diff options
Diffstat (limited to 'docs/source')
-rw-r--r-- | docs/source/image.rst | 2 | ||||
-rw-r--r-- | docs/source/includes.rst | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-container-restore.1.md | 11 | ||||
-rw-r--r-- | docs/source/markdown/podman-container-runlabel.1.md | 77 | ||||
-rw-r--r-- | docs/source/markdown/podman-container.1.md | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-cp.1.md | 100 | ||||
-rw-r--r-- | docs/source/markdown/podman-create.1.md | 8 | ||||
-rw-r--r-- | docs/source/markdown/podman-image-scp.1.md | 69 | ||||
-rw-r--r-- | docs/source/markdown/podman-image.1.md | 1 | ||||
-rw-r--r-- | docs/source/markdown/podman-images.1.md | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-logs.1.md | 29 | ||||
-rw-r--r-- | docs/source/markdown/podman-network-connect.1.md | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-network-disconnect.1.md | 5 | ||||
-rw-r--r-- | docs/source/markdown/podman-network-reload.1.md | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-rmi.1.md | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-run.1.md | 8 | ||||
-rw-r--r-- | docs/source/markdown/podman-volume-ls.1.md | 1 | ||||
-rw-r--r-- | docs/source/markdown/podman-volume-prune.1.md | 6 |
18 files changed, 220 insertions, 109 deletions
diff --git a/docs/source/image.rst b/docs/source/image.rst index 0552df929..0987a0149 100644 --- a/docs/source/image.rst +++ b/docs/source/image.rst @@ -30,6 +30,8 @@ Image :doc:`save <markdown/podman-save.1>` Save image to an archive +:doc:`scp <markdown/podman-image-scp.1>` Securely copy an image from one host to another + :doc:`search <markdown/podman-search.1>` Search a registry for an image :doc:`sign <markdown/podman-image-sign.1>` Sign an image diff --git a/docs/source/includes.rst b/docs/source/includes.rst index 6e04d77f4..8d5f18e4d 100644 --- a/docs/source/includes.rst +++ b/docs/source/includes.rst @@ -16,4 +16,4 @@ .. _podman run: http://docs.podman.io/en/latest/markdown/podman-run.1.html .. _podman build: http://docs.podman.io/en/latest/markdown/podman-build.1.html .. _podman push: http://docs.podman.io/en/latest/markdown/podman-push.1.html -.. image:: https://github.com/containers/podman/blob/main/logo/podman-logo.png?raw=true +.. image:: https://raw.githubusercontent.com/containers/podman/main/logo/podman-logo.png diff --git a/docs/source/markdown/podman-container-restore.1.md b/docs/source/markdown/podman-container-restore.1.md index 36eb650e5..856008cc0 100644 --- a/docs/source/markdown/podman-container-restore.1.md +++ b/docs/source/markdown/podman-container-restore.1.md @@ -93,6 +93,15 @@ be used once and the restored *container* will have another IP address. This als that **--name, -n** cannot be used in combination with **--tcp-established**.\ *IMPORTANT: This OPTION is only available in combination with **--import, -i**.* +#### **--pod**=*name* + +Restore a container into the pod *name*. The destination pod for this restore +has to have the same namespaces shared as the pod this container was checkpointed +from (see **[podman pod create --share](podman-pod-create.1.md#--share)**). +*IMPORTANT: This OPTION is only available in combination with **--import, -i**.* + +This option requires at least CRIU 3.16. + #### **--publish**, **-p**=*port* Replaces the ports that the *container* publishes, as configured during the @@ -128,7 +137,7 @@ $ podman run --rm -p 2345:80 -d webserver ``` ## SEE ALSO -**[podman(1)](podman.1.md)**, **[podman-container-checkpoint(1)](podman-container-checkpoint.1.md)**, **[podman-run(1)](podman-run.1.md)** +**[podman(1)](podman.1.md)**, **[podman-container-checkpoint(1)](podman-container-checkpoint.1.md)**, **[podman-run(1)](podman-run.1.md)**, **[podman-pod-create(1)](podman-pod-create.1.md)** ## HISTORY September 2018, Originally compiled by Adrian Reber <areber@redhat.com> diff --git a/docs/source/markdown/podman-container-runlabel.1.md b/docs/source/markdown/podman-container-runlabel.1.md index e343a12fe..ec67a2687 100644 --- a/docs/source/markdown/podman-container-runlabel.1.md +++ b/docs/source/markdown/podman-container-runlabel.1.md @@ -1,76 +1,58 @@ % podman-container-runlabel(1) ## NAME -podman-container-runlabel - Executes a command as described by a container image label +podman-container-runlabel - Executes a command as described by a container-image label ## SYNOPSIS **podman container runlabel** [*options*] *label* *image* [*arg...