Release notes for Podman v3.3.0-RC2 #11193
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This does not include subsequent backports, which will be added later. Signed-off-by: Matthew Heon <[email protected]>
Currently we override the SELinux labels specified by the user if the container is runing a kata container or systemd container. This PR fixes to use the label specified by the user. Fixes: containers#11100 Signed-off-by: Daniel J Walsh <[email protected]>
move the container to a sub-cgroup before creating a sibling hierarchy. Signed-off-by: Giuseppe Scrivano <[email protected]>
podman info takes >20s on Gentoo, because equery is s..l..o..w. qfile is much faster and, I suspect, present in most Gentoo installations, so let's try it first. And, because packageVersion() was scarily unmaintainable, refactor it. Define a simple (string) list of packaging tools to query (rpm, dpkg, ...) and iterate until we find one that works. IMPORTANT NOTE: the Debian (and, presumably, Ubuntu) query does not include version number! There is no standard way on Debian to get a package version from a file path, you can only do it via pipes of chained commands, and I have no desire to implement that. Signed-off-by: Ed Santiago <[email protected]>
Fixes: - Do not show healthcheck status if not available or if container status is "created" (Docker behaviour) - Show healthcheck configuration if present (Config.Healthcheck) Tests: - Ensure State.Health is not present if container status is "created" - Ensure Config.Healthcheck is present and values correct - Ensure State.Health is present if container started Signed-off-by: Milivoje Legenovic <[email protected]>
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1988252 Signed-off-by: Jhon Honce <[email protected]>
To match Docker's behavior, in the `--net=host` case, we need to use the host's `/etc/hosts` file, unmodified (without adding an entry for the container). We will still respect hosts from `--add-host` but will not make any automatic changes. Fortuntely, this is strictly a matter of removal and refactoring as we already base our `/etc/hosts` on the host's version - just need to remove the code that added entries when net=host was set. Fixes containers#10319 Signed-off-by: Matthew Heon <[email protected]>
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mheon The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
Luap99
reviewed
Aug 11, 2021
RELEASE_NOTES.md
Outdated
| - The `podman stats` command now provides two additional metrics: Average CPU, and CPU time. | ||
| - The `podman pod create` command supports a new flag, `--pid`, to specify the PID namespace of the pod. If specified, containers that join the pod will automatically share its PID namespace. | ||
| - The `podman pod create` command supports a new flag, `--infra-name`, which allows the name of the pod's infra container to be set ([#10794](https://github.com/containers/podman/issues/10794)). | ||
| - The `podman auto-update` command has had its output reformatted - it is now much more clear what images were pulled and what containers wer0e updated. |
There was a problem hiding this comment.
Suggested change
| - The `podman auto-update` command has had its output reformatted - it is now much more clear what images were pulled and what containers wer0e updated. | |
| - The `podman auto-update` command has had its output reformatted - it is now much more clear what images were pulled and what containers were updated. |
edsantiago
reviewed
Aug 11, 2021
RELEASE_NOTES.md
Outdated
| - The new port forwarding offered by `podman machine` requires [gvproxy](https://github.com/containers/gvisor-tap-vsock) in order to function. | ||
| - Podman will now automatically create the default CNI network if it does not exist, for both root and rootless users. This will only be done once per user - if the network is subsequently removed, it will not be recreated. | ||
| - The `--root` option to Podman will not automatically clear all default storage options when set. Storage options can be set manually using `--storage-opt` ([#10393](https://github.com/containers/podman/issues/10393)). | ||
| - The `install.cni` makefile option has been removed. It is no longer required to distribute the default `87-podman.conflist` CNI configuration file, as Podman will not automatically create it. |
There was a problem hiding this comment.
"not automatically create it" -- should that be now? (I may be way off; my feedback is based on line 37 above).
|
Comments addressed |
rhatdan
reviewed
Aug 11, 2021
| - The `podman diff` command can now accept two arguments, allowing two images or two containers to be specified; the diff between the two will be printed ([#10649](https://github.com/containers/podman/issues/10649)). | ||
| - Podman can now optionally copy-up content from containers into volumes mounted into those containers earlier (at creation time, instead of at runtime) via the `prepare_on_create` option in `containers.conf` ([#10262](https://github.com/containers/podman/issues/10262)). | ||
| - A new option, `--gpus`, has been added to `podman create` and `podman run` as a no-op for better compatibility with Docker. If the nvidia-container-runtime package is installed, GPUs should be automatically added to containers without using the flag. | ||
| - If an invalid subcommand is provided, similar commands to try will now be suggested in the error message. |
There was a problem hiding this comment.
