* Implement API query parameter stream and delay for containers and
pods top endpoints
* Update swagger with breaking changes
* Add python API tests for endpoints
Fixes#12115
Signed-off-by: Jhon Honce <jhonce@redhat.com>
This PR fixes the case when the API return HTTP 409 response. Where the
API return the body format different then for other HTTP error codes.
Signed-off-by: Ondra Machacek <omachace@redhat.com>
Volume test: add a sequence of stat()s to confirm that volumes
are mounted as a different device than root.
Network test: add debugging code for #11825 (dnsmasq inotify
failure in bodhi only).
Signed-off-by: Ed Santiago <santiago@redhat.com>
Future testing needs dictate rootless (in addition to root) users are
able to ssh to localhost. Add ssh-key generation commands for the
rootless user, and authorize their public key.
Minor: Also remove update of `/etc/sub{uid,gid}` files, since this is
now done automatically by `{user,group}add` commands.
Signed-off-by: Chris Evich <cevich@redhat.com>
This is a cosmetic change. The help message for `podman version` is in
title case whereas all other command help messages are not in title
case. This stands out as inconsistent when looking at the output of
`podman help`.
Signed-off-by: Praveen Kumar <praveen+git@kumar.in>
Make Podman more tolerant when parsing image volumes during container
creation and further fix an infinite loop when checking them.
Consider `VOLUME ['/etc/foo', '/etc/bar']` in a Containerfile. While
it looks correct to the human eye, the single quotes are wrong and yield
the two volumes to be `[/etc/foo,` and `/etc/bar]` in Podman and Docker.
When running the container, it'll create a directory `bar]` in `/etc`
and a directory `[` in `/` with two subdirectories `etc/foo,`. This
behavior is surprising to me but how Docker behaves. We may improve on
that in the future. Note that the correct way to syntax for volumes in
a Containerfile is `VOLUME /A /B /C` or `VOLUME ["/A", "/B", "/C"]`;
single quotes are not supported.
This change restores this behavior without breaking container creation
or ending up in an infinite loop.
BZ: https://bugzilla.redhat.com/show_bug.cgi?id=2014149
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
otherwise passing a formatter string as an option causes a weird
error message:
$ podman run --mount type=devpts,destination=/dev/pts,%sfoo ...
Error: %!s(MISSING)foo: invalid mount option
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
commit 6b3b0a17c625bdf71b0ec8b783b288886d8e48d7 introduced a check for
the PID file before attempting to move the PID to a new scope.
This is still vulnerable to TOCTOU race condition though, since the
PID file or the PID can be removed/killed after the check was
successful but before it was used.
Closes: https://github.com/containers/podman/issues/12065
[NO NEW TESTS NEEDED] it fixes a CI flake
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
we are having a hard time figuring out a failure in the CI:
https://github.com/containers/podman/issues/11191
Rename the sub-cgroup created here, so we can be certain the error is
caused by this part.
[NO NEW TESTS NEEDED] we need this for the CI.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The OCICNI port format has one big problem: It does not support ranges.
So if a users forwards a range of 1k ports with podman run -p 1001-2000
we have to store each of the thousand ports individually as array element.
This bloats the db and makes the JSON encoding and decoding much slower.
In many places we already use a better port struct type which supports
ranges, e.g. `pkg/specgen` or the new network interface.
Because of this we have to do many runtime conversions between the two
port formats. If everything uses the new format we can skip the runtime
conversions.
This commit adds logic to replace all occurrences of the old format
with the new one. The database will automatically migrate the ports
to new format when the container config is read for the first time
after the update.
The `ParsePortMapping` function is `pkg/specgen/generate` has been
reworked to better work with the new format. The new logic is able
to deduplicate the given ports. This is necessary the ensure we
store them efficiently in the DB. The new code should also be more
performant than the old one.
To prove that the code is fast enough I added go benchmarks. Parsing
1 million ports took less than 0.5 seconds on my laptop.
Benchmark normalize PortMappings in specgen:
Please note that the 1 million ports are actually 20x 50k ranges
because we cannot have bigger ranges than 65535 ports.
