Commit graph

265 commits

Author SHA1 Message Date
Antonio Murdaca
140f85df72
container_create: setup cwd for containers
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-03 19:23:44 +01:00
Mrunal Patel
815bb7652b
sandbox: Use first class sysctls instead of annotations
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-02 16:07:52 +01:00
Antonio Murdaca
c25530ac0b
server: implement update container resources
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-02 16:07:52 +01:00
Antonio Murdaca
7d7024999b
sandbox, ctrs: fixup seccomp for 1.8
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-11-02 16:07:52 +01:00
Daniel J Walsh
fe69289566
Merge pull request #1080 from baude/kpod_create.pr
Kpod create.pr
2017-11-01 13:44:28 -04:00
baude
b85fe5ab90 Fix conmon and runc paths for kpod tests
Tests for kpod create and run were failing because the conmon
binary was being hardcoded.  We added a  --conmon global optioni
for kpod so we could pass in the conmon path from the helpers
file during tests

Signed-off-by: baude <bbaude@redhat.com>
2017-11-01 10:53:52 -05:00
Daniel J Walsh
063b25cef5 Report error when arguments given to crio command
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-10-31 16:15:54 -04:00
baude
c6cc205b78 Reviewer comments and suggestions incorporated.
Signed-off-by: baude <bbaude@redhat.com>
2017-10-31 14:10:47 -05:00
Nalin Dahyabhai
2e5e92730a Switch to ImageServer.UntagImage in RemoveImage handler
Add an UntagImage() method to pkg/storage/ImageServer, which will check
if the passed-in NameOrID is a name.  If so, it merely removes that name
from the image, removing the image only if it was the last name that the
image had.  If the NameOrID is an image ID, the image is removed, as
RemoveImage() does.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-31 10:30:18 -04:00
Nalin Dahyabhai
3f2bc09231 Return image references in ImageStatus()
The image's canonical reference is a name with a digest of the image's
manifest, so compute and return that value as the image's reference in
ImageStatus() and in ContainerStatus().

We don't auto-store a name based on the image digest when we pull one by
tag, but then CRI doesn't need us to do that.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-31 10:29:06 -04:00
Nalin Dahyabhai
beef44840e Update kpod push test
Since we've got stable image IDs now, pushing an image from local
storage to local storage ends up attaching the both names to a single
image, so we need to update the test's expectations.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-31 10:29:05 -04:00
Daniel J Walsh
dbaf500c0b
Merge pull request #1094 from runcom/makefile-fixes
Makefile: output binaries under bin/
2017-10-31 09:07:40 -04:00
Antonio Murdaca
63b1706de8
Makefile: output binaries under bin/
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-30 17:48:29 +01:00
Antonio Murdaca
15afc4d3de
container_create: sort mounts before adding them to the spec
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2017-10-29 12:31:18 +01:00
Daniel J Walsh
fb804f5602 Merge pull request #1015 from umohnani8/authflag
Add authfile flag to pull and push
2017-10-25 06:16:58 -07:00
Daniel J Walsh
2f43183c35 Merge pull request #1068 from nalind/default-store
libpod: set the default Store to match a Runtime
2017-10-24 21:40:56 -07:00
Mrunal Patel
cd04b45540 Merge pull request #1067 from nalind/secrets-test
Fixups for crio_secrets.bats
2017-10-24 21:01:56 -07:00
Mrunal Patel
5a4ffef9d3 Merge pull request #1066 from nalind/storage-opts
tests: rename $STORAGE_OPTS to $STORAGE_OPTIONS
2017-10-24 21:01:33 -07:00
Nalin Dahyabhai
9d0d48b2ce Rename $STORAGE_OPTS to $STORAGE_OPTIONS
Rename our $STORAGE_OPTS variable to $STORAGE_OPTIONS, so that the
storage library doesn't try to use its contents as default driver
options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:52:16 -04:00
Nalin Dahyabhai
a467615423 Fixups for crio_secrets.bats
Remove the directory named by "$MOUNT_PATH", not "MOUNT_PATH".
Run "cat /proc/mounts" instead of "mount" in the test container.
Run "grep" using the "run" helper when we want to capture its output.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:49:55 -04:00
Nalin Dahyabhai
a5fb2b4b11 libpod: set the default Store to match a Runtime
When initializing a Runtime, set the default Store for the
containers-storage transport in the image library to the same one that
we're using, so that the calling process sees the same set of images
in the Runtime that it sees when going through the image library.

