798a Prune Server package. Convert to new github location.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-01 13:22:04 -04:00
a031b83a09 Initial checkin from CRI-O repo
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
2017-11-01 11:24:59 -04:00