When normalizing image names on the compat API, make sure to take the
`sha256:` prefix into account when matching against the image ID.
Otherwise, the name will mistakingly be subject to docker.io
normalization.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
include the arguments used to create the user namespace to help
debugging.
[NO NEW TESTS NEEDED] it changes a debug message
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Added an option to podman machine init to declare the timezone of the
resulting machine. the default is to use the value of the host name or
else a given timezone name like America/Chicago.
Fixes: #11895
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
The libpod/images/remove endpoint is not very REST-ish but, after some
debate, was decided to be implemented as for the following reasons.
First, it allows for batch removing images which improves performance
significantly. Note that Docker does support `rmi -a`!
Second, it allows for hiding the logic of setting the right exit code to
use from the client and keep all the logic on the server.
Hence, when removing an image that does not exist, the server will
return a 200. The response, however, includes the error message to be
used *and* the exit code that podman-remote will use.
Fixes: #12441
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
We currently do not show --external containers when the user specifies
it, unless they also specify the --all flag. This has led to confusion.
I see no reason not to list them without the --all flag if the user
specifies the option.
Fixes: https://github.com/containers/podman/issues/12353
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
We have to get the network ID from the network backend. With the
netavark backend we no longer use the sha from the name as ID.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Because we cannot reqad the networking mode in the frontent because we
should always use the server default we have to parse the mac and ip
address to the server via a default network. Now when the server reads
the default nsmode it has to reject the provided networks when the mode
is not set to bridge.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
It is important that we store the current networks from the db in the
config. Also make sure to properly handle aliases and ignore static ip/mac
addresses.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Rework the --network parse logic to support multiple networks with
specific network configuration settings.
--network can now be set multiple times. For bridge network mode the
following options have been added:
- **alias=name**: Add network-scoped alias for the container.
- **ip=IPv4**: Specify a static ipv4 address for this container.
- **ip=IPv6**: Specify a static ipv6 address for this container.
- **mac=MAC**: Specify a static mac address address for this container.
- **interface_name**: Specify a name for the created network interface inside the container.
So now you can set --network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99
for the default bridge network as well as for network names.
This is better than using --ip because we can set the ip per network
without any confusion which network the ip address should be assigned
to.
The --ip, --mac-address and --network-alias options are still supported
but --ip or --mac-address can only be set when only one network is set.
This limitation already existed previously.
The ability to specify a custom network interface name is new
Fixes#11534
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add the new networks format to specgen. For api users cni_networks is
still supported to make migration easier however the static ip and mac
fields are removed.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The swagger api docs used the extra Body struct as part of the request
which is wrong. We just want the plain type.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Network connect now supports setting a static ipv4, ipv6 and mac address
for the container network. The options are added to the cli and api.
Fixes#9883
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Make sure we create new containers in the db with the correct structure.
Also remove some unneeded code for alias handling. We no longer need this
functions.
The specgen format has not been changed for now.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2030599
When you create pod, it shares the UTS namespace with Containers.
Currently the --hostname is not passed to the pod created when
you create a container and pod in the same command.
Also fix error message on supported --share flags
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Users should be able to override containers entrypoint using
`--entrypoint ""` following works fine for podman but not for podman
remote.
Specgen ignores empty argument for entrypoint so make specgen honor
empty arguments.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
GLOBAL_OPTS haven't been supported for at least two major versions of
Podman. The runlabel code is extremely fragile and I think it should
be rewritten before adding new features.
Fixes: #12436
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
If the k8s yaml has volumes from a configmap, play kube
will now create a volume based on the data from the
configmap and volume source and set it to the right path
in the container accordingly.
Add tests for this and update some test for ENV from configmap.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
rootlessNetNS.Cleanup() has an issue with how it detects if cleanup
is needed, reading the container state is not good ebough because
containers are first stopped and than cleanup will be called. So at one
time two containers could wait for cleanup but the second one will fail
because the first one triggered already the cleanup thus making rootless
netns unavailable for the second container resulting in an teardown
error. Instead of checking the container state we need to check the
netns state.
Secondly, podman unshare --rootless-netns should not do the cleanup.
This causes more issues than it is worth fixing. Users also might want
to use this to setup the namespace in a special way. If unshare also
cleans this up right away we cannot do this.
[NO NEW TESTS NEEDED]
Fixes#12459
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