*] ## DESCRIPTION -**podman container runlabel** reads the provided `LABEL` field in the container -IMAGE and executes the provided value for the label as a command. If this field does not -exist, `podman container runlabel` will just exit. +**podman container runlabel** reads the specified `label` of the `image` and executes it as command on the host. If the label does not exist, Podman will exit with an error. Additional arguments will be appended to the command. -If the container image has a LABEL INSTALL instruction like the following: +Historically, container images describe the contents (e.g., layers) and how a container runtime (e.g., crun(1) or runc(1)) should execute the container. For instance, an image may set the environment and the command in its configuration. However, a container image cannot directly specify how a container engine such as Podman should execute it. For instance, an image configuration does not include information about log drivers, namespaces or which capabilities it needs to run correctly. -`LABEL INSTALL /usr/bin/podman run -t -i --rm \${OPT1} --privileged -v /:/host --net=host --ipc=host --pid=host -e HOST=/host -e NAME=\${NAME} -e IMAGE=\${IMAGE} -e CONFDIR=/etc/\${NAME} -e LOGDIR=/var/log/\${NAME} -e DATADIR=/var/lib/\${NAME} \${IMAGE} \${OPT2} /bin/install.sh \${OPT3}` +`podman container runlabel` addresses the limitation of container images in a simple yet efficient way. Podman will read the contents of the label and interpret it as a command that will be executed on the host. This way an image can describe exactly how it should be executed by Podman. For instance, a label with the content `/usr/bin/podman run -d --pid=host --privileged \${IMAGE}` instructs the image to be executed in a detached, privileged container that is using the PID namespace of the host. This lifts the self-description of a container image from "what" to "how". -`podman container runlabel` will set the following environment variables for use in the command: +Please note that the `runlabel` command is intended to be run in trusted environments exclusively. Using the command on untrusted images is not recommended. -If the container image does not have the desired label, an error message will be displayed along with a non-zero -return code. If the image is not found in local storage, Podman will attempt to pull it first. +## VARIABLES -**LABEL** -The label name specified via the command. +The contents of a label may refer to the following variables which will be substituted while processing the label. **IMAGE** -Image name specified via the command. +The name of the image. When executing `podman container runlabel label fedora` the `IMAGE` variable will be replaced with `fedora`. Valid formats are `IMAGE`, `$IMAGE`, `${IMAGE}` and `=IMAGE`. -**SUDO_UID** -The `SUDO_UID` environment variable. This is useful with the podman -`-u` option for user space tools. If the environment variable is -not available, the value of `/proc/self/loginuid` is used. +**NAME** +As specified by the `--name` option. The format is identical to the one of the IMAGE attribute. -**SUDO_GID** -The `SUDO_GID` environment variable. This is useful with the podman -`-u` option for user space tools. If the environment variable is -not available, the default GID of the value for `SUDO_UID` is used. -If this value is not available, the value of `/proc/self/loginuid` -is used. - -Any additional arguments will be appended to the command. +**PWD** +Will be replaced with the current working directory. ## OPTIONS #### **--authfile**=*path* -Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. -If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. +Path of the containers-auth.json(5) file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`. If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. -Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE -environment variable. `export REGISTRY_AUTH_FILE=path` +Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE environment variable. `export REGISTRY_AUTH_FILE=path` #### **--display** -Display the label's value of the image having populated its environment variables. -The runlabel command will not execute if --display is specified. +Display the label's value of the image having populated its environment variables. The runlabel command will not execute if --display is specified. #### **--cert-dir**=*path* -Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. -Please refer to containers-certs.d(5) for details. (This