Update the kpod_push test so that it no longer has to specify a location
in the destination image reference, since the default should already be
passed to kpod as global options.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 21:47:10 -04:00
Nalin Dahyabhai
4af9ae4bc2 kpod_kill.bats: drop redundant variables
Drop duplicate definitions of variables that are already defined in
helpers.bash.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-24 18:17:15 -04:00
umohnani8
d855e2c8ad Add authfile flag to pull and push
Push and pull can now access any cached registry credentials from the auth file

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-24 16:32:09 -04:00
Mrunal Patel
56cda43444 test: Test for OOM condition in a loop
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
2017-10-23 21:07:22 -07:00
Mrunal Patel
542994ff2a Merge pull request #1025 from edsantiago/safer_conmon_chmod
Issue #1024: don't chmod a nonexistent file
2017-10-17 22:04:04 -07:00
Mrunal Patel
f237cdb2a5 Merge pull request #1023 from edsantiago/restore_cni_plugin
restore lost cni-plugin option
2017-10-17 15:21:39 -07:00
umohnani8
a11b1f953d Fixed logic flaw in the secrets mounts
Tested on a REHL box and found out that the mounts were not showing up
Had a logic flaw, where if the mount was "host:container"
Was setting the mount source to "host" and destination to "ctrRunDir/container"
When instead, the mount source should be "ctrRunDir/container" and destination "container"
with the data copied from "host" to "ctrRunDir/container"

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-17 13:08:42 -04:00
Ed Santiago
e24cfb90c0 fixup! Restore conmon permissions in teardown()
Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-10-17 11:00:26 -06:00
Ed Santiago
0852f5c188 Issue #1024: don't chmod a nonexistent file
New network test makes improper assumptions about conmon path.
Use predefined CONMON_BINARY variable instead.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-10-17 10:07:35 -06:00
Ed Santiago
c476706271 restore lost cni-plugin option
Commit d5b5028c undid part of my pr#953 (cni plugin path). Restore it.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-10-17 09:02:20 -06:00
TomSweeneyRedHat
54a043bfcd Update kpod load to add signature-policy (2)
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
2017-10-13 16:28:15 -04:00
Nalin Dahyabhai
ddb8fb30cc Correct our usage of the bats run helper
The bats "run" helper function sets "$status", so there's no point to
checking the value of "$status" when we haven't used the "run" helper to
run a command, and we almost always want to be checking the value after
we have used the helper.

There's no need to run commands like 'sleep' or 'rm -f' with the helper,
since they're not expected to fail, and if they do, it's probably
indicative of a larger problem that we want to allow to cause tests to
fail.

Helper functions like start_crio already check "$status" when they call
"run", so we don't need to check it again after they return.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-12 17:54:47 -04:00
Nalin Dahyabhai
a88f6840d8 Look up the container's name for kpod-stop-by-name
In the kpod-stop-by-name test, use 'kpod inspect' to look up the name of
the container, rather than predicting the name that crio will assign.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-10-12 17:54:47 -04:00
umohnani8
d1aea31786 Follow up changes on secrets patch
Deleted mounts.conf file and moved the secrets mount paths
to a list (default-mounts) in crio.conf

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-12 15:10:07 -04:00
umohnani8
d5b5028cb9 Add secrets patch to crio
Allows the user to define secret paths in /etc/containers/mounts.conf
These are then volume mounted into the container

