During the exponential backoff waiting for the machine to be fully up
and running, also make sure that SSH is ready. The systemd dependencies
of the ready.service include the sshd.service among others but that is
not enough.
Other CoreOS users reported the same issue on IRC, so I feel fairly
confident to use the pragmatic approach of making sure SSH works on the
client side. #17403 is quite old and there are other pressing machine
issues that need attention.
[NO NEW TESTS NEEDED]
Fixes: #17403
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
The downstream `pre-sync` task action script needs GOPATH to be
specified for the golist tool mentioned in the script to work.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
When I reworked pod removal to provide more detailed errors
(including per-container errors, not just a single multierror
with all errors squashed), I made it part of the struct returned
by the REST API and assumed that would be enough to get errors
through to clients. Unfortunately, in case of an overarching
error removing the pod (as any error with any container would
cause), we don't send the response struct that would include the
container errors - we just send a standardized REST error. We
could work around this with custom, potentially backwards
incompatible error handling for the REST pod delete endpoint, or
we could just do what was done before, and package up all the
errors in a multierror to send to the other side. Of those
options, the multierror seems far simpler.
Fixes#19159
Signed-off-by: Matt Heon <mheon@redhat.com>
Reorder the table with --userns options to match the description below.
Also, reformat the Markdown to be better readable in source form.
Signed-off-by: Philipp Wagner <phw@ibm.com>
The change to use the custom dns server in aardvark-dns caused a
regression here because macvlan networks never returned the nameservers
in netavark and it also does not make sense to do so.
Instead check here if we got any network nameservers, if not we then use
the ones from the config if set otherwise fallback to host servers.
Fixes#19169
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
1.18 is EOL and we should not have to set this since the current
versions should generate compatible go.sum files anyway.
This is an attempt to fix broken renovate PRs which create a different
go.sum and thus do not pass CI checks.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Disable leaking the LISTEN_* variables into containers which are
observed to be passed by systemd even without being socket activated as
described in https://access.redhat.com/solutions/6512011.
[NO NEW TESTS NEEDED] - Ultimately, the solution 6512011 should be updated.
Fixes: bugzilla.redhat.com/show_bug.cgi?id=2180483
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
We use the name as alias but using the hostname makes also sense and
this is what docker does. We have to keep the short id as well for
docker compat.
While adding some tests I removed some duplicated tests that were
executed twice for nv for no reason.
Fixes#17370
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Since we have sqlite there is no point in duplicating this acroos two db
backends. Just set earlier when we validate the networks anyway.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
* Use vfkit command line assembly
* Inject ignition file into guest using http over vsock
* Ready notification through use of vsock
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
When fetching the user name, you need to use User.Username
instead of User.Name, as with other tests.
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
Adds a `--no-trunc` flag to `podman kube generate` preventing the
annotations from being trimmed at 63 characters. However, due to
the fact the annotations will not be trimmed, any annotation that is
longer than 63 characters means this YAML will no longer be Kubernetes
compatible. However, these YAML files can still be used with `podman
kube play` due to the addition of the new flag below.
Adds a `--no-trunc` flag to `podman kube play` supporting YAML files with
annotations that were not truncated to the Kubernetes maximum length of
63 characters.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
This commit extends `Volume` and `Network` unit definitions with two
additional parameters, `VolumeName` and `NetworkName`, which will,
respectively, set a user-defined name for the corresponding volume and
network. This is similar to how the `ContainerName` directive currently
works, and should allow for smoother transitions to Quadlet-managed
resources.
Closes: #19003
Signed-off-by: Alex Palaistras <alex@deuill.org>
...from the test name. Eliminates scary duplication.
Followup to #19053: instead of cross-checking pasta test args
against test name, eliminate the args entirely. Determine
them all from the @test name itself.
Example:
"TCP translated port range forwarding, IPv4, loopback"
| | | | | | +-- iftype=loopback
| | | | | +-------- ip_ver=4
| | | | +-------------------- bytes=1
| | | +-------------------------- range=3
| | +------------------------------- (ignored)
| +------------------------------------------ delta=1
+--------------------------------------------- proto=tcp
Signed-off-by: Ed Santiago <santiago@redhat.com>
Do not use podman info/version as they are expensive and clutter the log
for no reason. Just checking if we can connect to the socket should be
good enough and much faster.
Fix the non existing error checking, so that we actually see an useful
error when this does not work.
Also change the interval, why wait 2s for a retry lets take 100ms steps
instead.
Fixes#19010
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Previous tests have worked by pure chance since the client and server
ran on the same host; the server picked up the credentials created by
the client login.
Extend the gating tests and add a new integration test which is further
capable of exercising the remote code.
Note that fixing authentication support requires adding a new
`--authfile` CLi flag to `manifest inspect`. This will at least allow
for passing an authfile to be bindings. Username and password are not
yet supported.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
This endpoint queried the same package versions twice causing it to be
slower than info. Because it already called info we can just reuse the
package versions from there.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