option is not available with the remote Podman client) +Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry. Please refer to containers-certs.d(5) for details. (This option is not available with the remote Podman client) #### **--creds**=*[username[:password]]* -The [username[:password]] to use to authenticate with the registry if required. -If one or both values are not supplied, a command line prompt will appear and the -value can be entered. The password is entered without echo. +The [username[:password]] to use to authenticate with the registry if required. If one or both values are not supplied, a command line prompt will appear and the value can be entered. The password is entered without echo. #### **--help**, **-h** Print usage statement #### **--name**, **-n**=*name* -Use this name for creating content for the container. NAME will default to the IMAGENAME if it is not specified. +Use this name for creating content for the container. If not specified, name defaults to the name of the image. #### **--quiet**, **-q** @@ -78,34 +60,33 @@ Suppress output information when pulling images #### **--replace** -If a container exists of the default or given name, as needed it will be stopped, deleted and a new container will be -created from this image. +If a container exists of the default or given name, as needed it will be stopped, deleted and a new container will be created from this image. #### **--tls-verify** -Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true, -then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified, -TLS verification will be used unless the target registry is listed as an insecure registry in registries.conf. +Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true, then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified, TLS verification will be used unless the target registry is listed as an insecure registry in containers-registries.conf(5). ## EXAMPLES -Execute the run label of an image called foobar. +Execute the `run` label of an image called foobar. ``` -$ sudo podman container runlabel run foobar +$ podman container runlabel run foobar ``` -Execute the install label of an image called foobar with additional arguments. +Execute the `install` label of an image called foobar with additional arguments. ``` -$ sudo podman container runlabel install foobar apples oranges +$ podman container runlabel install foobar apples oranges ``` -Display the command that would be executed by runlabel. +Display the contents of the `run` label of image foobar. ``` -$ sudo podman container runlabel --display run foobar +$ podman container runlabel --display run foobar ``` ## SEE ALSO -podman(1), containers-certs.d(5) +podman(1), crun(1), runc(1), containers-auth.json(5), containers-certs.d(5), containers-registries.conf(5) ## HISTORY +August 2021, Refinements by Valentin Rothberg (rothberg at redhat dot com) + September 2018, Originally compiled by Brent Baude (bbaude at redhat dot com) diff --git a/docs/source/markdown/podman-container.1.md b/docs/source/markdown/podman-container.1.md index e69c5a170..3cc90d9ec 100644 --- a/docs/source/markdown/podman-container.1.md +++ b/docs/source/markdown/podman-container.1.md @@ -38,7 +38,7 @@ The container command allows you to manage containers | restore | [podman-container-restore(1)](podman-container-restore.1.md) | Restores one or more containers from a checkpoint. | | rm | [podman-rm(1)](podman-rm.1.md) | Remove one or more containers. | | run | [podman-run(1)](podman-run.1.md) | Run a command in a container. | -| runlabel | [podman-container-runlabel(1)](podman-container-runlabel.1.md) | Executes a command as described by a container image label. | +| runlabel | [podman-container-runlabel(1)](podman-container-runlabel.1.md) | Executes a command as described by a container-image label. | | start | [podman-start(1)](podman-start.1.md) | Starts one or more containers. | | stats | [podman-stats(1)](podman-stats.1.md) | Display a live stream of one or more container's resource usage statistics. | | stop | [podman-stop(1)](podman-stop.1.md) | Stop one or more running containers. | diff --git a/docs/source/markdown/podman-cp.1.md b/docs/source/markdown/podman-cp.1.md index 43ee4cdff..79edf26ed 100644 --- a/docs/source/markdown/podman-cp.1.md +++ b/docs/source/markdown/podman-cp.1.md @@ -9,111 +9,121 @@ podman\-cp - Copy files/folders between a container and the local filesystem **podman container