diff options
Diffstat (limited to 'docs/source')
| -rw-r--r-- | docs/source/markdown/podman-container-clone.1.md | 27 | ||||
| -rw-r--r-- | docs/source/markdown/podman-container-inspect.1.md | 2 | ||||
| -rw-r--r-- | docs/source/markdown/podman-create.1.md | 20 | ||||
| -rw-r--r-- | docs/source/markdown/podman-machine-init.1.md | 3 | ||||
| -rw-r--r-- | docs/source/markdown/podman-run.1.md | 10 |
5 files changed, 57 insertions, 5 deletions
diff --git a/docs/source/markdown/podman-container-clone.1.md b/docs/source/markdown/podman-container-clone.1.md index 6c23abe81..7d5e1c262 100644 --- a/docs/source/markdown/podman-container-clone.1.md +++ b/docs/source/markdown/podman-container-clone.1.md @@ -137,6 +137,33 @@ system's page size (the value would be very large, that's millions of trillions) If no memory limits are specified, the original container's will be used. +#### **--memory-reservation**=*limit* + +Memory soft limit (format: `<number>[<unit>]`, where unit = b (bytes), k (kilobytes), m (megabytes), or g (gigabytes)) + +After setting memory reservation, when the system detects memory contention +or low memory, containers are forced to restrict their consumption to their +reservation. So you should always set the value below **--memory**, otherwise the +hard limit will take precedence. By default, memory reservation will be the same +as memory limit from the container being cloned. + +#### **--memory-swap**=*limit* + +A limit value equal to memory plus swap. Must be used with the **-m** +(**--memory**) flag. The swap `LIMIT` should always be larger than **-m** +(**--memory**) value. By default, the swap `LIMIT` will be set to double +the value of --memory if specified. Otherwise, the container being cloned will be used to derive the swap value. + +The format of `LIMIT` is `<number>[<unit>]`. Unit can be `b` (bytes), +`k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a +unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap. + +#### **--memory-swappiness**=*number* + +Tune a container's memory swappiness behavior. Accepts an integer between 0 and 100. + +This flag is not supported on cgroups V2 systems. + #### **--name** Set a custom name for the cloned container. The default if not specified is of the syntax: **<ORIGINAL_NAME>-clone** diff --git a/docs/source/markdown/podman-container-inspect.1.md b/docs/source/markdown/podman-container-inspect.1.md index 9945fca7c..4e45bcc40 100644 --- a/docs/source/markdown/podman-container-inspect.1.md +++ b/docs/source/markdown/podman-container-inspect.1.md @@ -219,7 +219,7 @@ $ podman container inspect foobar "DnsSearch": [], "ExtraHosts": [], "GroupAdd": [], - "IpcMode": "private", + "IpcMode": "shareable", "Cgroup": "", "Cgroups": "default", "Links": null, diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index c4d27e321..45d0d0b3e 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -504,10 +504,16 @@ To specify multiple static IPv6 addresses per container, set multiple networks u #### **--ipc**=*ipc* -Default is to create a private IPC namespace (POSIX SysV IPC) for the container - `container:<name|id>`: reuses another container shared memory, semaphores and message queues - `host`: use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure. - `ns:<path>` path to an IPC namespace to join. +Set the IPC namespace mode for a container. The default is to create +a private IPC namespace. + +- "": Use Podman's default, defined in containers.conf. +- **container:**_id_: reuses another container's shared memory, semaphores, and message queues +- **host**: use the host's shared memory, semaphores, and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure. +- **none**: private IPC namespace, with /dev/shm not mounted. +- **ns:**_path_: path to an IPC namespace to join. +- **private**: private IPC namespace. += **shareable**: private IPC namespace with a possibility to share it with other containers. #### **--label**, **-l**=*label* @@ -755,6 +761,12 @@ Tune the host's OOM preferences for containers (accepts -1000 to 1000) #### **--os**=*OS* Override the OS, defaults to hosts, of the image to be pulled. For example, `windows`. +#### **--passwd-entry**=*ENTRY* + +Customize the entry that is written to the `/etc/passwd` file within the container when `--passwd` is used. + +The variables $USERNAME, $UID, $GID, $NAME, $HOME are automatically replaced with their value at runtime. + #### **--personality**=*persona* Personality sets the execution domain via Linux personality(2). diff --git a/docs/source/markdown/podman-machine-init.1.md b/docs/source/markdown/podman-machine-init.1.md index ac258eaae..33947bbba 100644 --- a/docs/source/markdown/podman-machine-init.1.md +++ b/docs/source/markdown/podman-machine-init.1.md @@ -83,6 +83,9 @@ Podman mounts _host-dir_ in the host to _machine-dir_ in the Podman machine. The root filesystem is mounted read-only in the default operating system, so mounts must be created under the /mnt directory. +Default volume mounts are defined in *containers.conf*. Unless changed, the default values +is `$HOME:$HOME`. + #### **--volume-driver** Driver to use for mounting volumes from the host, such as `virtfs`. diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index e4ccd0368..5c276c04a 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -528,9 +528,13 @@ To specify multiple static IPv6 addresses per container, set multiple networks u Set the IPC namespace mode for a container. The default is to create a private IPC namespace. +- "": Use Podman's default, defined in containers.conf. - **container:**_id_: reuses another container shared memory, semaphores and message queues - **host**: use the host shared memory,semaphores and message queues inside the container. Note: the host mode gives the container full access to local shared memory and is therefore considered insecure. +- **none**: private IPC namespace, with /dev/shm not mounted. - **ns:**_path_: path to an IPC namespace to join. +- **private**: private IPC namespace. += **shareable**: private IPC namespace with a possibility to share it with other containers. #### **--label**, **-l**=*key*=*value* @@ -787,6 +791,12 @@ Override the OS, defaults to hosts, of the image to be pulled. For example, `win Allow Podman to add entries to /etc/passwd and /etc/group when used in conjunction with the --user option. This is used to override the Podman provided user setup in favor of entrypoint configurations such as libnss-extrausers. +#### **--passwd-entry**=*ENTRY* + +Customize the entry that is written to the `/etc/passwd` file within the container when `--passwd` is used. + +The variables $USERNAME, $UID, $GID, $NAME, $HOME are automatically replaced with their value at runtime. + #### **--personality**=*persona* Personality sets the execution domain via Linux personality(2). |