diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/source/markdown/libpod.conf.5.md | 3 | ||||
| -rw-r--r-- | docs/source/markdown/podman-build.1.md | 17 | ||||
| -rw-r--r-- | docs/source/markdown/podman-create.1.md | 21 | ||||
| -rw-r--r-- | docs/source/markdown/podman-images.1.md | 8 | ||||
| -rw-r--r-- | docs/source/markdown/podman-login.1.md | 7 | ||||
| -rw-r--r-- | docs/source/markdown/podman-logout.1.md | 3 | ||||
| -rw-r--r-- | docs/source/markdown/podman-logs.1.md | 2 | ||||
| -rw-r--r-- | docs/source/markdown/podman-pod-create.1.md | 54 | ||||
| -rw-r--r-- | docs/source/markdown/podman-ps.1.md | 3 | ||||
| -rw-r--r-- | docs/source/markdown/podman-run.1.md | 7 |
10 files changed, 93 insertions, 32 deletions
diff --git a/docs/source/markdown/libpod.conf.5.md b/docs/source/markdown/libpod.conf.5.md index c28c80b56..ca45bccf6 100644 --- a/docs/source/markdown/libpod.conf.5.md +++ b/docs/source/markdown/libpod.conf.5.md @@ -83,7 +83,8 @@ libpod to manage containers. containers and pods are visible. **label**="true|false" - Indicates whether the containers should use label separation. + Indicates whether the containers should use label separation by default. + Can be overridden via `--security-opt label=...` on the CLI. **num_locks**="" Number of locks available for containers and pods. Each created container or pod consumes one lock. diff --git a/docs/source/markdown/podman-build.1.md b/docs/source/markdown/podman-build.1.md index 738644c16..12f099e65 100644 --- a/docs/source/markdown/podman-build.1.md +++ b/docs/source/markdown/podman-build.1.md @@ -172,13 +172,20 @@ The [username[:password]] to use to authenticate with the registry if required. If one or both values are not supplied, a command line prompt will appear and the value can be entered. The password is entered without echo. -**--device**=*device* +**--device**=_host-device_[**:**_container-device_][**:**_permissions_] -Add a host device to the container. The format is `<device-on-host>[:<device-on-container>][:<permissions>]` (e.g. --device=/dev/sdc:/dev/xvdc:rwm) +Add a host device to the container. Optional *permissions* parameter +can be used to specify device permissions, it is combination of +**r** for read, **w** for write, and **m** for **mknod**(2). -Note: if the user only has access rights via a group then accessing the device -from inside a rootless container will fail. The `crun` runtime offers a -workaround for this by adding the option `--annotation run.oci.keep_original_groups=1`. +Example: **--device=/dev/sdc:/dev/xvdc:rwm**. + +Note: if _host_device_ is a symbolic link then it will be resolved first. +The container will only store the major and minor numbers of the host device. + +Note: if the user only has access rights via a group, accessing the device +from inside a rootless container will fail. The **crun**(1) runtime offers a +workaround for this by adding the option **--annotation run.oci.keep_original_groups=1**. **--disable-compression, -D** diff --git a/docs/source/markdown/podman-create.1.md b/docs/source/markdown/podman-create.1.md index ca38be6a1..3c5f81764 100644 --- a/docs/source/markdown/podman-create.1.md +++ b/docs/source/markdown/podman-create.1.md @@ -201,13 +201,20 @@ it in the **libpod.conf** file: see **libpod.conf(5)** for more information. Specify the key sequence for detaching a container. Format is a single character `[a-Z]` or one or more `ctrl-<value>` characters where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`. Specifying "" will disable this feature. The default is *ctrl-p,ctrl-q*. -**--device**=*device* +**--device**=_host-device_[**:**_container-device_][**:**_permissions_] -Add a host device to the container. The format is `<device-on-host>[:<device-on-container>][:<permissions>]` (e.g. --device=/dev/sdc:/dev/xvdc:rwm) +Add a host device to the container. Optional *permissions* parameter +can be used to specify device permissions, it is combination of +**r** for read, **w** for write, and **m** for **mknod**(2). -Note: if the user only has access rights via a group then accessing the device -from inside a rootless container will fail. The `crun` runtime offers a -workaround for this by adding the option `--annotation run.oci.keep_original_groups=1`. +Example: **--device=/dev/sdc:/dev/xvdc:rwm**. + +Note: if _host_device_ is a symbolic link then it will be resolved first. +The container will only store the major and minor numbers of the host device. + +Note: if the user only has access rights via a group, accessing the device +from inside a rootless container will fail. The **crun**(1) runtime offers a +workaround for this by adding the option **--annotation run.oci.keep_original_groups=1**. **--device-cgroup-rule**="type major:minor mode" @@ -557,6 +564,10 @@ Valid values are: Not implemented +**--no-healthcheck**=*true|false* + +Disable any defined healthchecks for container. + **--no-hosts**=*true|false* Do not create /etc/hosts for the container. diff --git a/docs/source/markdown/podman-images.1.md b/docs/source/markdown/podman-images.1.md index d22fb940f..09778e3c2 100644 --- a/docs/source/markdown/podman-images.1.md +++ b/docs/source/markdown/podman-images.1.md @@ -29,11 +29,11 @@ Filter output based on conditions provided Filters: - **after==TIMESTRING** - Filter on images created after the given time.Time. + **since=IMAGE** + Filter on images created after the given IMAGE (name or tag). - **before==TIMESTRING** - Filter on images created before the given time.Time. + **before=IMAGE** + Filter on images created before the given IMAGE (name or tag). **dangling=true|false** Show dangling images. Dangling images are a file system layer that was used in a previous build of an image and is no longer referenced by any