summaryrefslogtreecommitdiff
path: root/docs/podman-create.1.md
diff options
context:
space:
mode:
Diffstat (limited to 'docs/podman-create.1.md')
-rw-r--r--docs/podman-create.1.md60
1 files changed, 45 insertions, 15 deletions
diff --git a/docs/podman-create.1.md b/docs/podman-create.1.md
index 9cf3e038d..4008b64e6 100644
--- a/docs/podman-create.1.md
+++ b/docs/podman-create.1.md
@@ -63,6 +63,14 @@ Add Linux capabilities
Drop Linux capabilities
+**--cgroupns**=*mode*
+
+Set the cgroup namespace mode for the container, by default **host** is used.
+ **host**: use the host's cgroup namespace inside the container.
+ **container:<NAME|ID>**: join the namespace of the specified container.
+ **private**: create a new cgroup namespace.
+ **ns:<PATH>**: join the namespace at the specified path.
+
**--cgroup-parent**=*path*
Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
@@ -206,7 +214,7 @@ Limit write rate (IO per second) to a device (e.g. --device-write-iops=/dev/sda:
**--dns**=*dns*
-Set custom DNS servers
+Set custom DNS servers. Invalid if using **--dns** and **--network** that is set to 'none' or 'container:<name|id>'.
This option can be used to override the DNS
configuration passed to the container. Typically this is necessary when the
@@ -218,11 +226,11 @@ The **/etc/resolv.conf** file in the image will be used without changes.
**--dns-option**=*option*
-Set custom DNS options
+Set custom DNS options. Invalid if using **--dns-option** and **--network** that is set to 'none' or 'container:<name|id>'.
**--dns-search**=*domain*
-Set custom DNS search domains (Use --dns-search=. if you don't wish to set the search domain)
+Set custom DNS search domains. Invalid if using **--dns-search** and **--network** that is set to 'none' or 'container:<name|id>'. (Use --dns-search=. if you don't wish to set the search domain)
**--entrypoint**=*"command"* | *'["command", "arg1", ...]'*
@@ -245,13 +253,17 @@ You need to specify multi option commands in the form of a json string.
Set environment variables
-This option allows you to specify arbitrary
-environment variables that are available for the process that will be launched
-inside of the container.
+This option allows you to specify arbitrary environment variables that are available for the process that will be launched inside of the container. If you specify a environment variable without a value, podman will check the host environment for a value or set the environment to "". If you specify a environment variable ending in --*--, podman will search the host environment for variables starting with the prefix and add them to the container. If you want to add an environment variable with a ***** following it, then you need to set a value.
+
+See **Environment** note below for precedence.
+
+**--env-host**=*true|false*
+
+Use host environment inside of the container. See **Environment** note below for precedence.
**--env-file**=*file*
-Read in a line delimited file of environment variables
+Read in a line delimited file of environment variables. See **Environment** note below for precedence.
**--expose**=*port*
@@ -268,26 +280,29 @@ The following example maps uids 0-2000 in the container to the uids 30000-31999
Add additional groups to run as
-**--healthcheck-command**=*command*
+**--health-cmd**=*"command"* | *'["command", "arg1", ...]'*
Set or alter a healthcheck command for a container. The command is a command to be executed inside your
container that determines your container health. The command is required for other healthcheck options
to be applied. A value of `none` disables existing healthchecks.
-**--healthcheck-interval**=*interval*
+Multiple options can be passed in the form of a JSON array; otherwise, the command will be interpreted
+as an argument to `/bin/sh -c`.
+
+**--health-interval**=*interval*
Set an interval for the healthchecks (a value of `disable` results in no automatic timer setup) (default "30s")
-**--healthcheck-retries**=*retries*
+**--health-retries**=*retries*
The number of retries allowed before a healthcheck is considered to be unhealthy. The default value is `3`.
-**--healthcheck-start-period**=*period*
+**--health-start-period**=*period*
The initialization time needed for a container to bootstrap. The value can be expressed in time format like
`2m3s`. The default value is `0s`
-**--healthcheck-timeout**=*timeout*
+**--health-timeout**=*timeout*
The maximum time allowed to complete the healthcheck before an interval is considered failed. Like start-period, the
value can be expressed in a time format such as `1m22s`. The default value is `30s`.
@@ -312,7 +327,7 @@ those. This option is only needed when the host system must use a proxy but
the container should not use any proxy. Proxy environment variables specified
for the container in any other way will override the values that would have
been passed thru from the host. (Other ways to specify the proxy for the
-container include passing the values with the `--env` flag, or hardcoding the
+container include passing the values with the `--env` flag, or hard coding the
proxy environment at container build time.)
For example, to disable passing these environment variables from host to
@@ -484,7 +499,7 @@ This works for both background and foreground containers.
**--network**, **--net**="*bridge*"
-Set the Network mode for the container
+Set the Network mode for the container. Invalid if using **--dns**, **--dns-option**, or **--dns-search** with **--network** that is set to 'none' or 'container:<name|id>'.
'bridge': create a network stack on the default bridge
'none': no networking
'container:<name|id>': reuse another container's network stack
@@ -630,7 +645,7 @@ Security Options
"seccomp=unconfined" : Turn off seccomp confinement for the container
"seccomp=profile.json : White listed syscalls seccomp Json file to be used as a seccomp filter
-Note: Labelling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
+Note: Labeling can be disabled for all containers by setting label=false in the **libpod.conf** (`/etc/containers/libpod.conf`) file.
**--shm-size**=*size*
@@ -723,6 +738,8 @@ The following example maps uids 0-2000 in the container to the uids 30000-31999
Ulimit options
+You can pass `host` to copy the current configuration from the host.
+
**--user**, **-u**=*user*
Sets the username or UID used and optionally the groupname or GID for the specified command.
@@ -901,6 +918,19 @@ The fuse-overlay package provides a userspace overlay storage driver, otherwise
the vfs storage driver, which is diskspace expensive and does not perform well. slirp4netns is
required for VPN, without it containers need to be run with the --net=host flag.
+## ENVIRONMENT
+
+Environment variables within containers can be set using multiple different options: This section describes the precedence.
+
+Precedence Order:
+ **--env-host** : Host environment of the process executing podman is added.
+
+ Container image : Any environment variables specified in the container image.
+
+ **--env-file** : Any environment variables specified via env-files. If multiple files specified, then they override each other in order of entry.
+
+ **--env** : Any environment variables specified will override previous settings.
+
## FILES
**/etc/subuid**
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-17 10:38:38 +0000