Added a test that checks that gvproxy properly starts and stops when running podman machine, and that containers properly forward ports to the host when running podman using machine.
Signed-off-by: Ashley Cui <acui@redhat.com>
Small fixes for bugs in the hyperv code that were made obvious when
manually preparing to run pkg/machine/e2e with windows and hyperv.
Also includes vendoring a new libhvee and solves bug where json config
was not being removed.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
in gvisor-vsock-tap upstream, there is a binary called 'vm' which is
used for routing traffic from a tap over something like vsock. In
Fedora, the binary is named 'gvforwarder'.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
the remote username was being set too "late" for hyperv and the username
for ssh connections was blank.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
As promised in #19596, this pr deduplicates and refactors image
acquisition. All virt providers that use FCOS as its default now use
the same code.
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Registers a rootless and rootful socket underneath /mnt/wsl/podman-sockets/[machine name]/
This allows podman remote clients on other Linux distributions to access podman.
This also registers the podman root socket under the wheel group, to allow for rootful
linking against /var/run/docker.sock, a use case expected by some clients and APIs.
While this is not recommended practice on a Linux host, a WSL guest is user-isolated
and already enables escalation trivially.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
Paul found logic errors in my earlier code for finding processes and
sending signals. Some of the logic errors are associated with how
methods behave on different operating systems. Created a darwin and
linux approach and a windows approach.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
While only leveraged by the WSL backend, this commit also adds core
infrastructure for all other backends for future enhancement.
- Adds a common port cross backend allocation registry to prevent duplicate
assignment across multiple machine instances
- Introduces logic in Start() that detects OS port conflicts and scans for a
viable replacement port
- Updates connection definitions and server configuration accordingly
- Utilizes a coordinated file lock strategy to prevent racing overwrites of port
and connection registries
- WSL backend coordinates locking for containers.conf until a future common
enhancement exists to replace it
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
when we stop a machine, we need to also stop the gvproxy process that is
running.
JIRA: RUN-1828
also, remove unused applehv function for ssh
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
container/common Config was recently updated to use FCOS
default names, since Windows HyperV backend needs them,
and these are common with other providers.
Map this to values the WSL backend expects.
[NO NEW TESTS NEEDED]
Signed-off-by: Jason T. Greene <jason.greene@redhat.com>
now that we have public hypverv fcos artifacts, we can download them
instead of requiring a special build.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
when init'ing a machine, if the ssh key already exists, then we get a
somewhat oblique error. here we make it clear what the problem was and
early return.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
the method caller for creating the ignition file was accidently
misordered for hyperv. this regression was caused by aa6827a6.
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Fixes non-blocking nits that were in the PR that consolidated some of
the machine code into common areas.
Fixes a capitalization error in documentation, inverts the logic in
`AddSSHConnectionsToPodmanSocket`, and uses raw strings in
`WaitAPIAndPrintInfo` instead of printing the messages line-by-line.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
After a failed start, we can run into (somehow inconsistent) states
where the machine won't start because a previous QEMU process is still
running and the PID file is being used. Stop didn't resolve the issue
as this state wasn't detected.
Allow to recover from this state by a) detecting it during start and
error out with a more helpful message than the error QEMU would
otherwise spit out, and b) by enabling stop to kill the dangling QEMU
process - even after a failed stop.
With the changes, a recovery may look as follows:
```
_ podman git:(main) _ ./bin/darwin/podman machine start
Starting machine "podman-machine-default"
Error: cannot start VM "podman-machine-default": another instance of "/opt/homebrew/bin/qemu-system-aarch64" is already running with process ID 970: please stop and restart the VM
_ podman git:(main) _ ./bin/darwin/podman machine stop
Machine "podman-machine-default" stopped successfully
_ podman git:(main) _ ./bin/darwin/podman machine start
Starting machine "podman-machine-default"
Waiting for VM ...
```
Please note that this change does not prevent us from running into such
inconsistent states but only allows for recovering from them.
[NO NEW TESTS NEEDED] - there is no reliable reproducer.
Fixes: #16054
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Moves the shared logic from `writeConfig` into a shared function in
`pkg/machine/machine_common.go`
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves most of the logic of `setRootful` to the common file
`pkg/machine/machine_common.go`.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves `removeFilesAndConnections` to the common file
`pkg/machine/connections.go` to be reused by multiple hypervisors.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves `waitAPIAndPrintInfo` into the common file
`pkg/machine/machine_common.go` allowing applehv and qemu to share the
code.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves the implementation of `addSSHConnectionsToPodmanSocket` into the
common file `pkg/machine/machine_common.go`. The implementation was
shared between the hypervisors and does not need to be implemented
multiple times.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves acquisition of an alternate image provided by the user out of
`acquireVMImage` in `pkg/machine/<hypervisor>/machine.go` and into
`pkg/machine/pull.go` as its own function.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Moves `getDevNullFiles` into a new common file,
`pkg/machine/machine_common.go`, preventing the re-implementation of the
function across the different hypervisor implementations.
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Converts new functions added in #19311 to methods and adds
documentation.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
The functions for AppleHV's VM interface implementation (machine.go) had
quite large functions. Pulls out some code that could be moved to its
own function for easier readability and maintainability.
[NO NEW TESTS NEEDED]
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
