cockpit-project / cockpit-podman Goto Github PK
View Code? Open in Web Editor NEWCockpit UI for podman containers
License: GNU Lesser General Public License v2.1
Cockpit UI for podman containers
License: GNU Lesser General Public License v2.1
Hi all, on the cockpit container interface, how to add capabilities such as:
Thanks
Regards
Hi there,
I'm reporting an issue on Fedora 29.
I've cloned the repo, ran: make && make rpm, then installed it.
I've started cockpit and io.podman.socket, but when I try accessing http://localhost:9090/podman I see in chrome console the following errors (access-denied).
I've checked journalctl and audit.log but no issues reported in these logs.
These are the logs in Chrome console:
app.jsx:79 Failed to do GetVersion call: "access-denied"
(anonymous) @ app.jsx:79
Promise.catch (async)
componentDidMount @ app.jsx:74
commitLifeCycles @ react-dom.development.js:11505
commitAllLifeCycles @ react-dom.development.js:12294
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
commitAllWork @ react-dom.development.js:12415
workLoop @ react-dom.development.js:12687
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
performWork @ react-dom.development.js:12800
scheduleUpdateImpl @ react-dom.development.js:13185
scheduleUpdate @ react-dom.development.js:13124
scheduleTopLevelUpdate @ react-dom.development.js:13395
updateContainer @ react-dom.development.js:13425
(anonymous) @ react-dom.development.js:17105
unbatchedUpdates @ react-dom.development.js:13256
renderSubtreeIntoContainer @ react-dom.development.js:17104
render @ react-dom.development.js:17129
(anonymous) @ index.es6:26
util.js:113 Failed to do varlinkcall: "access-denied"
handleVarlinkCallError @ util.js:113
(anonymous) @ util.js:181
Promise.catch (async)
(anonymous) @ util.js:163
updateImages @ util.js:162
updateImagesAfterEvent @ app.jsx:65
componentDidMount @ app.jsx:81
commitLifeCycles @ react-dom.development.js:11505
commitAllLifeCycles @ react-dom.development.js:12294
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
commitAllWork @ react-dom.development.js:12415
workLoop @ react-dom.development.js:12687
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
performWork @ react-dom.development.js:12800
scheduleUpdateImpl @ react-dom.development.js:13185
scheduleUpdate @ react-dom.development.js:13124
scheduleTopLevelUpdate @ react-dom.development.js:13395
updateContainer @ react-dom.development.js:13425
(anonymous) @ react-dom.development.js:17105
unbatchedUpdates @ react-dom.development.js:13256
renderSubtreeIntoContainer @ react-dom.development.js:17104
render @ react-dom.development.js:17129
(anonymous) @ index.es6:26
util.js:113 Failed to do varlinkcall: "access-denied"
handleVarlinkCallError @ util.js:113
(anonymous) @ util.js:154
Promise.catch (async)
(anonymous) @ util.js:120
updateContainers @ util.js:119
updateContainersAfterEvent @ app.jsx:52
componentDidMount @ app.jsx:82
commitLifeCycles @ react-dom.development.js:11505
commitAllLifeCycles @ react-dom.development.js:12294
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
commitAllWork @ react-dom.development.js:12415
workLoop @ react-dom.development.js:12687
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
performWork @ react-dom.development.js:12800
scheduleUpdateImpl @ react-dom.development.js:13185
scheduleUpdate @ react-dom.development.js:13124
scheduleTopLevelUpdate @ react-dom.development.js:13395
updateContainer @ react-dom.development.js:13425
(anonymous) @ react-dom.development.js:17105
unbatchedUpdates @ react-dom.development.js:13256
renderSubtreeIntoContainer @ react-dom.development.js:17104
render @ react-dom.development.js:17129
(anonymous) @ index.es6:26
app.jsx:60 Failed to do Update Container: "access-denied"
(anonymous) @ app.jsx:60
Promise.catch (async)
updateContainersAfterEvent @ app.jsx:52
componentDidMount @ app.jsx:82
commitLifeCycles @ react-dom.development.js:11505
commitAllLifeCycles @ react-dom.development.js:12294
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
commitAllWork @ react-dom.development.js:12415
workLoop @ react-dom.development.js:12687
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
performWork @ react-dom.development.js:12800
scheduleUpdateImpl @ react-dom.development.js:13185
scheduleUpdate @ react-dom.development.js:13124
scheduleTopLevelUpdate @ react-dom.development.js:13395
updateContainer @ react-dom.development.js:13425
(anonymous) @ react-dom.development.js:17105
unbatchedUpdates @ react-dom.development.js:13256
renderSubtreeIntoContainer @ react-dom.development.js:17104
render @ react-dom.development.js:17129
(anonymous) @ index.es6:26
cockpit/$abe05d64423539b2657b998a8723ec71e788b42b601f640f97d1466de6228018/podman/index.html#/:1 Uncaught (in promise) access-denied
Promise.then (async)
updateImagesAfterEvent @ app.jsx:66
componentDidMount @ app.jsx:81
commitLifeCycles @ react-dom.development.js:11505
commitAllLifeCycles @ react-dom.development.js:12294
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
commitAllWork @ react-dom.development.js:12415
workLoop @ react-dom.development.js:12687
callCallback @ react-dom.development.js:1299
invokeGuardedCallbackDev @ react-dom.development.js:1338
invokeGuardedCallback @ react-dom.development.js:1195
performWork @ react-dom.development.js:12800
scheduleUpdateImpl @ react-dom.development.js:13185
scheduleUpdate @ react-dom.development.js:13124
scheduleTopLevelUpdate @ react-dom.development.js:13395
updateContainer @ react-dom.development.js:13425
(anonymous) @ react-dom.development.js:17105
unbatchedUpdates @ react-dom.development.js:13256
renderSubtreeIntoContainer @ react-dom.development.js:17104
render @ react-dom.development.js:17129
(anonymous) @ index.es6:26
Check for any outstanding update of point version of any outstanding NPM package dependency
Per this link [1], there are some limits to rootless podman. It would be useful to have the option to show/manage privileged containers (aka root user's) as a non-root user. Cockpit already has the option, at login, to re-use the password for privileged tasks.