```
$ go test -bench=. -benchmem ./pkg/specgen/generate/
goos: linux
goarch: amd64
pkg: github.com/containers/podman/v3/pkg/specgen/generate
cpu: Intel(R) Core(TM) i7-10850H CPU @ 2.70GHz
BenchmarkParsePortMappingNoPorts-12 480821532 2.230 ns/op 0 B/op 0 allocs/op
BenchmarkParsePortMapping1-12 38972 30183 ns/op 131584 B/op 9 allocs/op
BenchmarkParsePortMapping100-12 18752 60688 ns/op 141088 B/op 315 allocs/op
BenchmarkParsePortMapping1k-12 3104 331719 ns/op 223840 B/op 3018 allocs/op
BenchmarkParsePortMapping10k-12 376 3122930 ns/op 1223650 B/op 30027 allocs/op
BenchmarkParsePortMapping1m-12 3 390869926 ns/op 124593840 B/op 4000624 allocs/op
BenchmarkParsePortMappingReverse100-12 18940 63414 ns/op 141088 B/op 315 allocs/op
BenchmarkParsePortMappingReverse1k-12 3015 362500 ns/op 223841 B/op 3018 allocs/op
BenchmarkParsePortMappingReverse10k-12 343 3318135 ns/op 1223650 B/op 30027 allocs/op
BenchmarkParsePortMappingReverse1m-12 3 403392469 ns/op 124593840 B/op 4000624 allocs/op
BenchmarkParsePortMappingRange1-12 37635 28756 ns/op 131584 B/op 9 allocs/op
BenchmarkParsePortMappingRange100-12 39604 28935 ns/op 131584 B/op 9 allocs/op
BenchmarkParsePortMappingRange1k-12 38384 29921 ns/op 131584 B/op 9 allocs/op
BenchmarkParsePortMappingRange10k-12 29479 40381 ns/op 131584 B/op 9 allocs/op
BenchmarkParsePortMappingRange1m-12 927 1279369 ns/op 143022 B/op 164 allocs/op
PASS
ok github.com/containers/podman/v3/pkg/specgen/generate 25.492s
```
Benchmark convert old port format to new one:
```
go test -bench=. -benchmem ./libpod/
goos: linux
goarch: amd64
pkg: github.com/containers/podman/v3/libpod
cpu: Intel(R) Core(TM) i7-10850H CPU @ 2.70GHz
Benchmark_ocicniPortsToNetTypesPortsNoPorts-12 663526126 1.663 ns/op 0 B/op 0 allocs/op
Benchmark_ocicniPortsToNetTypesPorts1-12 7858082 141.9 ns/op 72 B/op 2 allocs/op
Benchmark_ocicniPortsToNetTypesPorts10-12 2065347 571.0 ns/op 536 B/op 4 allocs/op
Benchmark_ocicniPortsToNetTypesPorts100-12 138478 8641 ns/op 4216 B/op 4 allocs/op
Benchmark_ocicniPortsToNetTypesPorts1k-12 9414 120964 ns/op 41080 B/op 4 allocs/op
Benchmark_ocicniPortsToNetTypesPorts10k-12 781 1490526 ns/op 401528 B/op 4 allocs/op
Benchmark_ocicniPortsToNetTypesPorts1m-12 4 250579010 ns/op 40001656 B/op 4 allocs/op
PASS
ok github.com/containers/podman/v3/libpod 11.727s
```
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
`logs -f` with `journald` is supported only when `journald` events
backend is used. To pass system tests using `logs -f` in an environment
where `events_logger` is not set to `journald` in `containers.conf`,
this fix sets `--events-backend` or `--log-driver` temporally.
Signed-off-by: Hironori Shiina <shiina.hironori@jp.fujitsu.com>
A restored container still had the state set to 'Checkpointed: true'
which seems wrong if it running again.
[NO NEW TESTS NEEDED]
Signed-off-by: Adrian Reber <areber@redhat.com>
Make sure that the value is only set if specified on the CLI. c/image
already defaults to true but if set in the system context, we'd skip
settings in the registries.conf.
Fixes: #11933
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
