diff options
Diffstat (limited to 'docs/source')
-rw-r--r-- | docs/source/markdown/containers-mounts.conf.5.md | 16 | ||||
-rw-r--r-- | docs/source/markdown/libpod.conf.5.md | 113 | ||||
-rw-r--r-- | docs/source/markdown/podman-attach.1.md | 4 | ||||
-rw-r--r-- | docs/source/markdown/podman-container-restore.1.md | 9 | ||||
-rw-r--r-- | docs/source/markdown/podman-create.1.md | 12 | ||||
-rw-r--r-- | docs/source/markdown/podman-exec.1.md | 2 | ||||
-rw-r--r-- | docs/source/markdown/podman-remote.conf.5.md | 57 | ||||
-rw-r--r-- | docs/source/markdown/podman-run.1.md | 12 | ||||
-rw-r--r-- | docs/source/markdown/podman-start.1.md | 4 |
9 files changed, 214 insertions, 15 deletions
diff --git a/docs/source/markdown/containers-mounts.conf.5.md b/docs/source/markdown/containers-mounts.conf.5.md new file mode 100644 index 000000000..130c1c523 --- /dev/null +++ b/docs/source/markdown/containers-mounts.conf.5.md @@ -0,0 +1,16 @@ +% containers-mounts.conf(5) + +## NAME +containers-mounts.conf - configuration file for default mounts in containers + +## DESCRIPTION +The mounts.conf file specifies volume mount directories that are automatically mounted inside containers. Container processes can then use this content. Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories. Note that for security reasons, tools adhering to the mounts.conf are expected to copy the contents instead of bind mounting the paths from the host. + +## FORMAT +The format of the mounts.conf is the volume format `/SRC:/DEST`, one mount per line. For example, a mounts.conf with the line `/usr/share/secrets:/run/secrets` would cause the contents of the `/usr/share/secrets` directory on the host to be mounted on the `/run/secrets` directory inside the container. Setting mountpoints allows containers to use the files of the host, for instance, to use the host's subscription to some enterprise Linux distribution. + +## FILES +Some distributions may provide a `/usr/share/containers/mounts.conf` file to provide default mounts, but users can create a `/etc/containers/mounts.conf`, to specify their own special volumes to mount in the container. + +## HISTORY +Aug 2018, Originally compiled by Valentin Rothberg <vrothberg@suse.com> diff --git a/docs/source/markdown/libpod.conf.5.md b/docs/source/markdown/libpod.conf.5.md new file mode 100644 index 000000000..c28c80b56 --- /dev/null +++ b/docs/source/markdown/libpod.conf.5.md @@ -0,0 +1,113 @@ +% libpod.conf(5) + +## NAME +libpod.conf - libpod configuration file + +## DESCRIPTION +The libpod.conf file is the default configuration file for all tools using +libpod to manage containers. + +## OPTIONS + +**image_default_transport**="" + Default transport method for pulling and pushing images + +**runtime**="" + Default OCI runtime to use if nothing is specified in **runtimes** + +**runtimes** + For each OCI runtime, specify a list of paths to look for. The first one found is used. If the paths are empty or no valid path was found, then the `$PATH` environment variable will be used as the fallback. + +**conmon_path**="" + Paths to search for the conmon container manager binary. If the paths are empty or no valid path was found, then the `$PATH` environment variable will be used as the fallback. + +**conmon_env_vars**="" + Environment variables to pass into Conmon + +**cgroup_manager**="" + Specify the CGroup Manager to use; valid values are "systemd" and "cgroupfs" + +**lock_type**="" + Specify the locking mechanism to use; valid values are "shm" and "file". Change the default only if you are sure of what you are doing, in general "file" is useful only on platforms where cgo is not available for using the faster "shm" lock type. You may need to run "podman system renumber" after you change the lock type. + +**init_path**="" + Path to the container-init binary, which forwards signals and reaps processes within containers. Note that the container-init binary will only be used when the `--init` for podman-create and podman-run is set. + +**hooks_dir**=["*path*", ...] + + Each `*.json` file in the path configures a hook for Podman containers. For more details on the syntax of the JSON files and the semantics of hook injection, see `oci-hooks(5)`. Podman and libpod currently support both the 1.0.0 and 0.1.0 hook schemas, although the 0.1.0 schema is deprecated. + + Paths listed later in the array have higher precedence (`oci-hooks(5)` discusses directory precedence). + + For the annotation conditions, libpod uses any annotations set in the generated OCI configuration. + + For the bind-mount conditions, only mounts explicitly requested by the caller via `--volume` are considered. Bind mounts that libpod inserts by default (e.g. `/dev/shm`) are not considered. + + Podman and libpod currently support an additional `precreate` state which is called before the runtime's `create` operation. Unlike the other stages, which receive the container state on their standard input, `precreate` hooks receive the proposed runtime configuration on their standard input. They may alter that configuration as they see fit, and write the altered form to their standard output. + + **WARNING**: the `precreate` hook lets you do powerful things, such as adding additional mounts to the runtime configuration. That power also makes it easy to break things. Before reporting libpod errors, try running your container with `precreate` hooks disabled to see if the problem is due to one of your hooks. + +**static_dir**="" + Directory for persistent libpod files (database, etc) + By default