cp** [*options*] [*container*:]*src_path* [*container*:]*dest_path* ## DESCRIPTION -Copy the contents of **src_path** to the **dest_path**. You can copy from the container's filesystem to the local machine or the reverse, from the local filesystem to the container. -If `-` is specified for either the SRC_PATH or DEST_PATH, you can also stream a tar archive from STDIN or to STDOUT. +**podman cp** allows copying the contents of **src_path** to the **dest_path**. Files can be copied from a container to the local machine and vice versa or between two containers. +If `-` is specified for either the `SRC_PATH` or `DEST_PATH`, one can also stream a tar archive from `STDIN` or to `STDOUT`. -The CONTAINER can be a running or stopped container. The **src_path** or **dest_path** can be a file or directory. +The containers can be either running or stopped and the *src_path* or *dest_path* can be a file or directory. -The **podman cp** command assumes container paths are relative to the container's root directory (i.e., `/`). - -This means supplying the initial forward slash is optional; - -The command sees **compassionate_darwin:/tmp/foo/myfile.txt** and **compassionate_darwin:tmp/foo/myfile.txt** as identical. +*IMPORTANT: The **podman cp** command assumes container paths are relative to the container's root directory (`/`), which means supplying the initial forward slash is optional and therefore sees `compassionate_darwin:/tmp/foo/myfile.txt` and `compassionate_darwin:tmp/foo/myfile.txt` as identical.* Local machine paths can be an absolute or relative value. The command interprets a local machine's relative paths as relative to the current working directory where **podman cp** is run. -Assuming a path separator of /, a first argument of **src_path** and second argument of **dest_path**, the behavior is as follows: +Assuming a path separator of `/`, a first argument of **src_path** and second argument of **dest_path**, the behavior is as follows: -**src_path** specifies a file +**src_path** specifies a file: - **dest_path** does not exist - - the file is saved to a file created at **dest_path** (note that parent directory must exist) + - the file is saved to a file created at **dest_path** (note that parent directory must exist). - **dest_path** exists and is a file - - the destination is overwritten with the source file's contents + - the destination is overwritten with the source file's contents. - **dest_path** exists and is a directory - - the file is copied into this directory using the base name from **src_path** + - the file is copied into this directory using the base name from **src_path**. -**src_path** specifies a directory +**src_path** specifies a directory: - **dest_path** does not exist - - **dest_path** is created as a directory and the contents of the source directory are copied into this directory + - **dest_path** is created as a directory and the contents of the source directory are copied into this directory. - **dest_path** exists and is a file - - Error condition: cannot copy a directory to a file + - Error condition: cannot copy a directory to a file. - **dest_path** exists and is a directory - **src_path** ends with `/` - - the source directory is copied into this directory + - the source directory is copied into this directory. - **src_path** ends with `/.` (i.e., slash followed by dot) - - the content of the source directory is copied into this directory + - the content of the source directory is copied into this directory. The command requires **src_path** and **dest_path** to exist according to the above rules. If **src_path** is local and is a symbolic link, the symbolic target, is copied by default. -A colon (:) is used as a delimiter between CONTAINER and its path. - -You can also use : when specifying paths to a **src_path** or **dest_path** on a local machine, for example, `file:name.txt`. +A *colon* ( : ) is used as a delimiter between a container and its path, it can also be used when specifying paths to a **src_path** or **dest_path** on a local machine, for example, `file:name.txt`. -If you use a : in a local machine path, you must be explicit with a relative or absolute path, for example: - `/path/to/file:name.txt` or `./file:name.txt` +*IMPORTANT: while using a *colon* ( : ) in a local machine path, one must be explicit with a relative or absolute path, for example: `/path/to/file:name.txt` or `./file:name.txt`* -Using `-` as the *src_path* streams the contents of STDIN as a tar