runc has a `--no-pivot` flag, that uses MS_MOVE instead.
This patch set bubbles up a runtime config to enable using no-pivot
globally.
Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
Implement the ability to pause and unpause running containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
The inspect endpoint is used mainly in the CRI-O cAdvisor handler.
Let's make sure we don't break it by adding some trivial unit tests.
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
There is cleanup code that will never get run.
This code will print out all errors and then return the last error.
This should allow for proper cleanup.
Also cleanup help to switch usage and description.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If the user provides kpod pull a short name like 'debian', we
still want the pull to be sucessful. As such, when a short
name is provided, we get the list of searchable registries via
the systemregistries code in containers-storage. We then
append a tag of 'latest' (if not provided) and we formulate
a list of possible fully-qualified image names to try.
Vendor update for containers-storage to bring in the system_registries
code.
Also includes a patch from Nalin to fix compilation errors.
Signed-off-by: baude <bbaude@redhat.com>
Stop one or more containers. Specific a timeout value
that if the stop operation exceeds, will forcibly stop
the container.
Signed-off-by: baude <bbaude@redhat.com>
The JSON output was being modified to type string, fixed that
to be of the same type as the source
This is better for further processing of the JSON output if needed
Restructured kpod history a bit as well
Signed-off-by: umohnani8 <umohnani@redhat.com>
QE noticed that kpod ps --last 0 was returning the running containers
Fixed that problem so that it returns nothing
Signed-off-by: umohnani8 <umohnani@redhat.com>
We want to drop brute force mechainism for handling image
movement, this patch experiments with moving kpod pull
to use new libpod interfaces.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When performing a tag, if a shortname was provided, tag.go would
preprend docker.io to the shortname through the ParseNormalized
function. Here we work around that such that is a short name
and tag are provided, the resulting tag will be shortname:tag. If
a shortname is provided without a tag, we append "latest" as the
tag.
Added specific tag tests too
Signed-off-by: baude <bbaude@redhat.com>
Kpod rm removes a container from the system
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: umohnani8 <umohnani@redhat.com>
Add new directory /etc/crio/hooks.d, where packagers can drop a json config
file to specify a hook.
The json must specify a valid executable to run.
The json must also specify which stage(s) to run the hook:
prestart, poststart, poststop
The json must specify under which criteria the hook should be launched
If the container HasBindMounts
If the container cmd matches a list of regular expressions
If the containers annotations matches a list of regular expressions.
If any of these match the the hook will be launched.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
kpod must parse the crio configuration file or the storage
is not set up correctly. By default it is not. We now read
/etc/crio/crio.conf in as the configuration file unless it is
overriden by the user and the global -c|--config switch.
Signed-off-by: baude <bbaude@redhat.com>
The getCommand func strips out unwanted characters around the
command of the container. The JSON output should use this func
like the regular ps output for both consistency and because
Python does a literal interpretation of the bracket [] characters
when consuming as JSON.
Signed-off-by: baude <bbaude@redhat.com>
Some kpod commands were listed twice in main.go. Removed these
duplicates and alphabetized the remaining commands to prevent this
from happening in the future
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
Consumers of the json output, like the atomic cli, need the ID of the
image for the container as well as the name. Specifically, it is used
to tract "used" and "vulnerable" images.
Signed-off-by: baude <bbaude@redhat.com>
Have the "kpod info" command also package up the driver-level status
information that the github.com/containers/storage.Store's Status()
method returns.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
No reason to carry this temporary variable for documentation purposes.
If in the future we find that it is necessary to add a CLI option, we
can add the variable then.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Changed the JSON output to hold the actual type of the data.
For example the creation time of a container will be of form time.Time.
The human readable output modifies all the fields to type string, which
is not helpful when the JSON output wants to be used for further processing.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Before exiting, have kpod shut down the storage library if it can. This
should keep us from leaving mountpoints for the root (for non-vfs cases)
and run directory (with newer containers/storage) busy when testing kpod.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We want all kpod subcommands to use the formats code to output
formats like json. Altering kpod diff --json to kpod diff --format json
like the kpod images command.
Signed-off-by: baude <bbaude@redhat.com>
Add functions to go templates such as truncating a field. Also add
the table keyword, which, if placed at the beginning of a format string,
adds headers to the output
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
This allows the container list API to return updated status
for exited container without having to call container status first.
Signed-off-by: Mrunal Patel <mpatel@redhat.com>
For kpod images, we need to output in JSON format so that consumers
(programatic) have structured input to work with.
kpod images --format json
Signed-off-by: baude <bbaude@redhat.com>
Also set default level of logging to errors, we should not see
info messages in the kpod command line.
While adding this patch, I found missing options in kpod command line
and bash completions, so I added them in.
Also fixed some sorting issues in the way commands are displayer in help or in
bash completions.
Finally fixed the error message to be output on failure using logrus.Errorf, so
we don't get the stack any longer.
Also updated README.md with missing kpod commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
kpod diff reports on differences between two layers, specified as
layer IDs, containers, or images. In the case of containers or
images, kpod diff produces a diff for the top layer
Signed-off-by: Ryan Cole <rcyoalne@gmail.com>
We add two flags --enable-metrics and --metrics-port
to enable metrics endpoint and allow specifying the
port which defaults to 9090.
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
This command will allow users to manipulate and examine the container
images from outside of the container.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>