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-11 20:00:38 -04:00
Mrunal Patel
8c83014476 Merge pull request #994 from edsantiago/safe_netcat
nc (netcat): don't block when run interactively
2017-10-10 16:23:07 -07:00
Daniel J Walsh
772f4b1515 Merge pull request #988 from umohnani8/libpod-part2
Continue switching from libkpod to libpod
2017-10-10 16:55:53 -04:00
Daniel J Walsh
680f3a09e1 Merge pull request #953 from edsantiago/parameterize_cni_plugin
Parameterize CRIO_CNI_PLUGIN
2017-10-10 16:55:03 -04:00
Ed Santiago
d54a139f6d nc (netcat): don't block when run interactively
When running the test suite interactively, "Connect to pod
hostport from the host" test hangs because nc thinks it's
got a bidirectional connection. Running with </dev/null
closes the connection after receiving the expected data,
letting the tests proceed.

This is just a suggestion for n00b-friendliness. Running
interactively is rare, but it's exactly where a n00b
will begin, and the hang costs a little time and energy
to track down.

Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-10-10 13:03:08 -06:00
umohnani8
356df5d18e Continue switching from libkpod to libpod
Refactored rmi, images, diff, and history.
Made fixes to kpod images in the way it was handing the templates as well as printing the image names

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-10-10 11:22:09 -04:00
Daniel J Walsh
974bafe012 Merge pull request #950 from sameo/topic/loglevel
main: Define -log-level option
2017-10-06 09:51:07 -04:00
Dan Williams
cc2b27132e test/network: clean up tests
Signed-off-by: Dan Williams <dcbw@redhat.com>
2017-10-05 16:41:54 -05:00
Dan Williams
8392f5f757 test: add test for network teardown on sandbox setup errors
Signed-off-by: Dan Williams <dcbw@redhat.com>
2017-10-05 16:41:54 -05:00
Samuel Ortiz
a5e5ccb365 main: Replace -debug with -log-level
Running crio with -debug is very verbose. Having more granularity
on the log level can be useful when e.g. only looking for errors.

Signed-off-by: Samuel Ortiz <sameo@linux.intel.com>
2017-10-05 22:53:20 +02:00
Nalin Dahyabhai
2491d38e03 Also refactor setting flags for running kpod
* Remove duplicate definitions of storage-related flags for kpod, since
  we set them in helpers.bash now, and the other locations that were
  also setting it were doing so after loading the definitions in
  helpers.
* Set kpod storage flags after checking if we need to force use of the
  "vfs" storage driver for cri-o, to make sure kpod also ends up with
  the same override if we're using one.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2017-09-29 16:37:07 -04:00
Daniel J Walsh
e16bb3feb3 Refactor kpod tests
Move kpod tests from kpod.bats to kpod_[commandname].bats
Also make sure all status checks have a echo $output before them.

Signed-off-by: Ryan Cole <rcyoalne@gmail.com>

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

Signed-off-by: umohnani8 <umohnani@redhat.com>
2017-09-29 16:37:07 -04:00
baude
7b062cf4c1 Add support for kpod kill
Kill one or more containers using a user-provided signal.  If not signal
is provided, KILL is used.

Signed-off-by: baude <bbaude@redhat.com>
2017-09-28 09:34:21 -05:00
Ed Santiago
b2d347d8cd Parameterize CRIO_CNI_PLUGIN
Allow overriding CRIO_CNI_PLUGIN (default: /opt/cni/bin) and
make sure it gets written to our crio.conf file. This is
intended for running cri-o tests with containernetworking-cni
rpm which installs into /usr/libexec/cni

Signed-off-by: Ed Santiago <santiago@redhat.com>
2017-09-27 14:19:20 -06:00
baude
3bf23b684a Add kpod wait
Waits on one or more containers to stop and prints the container's
return code

Signed-off-by: baude <bbaude@redhat.com>
2017-09-27 09:03:33 -05:00
Daniel J Walsh
214adee0ef Merge pull request #926 from TomSweeneyRedHat/pause
Add `kpod pause` and `kpod unpause`
2017-09-27 09:33:22 -04:00