[1] https://github.com/containers/libpod/blob/master/rootless.md
When I click on image
listing-item (the whole line) it expands. However when I click on container
it does nothing. On containers I need to click on the arrow on the left to make the item expand.
I am not sure which of these two is the right behavior, but they should behave equally. Also on containers is confusing that when I hover on the item it becomes blue, but clicking does nothing. And also containers lines become blue, but images lines become grey on hover.
There is a cockpit-docker subpackage in fedora but I don't see a cockpit-podman subpackage. Is this planned?
https://apps.fedoraproject.org/packages/cockpit/
When deleting a number of containers, the rows jumps around when others get removed. This can lead to accidentally deleting the wrong container.
Check for any outstanding update of point version of any outstanding NPM package dependency
Hi,
we had a solr pod running. That pod had problems and was creating much log output (filled with long long JAVA stack traces). The problem though was that we couldn`t use the terminal window to debug since there was so much continous logging that the browser frooze a bit all the time and the terminal window was inaccessable.
How about a stop button for the log window?
I tried to use it on rhel 8 beta.
I did make, make rpm and installed the rpm.
But it does not work. I have the podman tab and started to podman socket but the ui does not do anything.
Can someone tell me what to do? I can offer log files but I du not know where to look for them for podman cockpit ui
When I logging in using my regular user account with super priviledges (wheel group) I cannot see or manage container images/instances of that user account.
I can see and manage images/instances of containers owned by root, but not my own.
Check for any outstanding update of point version of any outstanding NPM package dependency
When logging in as a regular user with privileges (wheel group), I can see the root user's images and running instances, but it does not show who the owner of said images/instances are.
With rootless containers being a popular topic, it seems logical that there could be many different images and instances on the system owned by different users. And thus, seems logical that the display should show the owner of each to avoid confusion.
Right now we see detailed info when hovering over the text, e.g. hover over Verify and Correct File Permissions with RPM
to see
The RPM package management system can check file accesspermissions of installed software packages, including many that areimportant to system security. After locating a file with incorrect permissions, run the following command to determine which package owns it:
in the hover text.
Especially if there is more info here, I think showing it differently would be more accessible and also more discoverable. I only noticed the hover text by accident. How about using the listing pattern with expanding rows?
follow-up to cockpit-project/cockpit#5259
There are some issues with the new PF4 look. I am opening this as issues tracker. (pretty sure that @garrett and @andreasn see many little details I don't see. These are just the biggest ones even I noticed :) )
TODO:
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Podman relies on the the /etc/containers/registries.conf file to determine where container registries exist. It's most important use is to add a private registry like 'acme.com' to the list so it will search for images there first. The category to update for this in the file is [registries.search]
The file can also be used to block registries in the category [registries.block]]
or to allow for insecure registries ['insecure.io']
, being able to toggle those would be handy too, but of lesser importance.
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Cockpit version: cockpit-195-1.fc30
OS: Fedora 30
Page: Podman Containers
Start podman button does absolutely nothing for unprivileged users. Looks like it's not connected to any action. It should show some kind of error/warning message, especially because you usually don't need root privileges to use podman.
Steps to reproduce
Nothing useful in the log
-- Reboot --
Jun 13 14:10:50 localhost.localdomain systemd[1]: Starting Cockpit Web Service...
Jun 13 14:10:50 localhost.localdomain systemd[1]: Started Cockpit Web Service.
