Matt Heon and I found that a defer statement was costing podman
run dearly. We dont think the defer function was working (nor
needed) and was timing out as well. Removing this defer statement
decreased podman runtime by 1.5s or more.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #253
Approved by: baude
QE pointed out a few things missing/wrong with ps
This PR addresses those issues.
Added functionality for getting mounts and size also
Fixed a few issues with the --filter params, for
example filter with partial information.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #250
Approved by: rhatdan
When an image has a port to expose, we need to expose it. User's input overrides the
image's port information.
Also, enable port information in ps so we can see which random port is assigned.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #249
Approved by: rhatdan
Adds the ability to override the container's hostname. Also, uses
the first twelve characters of the container ID as the default hostname
if none is provided.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #248
Approved by: baude
Set up nbetworking ports for the following use cases:
* bind the same port between host and container
* bind a specific host port to a different container port
* bind a random host port to a specific container port
Signed-off-by: baude <bbaude@redhat.com>
Closes: #214
Approved by: baude
Fix errors when containers are not running.
--all, --latest, containers can not be used at same time.
Should match the output of docker stats, 0 values replaced by "--"
Should return stats right away if container is not running.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #244
Approved by: TomSweeneyRedHat
Each of these options are destructive in nature, meaning if the user
adds one of them, all current ones are removed from the produced
resolv.conf.
* dns-server allows the user to specify dns servers.
* dns-opt allows the user to specify special resolv.conf options
* dns-search allows the user to specify search domains
The add-host option is not destructive and truly just adds the host
to /etc/hosts.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #231
Approved by: mheon
Weighing in at ~1700 lines, container.go is just too big. Split
it into three files: core structs and accessors (container.go),
public API (container_api.go), and internal functions
(container_internal.go).
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
If user does not specify seccomp file or seccomp file does not exist,
then use the default seccomp settings.
Still need to not hard code /etc/crio/seccomp.json, should move this to
/usr/share/seccomp/seccomp.json
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #233
Approved by: baude
Add new functions to update pods and add/remove containers from them
Use these new functions in place of manually modifying pods
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #229
Approved by: rhatdan
This won't matter during batched operatins, but if the container
leaks outside of the Batch() function it will segfault if asked
to do any operation that locks unless this is applied
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #226
Approved by: rhatdan
Also prevent containers with dependencies from being removed from
in memory states. SQLite already enforced this via FOREIGN KEY
constraints.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #220
Approved by: rhatdan
Remove existing code for sharing namespaces and replace with use
of this API
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #220
Approved by: rhatdan
If we start a container and it does not error, we can assume the
container is now running. Subsequent API calls will sync for us
to see if it died, so we can just set ContainerStateRunning
instead of launching the runtime to explicitly get state.
The same logic applies to pause and unpause.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #223
Approved by: rhatdan
Also moves port mappings out of the SQL DB and into a file on
disk. These could get very sizable (hundred to thousands of
ports) so moving them out to a file will keep the DB small and
fast.
Finally, add a foreign key reference from container ID to
container state ID. This ensures we never get into an
inconsistent state where we have data in one table but not the
other.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #225
Approved by: baude
Disabling locking/syncing in a batched operation not yet implemented
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #222
Approved by: rhatdan
It is desirable to have a --latest switch on the podman wait
command so we can wait on the latest container created to end.
Also, fixes a panic with latest where no containers are available.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #201
Approved by: baude
This can now be handled by CNI plugins, so let them manage ports
instead.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #189
Approved by: mheon