archive. The command extracts the content of the tar to the *DEST_PATH* in the container. In this case, *dest_path* must specify a directory. Using `-` as the *dest_path* streams the contents of the resource (can be a directory) as a tar archive to STDOUT. +Using `-` as the **src_path** streams the contents of `STDIN` as a tar archive. The command extracts the content of the tar to the `DEST_PATH` in the container. In this case, **dest_path** must specify a directory. Using `-` as the **dest_path** streams the contents of the resource (can be a directory) as a tar archive to `STDOUT`. Note that `podman cp` ignores permission errors when copying from a running rootless container. The TTY devices inside a rootless container are owned by the host's root user and hence cannot be read inside the container's user namespace. ## OPTIONS -#### **--archive**, **-a** +#### **--archive**, **-a**=**true** | *false* Archive mode (copy all uid/gid information). -When set to true, files copied to a container will have changed ownership to the primary uid/gid of the container. +When set to true, files copied to a container will have changed ownership to the primary UID/GID of the container. When set to false, maintain uid/gid from archive sources instead of changing them to the primary uid/gid of the destination container. -The default is *true*. +The default is **true**. ## ALTERNATIVES -Podman has much stronger capabilities than just `podman cp` to achieve copy files between host and container. +Podman has much stronger capabilities than just `podman cp` to achieve copying files between the host and containers. -Using standard podman-mount and podman-umount takes advantage of the entire linux tool chain, rather -then just cp. +Using standard **[podman-mount(1)](podman-mount.1.md)** and **[podman-unmount(1)](podman-unmount.1.md)** takes advantage of the entire linux tool chain, rather than just cp. -If a user wants to copy contents out of a container or into a container, they can execute a few simple commands. +copying contents out of a container or into a container, can be achieved with a few simple commands. For example: -You can copy from the container's file system to the local machine or the reverse, from the local filesystem to the container. - -If you want to copy the /etc/foobar directory out of a container and onto /tmp on the host, you could execute the following commands: +To copy the `/etc/foobar` directory out of a container and onto `/tmp` on the host, the following commands can be executed: mnt=$(podman mount CONTAINERID) cp -R ${mnt}/etc/foobar /tmp podman umount CONTAINERID -If you want to untar a tar ball into a container, you can execute these commands: +To untar a tar ball into a container, following commands can be executed: mnt=$(podman mount CONTAINERID) tar xf content.tgz -C ${mnt} podman umount CONTAINERID -One last example, if you want to install a package into a container that -does not have dnf installed, you could execute something like: +To install a package into a container that +does not have dnf installed, following commands can be executed: mnt=$(podman mount CONTAINERID) dnf install --installroot=${mnt} httpd chroot ${mnt} rm -rf /var/log/dnf /var/cache/dnf podman umount CONTAINERID -This shows that using `podman mount` and `podman umount` you can use all of the +By using `podman mount` and `podman unmount`, one can use all of the standard linux tools for moving files into and out of containers, not just the cp command. -## EXAMPLE +## EXAMPLES + +- Copy a file from host to a container. + ``` + podman cp /myapp/app.conf containerID:/myapp/app.conf + ``` -podman cp /myapp/app.conf containerID:/myapp/app.conf +- Copy a file from a container to a directory on another container. + ``` + podman cp containerID1:/myfile.txt containerID2:/tmp + ``` -podman cp /home/myuser/myfiles.tar containerID:/tmp +- Copy a directory on a container to a directory on the host. + ``` + podman cp containerID:/myapp/ /myapp/ + ``` -podman cp containerID:/myapp/ /myapp/ +- Copy the contents of a directory on a container to a directory on the host. + ``` + podman cp containerID:/home/myuser/. /home/myuser/ + ``` -podman cp containerID:/home/myuser/. /home/myuser/ +- Copy a directory on a container into a directory on another. + ``` + podman cp containerA:/myapp containerB:/yourapp + ``` -podman cp - containerID:/myfiles.tar.gz < myfiles.tar.gz +- Stream a tar archive from `STDIN` to a container. + ``` + podman