You don't list podman build features. I believe podman build --secrets is now supported, for example.
There was a problem hiding this comment.
podman build --secret does work
There was a problem hiding this comment.
@rhatdan If you want Buildah features, you're going to need someone else to get those release notes written up and passed over to me. Takes days to just get Podman done, I can't handle all our dependencies as well.
There was a problem hiding this comment.
@mheon I've not thought about doing buildah build RA things in here, but it makes sense. Going forward I'll try to get them to you, if not whack me upside the head.
There was a problem hiding this comment.
I didn't think this was Buildah specific, but Valenting added:
A dangling image is now considered dangling if it is “untagged” and does not have children. This now matches the definition used by Docker.
Did that get added to Podman too? I'm not finding a note about dangling here @mheon
There was a problem hiding this comment.
It did, but I did not explicitly note the change in the definition of "dangling" in the release notes, and instead noted the bugs that were fixed by this (podman image prune being too aggressive). I don't think that the definition of dangling represents much of a user-facing change.
There was a problem hiding this comment.
fair enough, thanks for the follow up.
mheon
force-pushed
the
release_notes_33
branch
from
817d7bb to
fcb7708
Compare
|
@containers/podman-maintainers PTAL. Restarted three flakes, otherwise should be good. |
RELEASE_NOTES.md
Outdated
| - The `podman stats` command now provides two additional metrics: Average CPU, and CPU time. | ||
| - The `podman pod create` command supports a new flag, `--pid`, to specify the PID namespace of the pod. If specified, containers that join the pod will automatically share its PID namespace. | ||
| - The `podman pod create` command supports a new flag, `--infra-name`, which allows the name of the pod's infra container to be set ([#10794](https://github.com/containers/podman/issues/10794)). | ||
| - The `podman auto-update` command has had its output reformatted - it is now much more clear what images were pulled and what containers were updated. |
There was a problem hiding this comment.
Suggested change
| - The `podman auto-update` command has had its output reformatted - it is now much more clear what images were pulled and what containers were updated. | |
| - The `podman auto-update` command has had its output reformatted - it is now much clearer what images were pulled and what containers were updated. |
mheon
force-pushed
the
release_notes_33
branch
from
fcb7708 to
80e1a32
Compare
|
LGTM |
mheon
force-pushed
the
release_notes_33
branch
from
cf78e54 to
ab9eb7b
Compare
|
Now also includes a revert of pod |
Currently if you execute podman unpause --all, podman pause --all Podman shows attempts to unpause containers that are not paused and prints an error. This PR catches this error and only prints errors if a paused container was not able to be unpaused. Currently if you execute podman pause --all or podman kill --all, Podman Podman shows attempts to pause or kill containers that are not running and prints an error. This PR catches this error and only prints errors if a running container was not able to be paused or killed. Also change printing of multiple errors to go to stderr and to prefix "Error: " in front to match the output of the last error. Fixes: containers#11098 Signed-off-by: Daniel J Walsh <[email protected]>
Fixes: containers#11124 Signed-off-by: Daniel J Walsh <[email protected]> Signed-off-by: Daniel J Walsh <[email protected]> Signed-off-by: Daniel J Walsh <[email protected]>
Parse Unix timestamps that contains fractional part. Signed-off-by: Matej Vasek <[email protected]>
A user contributed a one line PR that enabled logging the podman machine ssh command for debug. The user was not able to complete the submission so this PR replaces that. [NO TESTS NEEDED] Replaces containers#10798 Signed-off-by: Brent Baude <[email protected]>
The slirp4netns path can be set in the config file or with --network-cmd-path. Podman info should read the version information correctly and not use PATH in this case. Also show the slirp4netns version information to root users. Signed-off-by: Paul Holzinger <[email protected]>
Also add some missing options to podman pod create. Fixes containers#10884 Signed-off-by: Paul Holzinger <[email protected]>
Signed-off-by: Matthew Heon <[email protected]>
Signed-off-by: Matthew Heon <[email protected]>
This reverts commit bbd085a. The cgroup work to enable these has not happened yet and will not be ready in time for the release of Podman 3.3.0. Signed-off-by: Matthew Heon <[email protected]>
mheon
force-pushed
the
release_notes_33
branch
from
ab9eb7b to
7442f0b
Compare
|
LGTM |
|
/lgtm |
github-actions
bot
added
the
locked - please file new issue/PR
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Also includes backports