Jun 13 14:10:50 localhost.localdomain cockpit-ws[2737]: Using certificate: /etc/cockpit/ws-certs.d/0-self-signed.cert
Jun 13 14:11:01 localhost.localdomain cockpit-session[2767]: pam_ssh_add: Failed adding some keys
Jun 13 14:11:01 localhost.localdomain cockpit-session[2767]: pam_unix(cockpit:session): session opened for user zveleba by (uid=0)
Jun 13 14:11:02 localhost.localdomain cockpit-ws[2737]: logged in user session
Jun 13 14:11:03 localhost.localdomain cockpit-ws[2737]: New connection to session from 127.0.0.1
Version: cockpit-196-1.fc30, cockpit-podman-2-1.fc30, podman-1.4.0-2.fc30
The list of Containers and Images doesn't update when image/container is added/removed, whole page has to be reloaded.
This issue doesn't occur in the first session after start or restart of io.cockpit.socket, so maybe it's problem in podman.
Steps to reproduce
Check for any outstanding update of point version of any outstanding NPM package dependency
This was some leftover from PR #3, but this got landed with incomplete tests to not further drag it out. At least these tests are missing:
Support bulk delete mode.
I checked how is this supported in docker containers, and it is available only as deleting of containers from one image. Would there be usecase for deleting containers outside of image details as well?
Keep in mind #40. I think it would be better to toggle bulk delete mode, then just mark containers to be deleted and once you hit some button (or just again the same one with which you toggled into the bulk mode) it would ask if you are sure you want to delete "n" containers.
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
I figured out podman searching and timing issues a bit:
You can specify the source to search by doing site/string:
Here's an example for searching ruby packages:
# Searching everything
$ time podman search ruby | wc -l
65
podman search ruby 0.26s user 0.08s system 2% cpu 13.778 total
# Individual searches
$ time podman search docker.io/ruby | wc -l
25
podman search docker.io/ruby 0.14s user 0.03s system 10% cpu 1.623 total
$ time podman search registry.fedoraproject.org/ruby | wc -l
1
podman search registry.fedoraproject.org/ruby 0.08s user 0.02s system 5% cpu 1.867 total
$ time podman search quay.io/ruby | wc -l
25
podman search quay.io/ruby 0.08s user 0.02s system 3% cpu 2.605 total
$ time podman search registry.access.redhat.com/ruby | wc -l
11
podman search registry.access.redhat.com/ruby 0.08s user 0.02s system 6% cpu 1.697 total
$ time podman search registry.centos.org/ruby | wc -l
3
podman search registry.centos.org/ruby 0.10s user 0.03s system 3% cpu 3.383 total
The line with numbers is the number of results per repo. For the time value, check the total for the round-trip time.
Adding all the individual totals gives me 11.175 seconds, which is still less than the 13.778 seconds than the total โ but it is in the same ballpark.
Parallelizing it ourselves would cut down search results from 14 seconds total to the slowest result, which in this case is 4 seconds (CentOS is the slowest, followed by Quay) here... and we could then have a progress bar instead of a spinner (based on # of results), and that should also help things feel faster too. (Of course, people with better networks would have better results than I get too.)
Ideally, Podman itself would run the searches in tandem, but at least we should be able to work around it.
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
The container search should have an empty state. I'm not sure what it should be, but a couple of ideas come to mind:
Using previous items would mean there's still an initial empty state that's not useful. Also, it would imply we're storing something somewhere. I guess we'd have to use browser storage or cookies or something and then it's specific to that browser and host that Cockpit is running on.
Popular containers would require querying. And it probably will be irrelevant to most people too.
Showing which registries would be searched might be useful? And then there could be a link to the registries editor to add/remove/disable/enable?
I'm currently leaning to a few previous successful searches at the top with the registries that will be searched below it.
But really, I'm unsure of what would be best, or what else we might have there. Does anyone else have ideas?
Check for any outstanding update of point version of any outstanding NPM package dependency
In utils.js handleVarlinkCallError()
, don't stringify the error, but return it as-is, so that callers can handle different kinds of errors differently. There could be a separate util method to stringify an error for logging or showing to the user, of course.
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
My cockpit instances were working great until I ran it on a machine that had hundreds of docker images, and the interface slowed to a crawl and became unusable. Cleaning them up returned it back to it's original snappy state.
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
Whatever I write into filter bar, I still can see all images and containers.
How to reproduce:
Always, for example pull fedora-29
image, write ubuntu
into the filter
Actual result:
I still see fedora-29
image
Expected result:
I don't see fedora-29
image
If a container is running, and you delete it, there are two problems:
There are two dialog boxes to confirm the deletion. Only show one: If it's running, the "force delete" one, otherwise the "normal" delete.
The error message for a running container is rather unfriendly, and not translated. The UI should present this more gracefully.
Check for any outstanding update of point version of any outstanding NPM package dependency
Check for any outstanding update of point version of any outstanding NPM package dependency
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.