cp - containerID:/myfiles.tar.gz < myfiles.tar.gz + ``` ## SEE ALSO -podman(1), podman-mount(1), podman-umount(1) +**[podman(1)](podman.1.md)**, **[podman-mount(1)](podman-mount.1.md)**, **[podman-unmount(1)](podman-unmount.1.md)** diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index 1720e6eb6..7f9cf0e75 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -181,6 +181,8 @@ Limit the CPU real-time period in microseconds Limit the container's Real Time CPU usage. This flag tell the kernel to restrict the container's Real Time CPU usage to the period you specify. +This flag is not supported on cgroups V2 systems. + #### **--cpu-rt-runtime**=*microseconds* Limit the CPU real-time runtime in microseconds @@ -190,6 +192,8 @@ Period of 1,000,000us and Runtime of 950,000us means that this container could c The sum of all runtimes across containers cannot exceed the amount allotted to the parent cgroup. +This flag is not supported on cgroups V2 systems. + #### **--cpu-shares**=*shares* CPU shares (relative weight) @@ -479,6 +483,8 @@ is not limited. If you specify a limit, it may be rounded up to a multiple of the operating system's page size and the value can be very large, millions of trillions. +This flag is not supported on cgroups V2 systems. + #### **--label**, **-l**=*label* Add metadata to a container (e.g., --label com.example.key=value) @@ -561,6 +567,8 @@ unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap. Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. +This flag is not supported on cgroups V2 systems. + #### **--mount**=*type=TYPE,TYPE-SPECIFIC-OPTION[,...]* Attach a filesystem mount to the container diff --git a/docs/source/markdown/podman-image-scp.1.md b/docs/source/markdown/podman-image-scp.1.md new file mode 100644 index 000000000..420452a4d --- /dev/null +++ b/docs/source/markdown/podman-image-scp.1.md @@ -0,0 +1,69 @@ +% podman-image-scp(1) + +## NAME +podman-image-scp - Securely copy an image from one host to another + +## SYNOPSIS +**podman image scp** [*options*] *name*[:*tag*] + +## DESCRIPTION +**podman image scp** copies container images between hosts on a network. You can load to the remote host or from the remote host as well as in between two remote hosts. +Note: `::` is used to specify the image name depending on if you are saving or loading. + +**podman image scp [GLOBAL OPTIONS]** + +**podman image** *scp [OPTIONS] NAME[:TAG] [HOSTNAME::]* + +**podman image** *scp [OPTIONS] [HOSTNAME::]IMAGENAME* + +**podman image** *scp [OPTIONS] [HOSTNAME::]IMAGENAME [HOSTNAME::]* + +## OPTIONS + +#### **--quiet**, **-q** + +Suppress the output + +#### **--help**, **-h** + +Print usage statement + +## EXAMPLES + + +``` +$ podman image scp alpine +Loaded image(s): docker.io/library/alpine:latest +``` + +``` +$ podman image scp alpine Fedora::/home/charliedoern/Documents/alpine +Getting image source signatures +Copying blob 72e830a4dff5 done +Copying config 85f9dc67c7 done +Writing manifest to image destination +Storing signatures +Loaded image(s): docker.io/library/alpine:latest +``` + +``` +$ podman image scp Fedora::alpine RHEL:: +Loaded image(s): docker.io/library/alpine:latest +``` + +``` +$ podman image scp charliedoern@192.168.68.126:22/run/user/1000/podman/podman.sock::alpine +WARN[0000] Unknown connection name given. Please use system connection add to specify the default remote socket location +Getting image source signatures +Copying blob 9450ef9feb15 [--------------------------------------] 0.0b / 0.0b +Copying config 1f97f0559c done +Writing manifest to image destination +Storing signatures +Loaded image(s): docker.io/library/alpine:latest +``` + +## SEE ALSO +podman(1), podman-load(1), podman-save(1), podman-remote(1), podman-system-connection-add(1), containers.conf(5), containers-transports(5) + +## HISTORY +July 2021, Originally written by Charlie Doern <cdoern@redhat.com> diff --git a/docs/source/markdown/podman-image.1.md b/docs/source/markdown/podman-image.1.md index 1b0dc395d..3e6050d99 100644 --- a/docs/source/markdown/podman-image.1.md +++ b/docs/source/markdown/podman-image.1.md @@ -27,6 +27,7 @@ The image command allows you to manage images | push | [podman-push(1)](podman-push.1.md) | Push an image from local storage to elsewhere. | | rm | [podman-rmi(1)](podman-rmi.1.md) | Removes one or more locally stored images. | | save | [podman-save(1)](podman-save.1.md) | Save an image to docker-archive or oci. | +| scp | [podman-image-scp(1)](podman-image-scp.1.md) | Securely copy an image from one host to another. | | search | [podman-search(1)](podman-search.1.md) | Search a registry for an image. | | sign | [podman-image-sign(1)](podman-image-sign.1.md) | Create a signature for an image. | | tag | [podman-tag(1)](podman-tag.1.md) | Add an additional name to a local image. | diff --git a/docs/source/markdown/podman-images.1.md b/docs/source/markdown/podman-images.1.md index 23cce450a..02385daec 100644 --- a/docs/source/markdown/podman-images.1.md +++ b/docs/source/markdown/podman-images.1.md @@ -36,7 +36,7 @@ Filter output based on conditions provided Filter on images created before the given IMAGE (name or tag). **dangling=true|false** - Show dangling images. Dangling images are a file system layer that was used in a previous build of an image and is no longer referenced by any active images. They are denoted with the `<none>` tag, consume disk space and serve no active purpose. + Show dangling images. Dangling images are a file system layer that was used in a previous build of an image and is no longer referenced by any image. They are denoted with the `<none>` tag, consume disk space and serve no active purpose. **label** Filter by images labels key and/or value. diff --git a/docs/source/markdown/podman-logs.1.md b/docs/source/markdown/podman-logs.1.md index 8f1301102..6b3ef79d7 100644 --- a/docs/source/markdown/podman-logs.1.md +++ b/docs/source/markdown/podman-logs.1.md @@ -39,6 +39,14 @@ strings (e.g. 10m, 1h30m) computed relative to the client machine's time. Suppor time stamps include RFC3339Nano, RFC3339, 2006-01-02T15:04:05, 2006-01-02T15:04:05.999999999, 2006-01-02Z07:00, and 2006-01-02. +#### **--until**=*TIMESTAMP* + +Show logs until TIMESTAMP. The --until option can be Unix timestamps, date formatted timestamps, or Go duration +strings (e.g. 10m, 1h30m) computed relative to the client machine's time. Supported formats for date formatted +time stamps include RFC3339Nano, RFC3339, 2006-01-02T15:04:05, 2006-01-02T15:04:05.999999999, 2006-01-02Z07:00, +and 2006-01-02. + + #### **--tail**=*LINES* Output the specified number of LINES at the end of the logs. LINES must be an integer. Defaults to -1, @@ -74,6 +82,17 @@ podman logs --tail 2 b3f2436bdb97 # Server initialized ``` +To view all containers logs: +``` +podman logs -t --since 0 myserver + +1:M 07 Aug 14:10:09.055 # Server can't set maximum open files to 10032 because of OS error: Operation not permitted. +1:M 07 Aug 14:10:09.055 # Current maximum open files is 4096. maxclients has been reduced to 4064 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'. +1:M 07 Aug 14:10:09.056 * Running mode=standalone, port=6379. +1:M 07 Aug 14:10:09.056 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128. +1:M 07 Aug 14:10:09.056 # Server initialized +``` + To view a containers logs since a certain time: ``` podman logs -t --since 2017-08-07T10:10:09.055837383-04:00 myserver @@ -93,6 +112,16 @@ podman logs --since 10m myserver # Current maximum open files is 4096. maxclients has been reduced to 4064 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'. ``` +To view a container's logs until 30 minutes ago: +``` +podman logs --until 30m myserver + +AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.100. Set the 'ServerName' directive globally to suppress this message +AH00558: httpd: Could not reliably determine the server's fully qualified domain name, using 10.0.2.100. Set the 'ServerName' directive globally to suppress this message +[Tue Jul 20 13:18:14.223727 2021] [mpm_event:notice] [pid 1:tid 140021067187328] AH00489: Apache/2.4.48 (Unix) configured -- resuming normal operations +[Tue Jul 20 13:18:14.223819 2021] [core:notice] [pid 1:tid 140021067187328] AH00094: Command line: 'httpd -D FOREGROUND' +``` + ## SEE ALSO podman(1), podman-run(1), podman-container-rm(1) diff --git a/docs/source/markdown/podman-network-connect.1.md b/docs/source/markdown/podman-network-connect.1.md index cff4336d6..47a54bd33 100644 --- a/docs/source/markdown/podman-network-connect.1.md +++ b/docs/source/markdown/podman-network-connect.1.md @@ -10,8 +10,6 @@ podman\-network\-connect - Connect a container to a network Connects a container to a network. A container can be connected to a network by name or by ID. Once connected, the container can communicate with other containers in the same network. -This command is not available for rootless users. - ## OPTIONS #### **--alias** Add network-scoped