this will be configured relative to where containers/storage + stores containers + +**tmp_dir**="" + Directory for temporary files + Must be a tmpfs (wiped after reboot) + +**max_log_size**="" + Maximum size of log files (in bytes) + +**no_pivot_root**="" + Whether to use chroot instead of pivot_root in the runtime + +**cni_config_dir**="" + Directory containing CNI plugin configuration files + +**cni_plugin_dir**="" + Directories where CNI plugin binaries may be located + +**infra_image** = "" + Infra (pause) container image name for pod infra containers. When running a pod, we + start a `pause` process in a container to hold open the namespaces associated with the + pod. This container and process, basically sleep/pause for the lifetime of the pod. + +**infra_command**="" + Command to run the infra container + +**namespace**="" + Default libpod namespace. If libpod is joined to a namespace, it will see only containers and pods + that were created in the same namespace, and will create new containers and pods in that namespace. + The default namespace is "", which corresponds to no namespace. When no namespace is set, all + containers and pods are visible. + +**label**="true|false" + Indicates whether the containers should use label separation. + +**num_locks**="" + Number of locks available for containers and pods. Each created container or pod consumes one lock. + The default number available is 2048. + If this is changed, a lock renumbering must be performed, using the `podman system renumber` command. + +**volume_path**="" + Directory where named volumes will be created in using the default volume driver. + By default this will be configured relative to where containers/storage stores containers. + +**network_cmd_path**="" + Path to the command binary to use for setting up a network. It is currently only used for setting up + a slirp4netns network. If "" is used then the binary is looked up using the $PATH environment variable. + +**events_logger**="" + Default method to use when logging events. Valid values are "file", "journald", and "none". + +**detach_keys**="" + Keys sequence used for detaching a container + +## FILES + `/usr/share/containers/libpod.conf`, default libpod configuration path + + `/etc/containers/libpod.conf`, override libpod configuration path + +## HISTORY +Apr 2018, Originally compiled by Nathan Williams <nath.e.will@gmail.com> diff --git a/docs/source/markdown/podman-attach.1.md b/docs/source/markdown/podman-attach.1.md index cef01f0f6..1ac2e49a9 100644 --- a/docs/source/markdown/podman-attach.1.md +++ b/docs/source/markdown/podman-attach.1.md @@ -20,9 +20,7 @@ it in the **libpod.conf** file: see **libpod.conf(5)** for more information. ## OPTIONS **--detach-keys**=*sequence* -Override the key sequence for detaching a container. Format is a single character `[a-Z]` or -a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: -`a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`. +Specify the key sequence for detaching a container. Format is a single character `[a-Z]` or one or more `ctrl-<value>` characters where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Specifying "" will disable this feature. The default is *ctrl-p,ctrl-q*. **--latest**, **-l** diff --git a/docs/source/markdown/podman-container-restore.1.md b/docs/source/markdown/podman-container-restore.1.md index 1d2cf0b3e..d71daf4af 100644 --- a/docs/source/markdown/podman-container-restore.1.md +++ b/docs/source/markdown/podman-container-restore.1.md @@ -76,6 +76,15 @@ a container is restored multiple times from an exported checkpoint with **--name Using **--ignore-static-ip** tells Podman to ignore the IP address if it was configured with **--ip** during container creation. +**--ignore-static-mac** + +If the container was started with **--mac-address** the restored container also +tries to use that MAC address and restore fails if that MAC address is already +in use. This can happen, if a container is restored multiple times from an +exported checkpoint with **--name, -n**. + +Using **--ignore-static-mac** tells Podman to ignore the MAC address if it was +configured with **--mac-address** during container creation. ## EXAMPLE podman container restore mywebserver diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index 6617850fd..d9ee69f82 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -67,12 +67,14 @@ Drop Linux capabilities **--cgroupns**=*mode* -Set the cgroup namespace mode for the container, by default **host** is used. +Set the cgroup namespace mode for the container. **host**: use the host's cgroup namespace inside the container. **container:<NAME|ID>**: join the namespace of the specified container. **private**: create a new cgroup namespace. **ns:<PATH>**: join the namespace at the specified path. +If the host uses cgroups v1, the default is set to **host**. On cgroups v2 the default is **private**. + **--cgroups**=*mode* Determines whether the container will create CGroups. @@ -196,9 +198,7 @@ it in the **libpod.conf** file: see **libpod.conf(5)** for more information. **--detach-keys**=*sequence* -Override the key sequence for detaching a container. Format is a single character `[a-Z]` or -a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: -`a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`. +Specify the key sequence for detaching a container. Format is a single character `[a-Z]` or one or more `ctrl-<value>` characters where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Specifying "" will disable this feature. The