As long as podman uses a fork/exec model this eBPF program is able to trace the performance of each podman command and the resulting child processes from start to finish. This is an improvement to the already existing podmansnoop eBPF program which only looks at sched_process_exit and enter/exit sys_execve tracepoints.
Signed-off-by: Paul Wallrabe <54737071+raballew@users.noreply.github.com>
Make sure to tear down the netns again on errors. This is needed when a
later call fails and we do not have already stored the netns in the
container state.
[NO NEW TESTS NEEDED] My ginkgo-v2 PR will catch problem like this once
merged.
Fixes#18205
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
When using podman machine with hyperv, stop was releasing the terminal
back top the user prematurely. This resulted in users being able to run
subsequent commands while the vm was still stopped. Commands like
machine stop were prone to failing.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
The current release artifacts generation process is still fairly manual
with a bunch of steps. This commit bundles them all into a single
convenient Makefile target.
The `clean-binaries` target ends up removing `bin/`. So, the artifact
dir has been changed to `release/` instead of the current `bin/` to
avoid breaking other Makefile targets.
Related: https://github.com/containers/podman/issues/18215
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
podman machine with Microsoft HyperV will use hvsock on the guest and
vsock on the guest for its networking. this pr enables the basics for
this to happen as well as changes to ignition to automatically set this
up with network manager.
the vm binary referenced in this pr is in containers/gvisor-tap-vsock
and will need to be added to distributions.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
The documentation says
> The new Buffer takes ownership of buf, and the
> caller should not use buf after this call.
so use the more directly applicable, and simpler, bytes.Reader instead, to avoid this potentially risky use.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Windows HyperV uses HVSocks (Windows adaptation of vsock) for
communicating between vms and the host. Podman machine in Qemu uses a
virtual UDS to signal the host that the machine is booted. In HyperV,
we can use a HVSOCK for the same purpose.
One of the big aspects of using HVSOCK on Windows is that the HVSOCK
must be entered into the Windows registry. So now part of init and rm
of a podman machine, entries must be added and removed respectively.
Also duplicates are a no-no.
Signed-off-by: Brent Baude <bbaude@redhat.com>
Add instructions on how to start the netavark dhcp proxy. Also list
version requirements.
Fixes#17635
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Podman is attempting to split the headers returned by the ps
command into a list of headers. Problem is that some headers
are multi-word, and headers are not guaranteed to be split via
a tab. This PR splits the headers bases on white space, and for
the select group of CAPS headers which are multi-word, combines
them back together.
Fixes: https://github.com/containers/podman/issues/17524
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit adds Packit configuration files which will trigger rpm
builds on copr:`rhcontainerbot/packit-builds` on every PR as well as on
copr:`rhcontainerbot/podman-next` on every commit to main branch.
This commit will ensure main branch is always buildable on all supported
Fedora and CentOS Stream versions for aarch64 and x86_64.
TODO: enable build checks for s390x and ppc64le while ensuring they
don't take too long to build.
The packit builds reuse `buildah.spec.rpkg` present upstream and are
thus independent of Fedora / CentOS dist-git.
This change will remove the need for the current webhook based triggering
of rpm builds on rhcontainerbot/podman-next after commit to main.
That will be instead handled by the `trigger: commit` action added in this
PR. New builds will continue to get posted to the same link so users
don't need to change any existing copr repo configuration.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Update e2e tests not to expect the flag
System tests - explicitly set the log driver to be able to parse the output
Signed-off-by: Ygal Blum <ygal.blum@gmail.com>
Possible cause: on Debian, maybe because of fuse-overlayfs(??),
we sometimes see unexpected inode numbers.
This PR tightens the test logic, so it runs one 'stat' command
in only one podman invocation, then cross-checks multiple lines
of output. I don't know if this will really fix the flake, but
even if it doesn't, it will at least give us much more useful
diagnostic output than before.
And, as long as I'm in here, clean up test, remove duplication,
make error messages distinct (hence more useful), and comment.
Fixes: #17979
Signed-off-by: Ed Santiago <santiago@redhat.com>
Use --restart=no on all created containers. Without this, all
containers spin forever and it's impossible to get a
reliable exit status.
As a side effort, clean up tests, make more robust and maintainable.
Fixes: #18047
Signed-off-by: Ed Santiago <santiago@redhat.com>
In setup, write a containers.conf.d file with db_backend
as specified in .cirrus.yml.
This is actually much scarier and more achy-breaky than
merely "sqlite system tests": it enables sqlite in e2e
tests. ("But wait, we already do that!" -- no, not really.
sqlite in e2e is being done via --db-backend option, and
some podman commands in e2e do not use the standard options.
See #17904.
This is unlikely to get merged any time soon (March, maybe
even April) because sqlite is still too fragile; this will
trigger more flakes than are currently acceptable. Also,
the nasty auto-update flake seems to trigger much more
reliably with sqlite. We need that one fixed.
Signed-off-by: Ed Santiago <santiago@redhat.com>