alias for the container. If the network is using the `dnsname` CNI plugin, these aliases diff --git a/docs/source/markdown/podman-network-disconnect.1.md b/docs/source/markdown/podman-network-disconnect.1.md index 8b7125282..a13aa6088 100644 --- a/docs/source/markdown/podman-network-disconnect.1.md +++ b/docs/source/markdown/podman-network-disconnect.1.md @@ -7,9 +7,10 @@ podman\-network\-disconnect - Disconnect a container from a network **podman network disconnect** [*options*] network container ## DESCRIPTION -Disconnects a container from a network. +Disconnects a container from a network. A container can be disconnected from a network by name or by ID. +If all networks are disconnected from the container, it will behave like a container created with `--network=none` +and it will longer have network connectivity until a network is connected again. -This command is not available for rootless users. ## OPTIONS #### **--force**, **-f** diff --git a/docs/source/markdown/podman-network-reload.1.md b/docs/source/markdown/podman-network-reload.1.md index 1d9f34f2e..593265df6 100644 --- a/docs/source/markdown/podman-network-reload.1.md +++ b/docs/source/markdown/podman-network-reload.1.md @@ -13,8 +13,6 @@ Rootfull Podman relies on iptables rules in order to provide network connectivit this happens for example with `firewall-cmd --reload`, the container loses network connectivity. This command restores the network connectivity. -This command is not available for rootless users since rootless containers are not affected by such connectivity problems. - ## OPTIONS #### **--all**, **-a** diff --git a/docs/source/markdown/podman-rmi.1.md b/docs/source/markdown/podman-rmi.1.md index 1f62d6133..e34b1964b 100644 --- a/docs/source/markdown/podman-rmi.1.md +++ b/docs/source/markdown/podman-rmi.1.md @@ -10,7 +10,7 @@ podman\-rmi - Removes one or more locally stored images ## DESCRIPTION Removes one or more locally stored images. -Passing an argument _image_ deletes it, along with any of its dangling (untagged) parent images. +Passing an argument _image_ deletes it, along with any of its dangling parent images. A dangling image is an image without a tag and without being referenced by another image. ## OPTIONS diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index ce0cf1a2f..f08561904 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -199,6 +199,8 @@ Limit the CPU real-time period in microseconds. Limit the container's Real Time CPU usage. This flag tell the kernel to restrict the container's Real Time CPU usage to the period you specify. +This flag is not supported on cgroups V2 systems. + #### **--cpu-rt-runtime**=*microseconds* Limit the CPU real-time runtime in microseconds. @@ -208,6 +210,8 @@ Period of 1,000,000us and Runtime of 950,000us means that this container could c The sum of all runtimes across containers cannot exceed the amount allotted to the parent cgroup. +This flag is not supported on cgroups V2 systems. + #### **--cpu-shares**=*shares* CPU shares (relative weight). @@ -518,6 +522,8 @@ is not limited. If you specify a limit, it may be rounded up to a multiple of the operating system's page size and the value can be very large, millions of trillions. +This flag is not supported on cgroups V2 systems. + #### **--label**, **-l**=*key*=*value* Add metadata to a container. @@ -595,6 +601,8 @@ Set _number_ to **-1** to enable unlimited swap. Tune a container's memory swappiness behavior. Accepts an integer between *0* and *100*. +This flag is not supported on cgroups V2 systems. + #### **--mount**=*type=TYPE,TYPE-SPECIFIC-OPTION[,...]* Attach a filesystem mount to the container diff --git a/docs/source/markdown/podman-volume-ls.1.md b/docs/source/markdown/podman-volume-ls.1.md index 489057446..b562aff61 100644 --- a/docs/source/markdown/podman-volume-ls.1.md +++ b/docs/source/markdown/podman-volume-ls.1.md @@ -24,6 +24,7 @@ Volumes can be filtered by the following attributes: - name - opt - scope +- until #### **--format**=*format* diff --git a/docs/source/markdown/podman-volume-prune.1.md b/docs/source/markdown/podman-volume-prune.1.md index 9477cb5d5..b9599c200 100644 --- a/docs/source/markdown/podman-volume-prune.1.md +++ b/docs/source/markdown/podman-volume-prune.1.md @@ -23,12 +23,8 @@ Do not prompt for confirmation. Filter volumes to be pruned. Volumes can be filtered by the following attributes: -- dangling -- driver - label -- name -- opt -- scope +- until #### **--help** |