default is *ctrl-p,ctrl-q*. **--device**=*device* @@ -498,6 +498,10 @@ Current supported mount TYPES are `bind`, `volume`, and `tmpfs`. · tmpfs-mode: File mode of the tmpfs in octal. (e.g. 700 or 0700.) Defaults to 1777 in Linux. + · tmpcopyup: Enable copyup from the image directory at the same location to the tmpfs. Used by default. + + · notmpcopyup: Disable copying files from the image to the tmpfs. + **--name**=*name* Assign a name to the container diff --git a/docs/source/markdown/podman-exec.1.md b/docs/source/markdown/podman-exec.1.md index 4c17c056a..9624425dc 100644 --- a/docs/source/markdown/podman-exec.1.md +++ b/docs/source/markdown/podman-exec.1.md @@ -15,7 +15,7 @@ podman\-exec - Execute a command in a running container **--detach-keys**=*sequence* -Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. +Specify the key sequence for detaching a container. Format is a single character `[a-Z]` or one or more `ctrl-<value>` characters where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Specifying "" will disable this feature. The default is *ctrl-p,ctrl-q*. **--env**, **-e** diff --git a/docs/source/markdown/podman-remote.conf.5.md b/docs/source/markdown/podman-remote.conf.5.md new file mode 100644 index 000000000..e9cc05989 --- /dev/null +++ b/docs/source/markdown/podman-remote.conf.5.md @@ -0,0 +1,57 @@ +% podman-remote.conf(5) + +## NAME +podman-remote.conf - configuration file for the podman remote client + +## DESCRIPTION +The libpod.conf file is the default configuration file for all tools using +libpod to manage containers. + +The podman-remote.conf file is the default configuration file for the podman +remote client. It is in the TOML format. It is primarily used to keep track +of the user's remote connections. + +## CONNECTION OPTIONS +**destination** = "" + The hostname or IP address of the remote system + +**username** = "" + The username to use when connecting to the remote system + +**default** = bool + Denotes whether the connection is the default connection for the user. The default connection + is used when the user does not specify a destination or connection name to `podman`. + +**port** = int + Use an alternative port for the ssh connections. The default port is 22. + +**identity_file** = "" + Use an alternative location for the ssh private key + +**ignore_hosts** = bool + Don't match the remote ssh host key with known hosts + + +## EXAMPLE + +The following example depicts a configuration file with two connections. One of the connections +is designated as the default connection. +``` +[connections] + [connections.host1] + destination = "host1" + username = "homer" + default = true + + [connections.host2] + destination = "192.168.122.133" + username = "fedora" + port = 2222 +``` + +## FILES + `/$HOME/.config/containers/podman-remote.conf`, default location for the podman remote +configuration file + +## HISTORY +May 2019, Originally compiled by Brent Baude<bbaude@redhat.com> diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index d6d8f4c1e..28b00ee29 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -81,12 +81,14 @@ Drop Linux capabilities **--cgroupns**=*mode* -Set the cgroup namespace mode for the container, by default **host** is used. +Set the cgroup namespace mode for the container. **host**: use the host's cgroup namespace inside the container. **container:<NAME|ID>**: join the namespace of the specified container. **private**: create a new cgroup namespace. **ns:<PATH>**: join the namespace at the specified path. +If the host uses cgroups v1, the default is set to **host**. On cgroups v2 the default is **private**. + **--cgroups**=*mode* Determines whether the container will create CGroups. @@ -202,9 +204,7 @@ it in the **libpod.conf** file: see **libpod.conf(5)** for more information. **--detach-keys**=*sequence* -Override the key sequence for detaching a container. Format is a single character `[a-Z]` or -a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: -`a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`. +Specify the key sequence for detaching a container. Format is a single character `[a-Z]` or one or more `ctrl-<value>` characters where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Specifying "" will disable this feature. The default is *ctrl-p,ctrl-q*. **--device**=*device* @@ -509,6 +509,10 @@ Current supported mount TYPES are `bind`, `volume`, and `tmpfs`. · tmpfs-mode: File mode of the tmpfs in octal. (e.g. 700 or 0700.) Defaults to 1777 in Linux. + · tmpcopyup: Enable copyup from the image directory at the same location to the tmpfs. Used by default. + + · notmpcopyup: Disable copying files from the image to the tmpfs. + **--name**=*name* Assign a name to the container diff --git a/docs/source/markdown/podman-start.1.md b/docs/source/markdown/podman-start.1.md index 4c81d17bd..84af9d800 100644 --- a/docs/source/markdown/podman-start.1.md +++ b/docs/source/markdown/podman-start.1.md @@ -23,9 +23,7 @@ starting multiple containers. **--detach-keys**=*sequence* -Override the key sequence for detaching a container. Format is a single character `[a-Z]` or -a comma separated sequence of `ctrl-<value>`, where `<value>` is one of: -`a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`. +Specify the key sequence for detaching a container. Format is a single character `[a-Z]` or one or more `ctrl-<value>` characters where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Specifying "" will disable this feature. The default is *ctrl-p,ctrl-q*. **--interactive**, **-i** |