active images. They are denoted with the <none> tag, consume disk space and serve no active purpose. diff --git a/docs/source/markdown/podman-login.1.md b/docs/source/markdown/podman-login.1.md index 8a84d359d..a69b311eb 100644 --- a/docs/source/markdown/podman-login.1.md +++ b/docs/source/markdown/podman-login.1.md @@ -4,11 +4,12 @@ podman\-login - Login to a container registry ## SYNOPSIS -**podman login** [*options*] *registry* +**podman login** [*options*] [*registry*] ## DESCRIPTION **podman login** logs into a specified registry server with the correct username -and password. **podman login** reads in the username and password from STDIN. +and password. If the registry is not specified, the first registry under [registries.search] +from registries.conf will be used. **podman login** reads in the username and password from STDIN. The username and password can also be set using the **username** and **password** flags. The path of the authentication file can be specified by the user by setting the **authfile** flag. The default path used is **${XDG\_RUNTIME\_DIR}/containers/auth.json**. @@ -17,7 +18,7 @@ flag. The default path used is **${XDG\_RUNTIME\_DIR}/containers/auth.json**. **podman login [GLOBAL OPTIONS]** -**podman login [OPTIONS] REGISTRY [GLOBAL OPTIONS]** +**podman login [OPTIONS] [REGISTRY] [GLOBAL OPTIONS]** ## OPTIONS diff --git a/docs/source/markdown/podman-logout.1.md b/docs/source/markdown/podman-logout.1.md index 01dc52ecd..8b9f75760 100644 --- a/docs/source/markdown/podman-logout.1.md +++ b/docs/source/markdown/podman-logout.1.md @@ -8,7 +8,8 @@ podman\-logout - Logout of a container registry ## DESCRIPTION **podman logout** logs out of a specified registry server by deleting the cached credentials -stored in the **auth.json** file. The path of the authentication file can be overridden by the user by setting the **authfile** flag. +stored in the **auth.json** file. If the registry is not specified, the first registry under [registries.search] +from registries.conf will be used. The path of the authentication file can be overridden by the user by setting the **authfile** flag. The default path used is **${XDG\_RUNTIME\_DIR}/containers/auth.json**. All the cached credentials can be removed by setting the **all** flag. diff --git a/docs/source/markdown/podman-logs.1.md b/docs/source/markdown/podman-logs.1.md index 5507ba13a..66308c2b5 100644 --- a/docs/source/markdown/podman-logs.1.md +++ b/docs/source/markdown/podman-logs.1.md @@ -11,7 +11,7 @@ podman\-logs - Display the logs of one or more containers ## DESCRIPTION The podman logs command batch-retrieves whatever logs are present for one or more containers at the time of execution. This does not guarantee execution order when combined with podman run (i.e. your run may not have generated -any logs at the time you execute podman logs +any logs at the time you execute podman logs). ## OPTIONS diff --git a/docs/source/markdown/podman-pod-create.1.md b/docs/source/markdown/podman-pod-create.1.md index cd1de6401..dba31f681 100644 --- a/docs/source/markdown/podman-pod-create.1.md +++ b/docs/source/markdown/podman-pod-create.1.md @@ -15,50 +15,82 @@ containers added to it. The pod id is printed to STDOUT. You can then use ## OPTIONS +**--add-host**=_host_:_ip_ + +Add a host to the /etc/hosts file shared between all containers in the pod. + **--cgroup-parent**=*path* Path to cgroups under which the cgroup for the pod will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist. +**--dns**=*ipaddr* + +Set custom DNS servers in the /etc/resolv.conf file that will be shared between all containers in the pod. A special option, "none" is allowed which disables creation of /etc/resolv.conf for the pod. + +**--dns-opt**=*option* + +Set custom DNS options in the /etc/resolv.conf file that will be shared between all containers in the pod. + +**--dns-search**=*domain* + +Set custom DNS search domains in the /etc/resolv.conf file that will be shared between all containers in the pod. + **--help** -Print usage statement +Print usage statement. -**--infra** +**--infra**=**true**|**false** -Create an infra container and associate it with the pod. An infra container is a lightweight container used to coordinate the shared kernel namespace of a pod. Default: true +Create an infra container and associate it with the pod. An infra container is a lightweight container used to coordinate the shared kernel namespace of a pod. Default: true. **--infra-command**=*command* -The command that will be run to start the infra container. Default: "/pause" +The command that will be run to start the infra container. Default: "/pause". **--infra-image**=*image* -The image that will be created for the infra container. Default: "k8s.gcr.io/pause:3.1" +The image that will be created for the infra container. Default: "k8s.gcr.io/pause:3.1". + +**--ip**=*ipaddr* + +Set a static IP for the pod's shared network. **-l**, **--label**=*label* -Add metadata to a pod (e.g., --label com.example.key=value) +Add metadata to a pod (e.g., --label com.example.key=value). **--label-file**=*label* -Read in a line delimited file of labels +Read in a line delimited file of labels. + +**--mac-address**=*address* + +Set a static MAC address for the pod's shared network. **-n**, **--name**=*name* -Assign a name to the pod +Assign a name to the pod. + +**--network**=*mode* + +Set network mode for the pod. Supported values are *bridge* (the default), *host* (do not create a network namespace, all containers in the pod will use the host's network), or a comma-separated list of the names of CNI networks the pod should join. + +**--no-hosts**=**true**|**false** + +Disable creation of /etc/hosts for the pod. **--podidfile**=*podid* -Write the pod ID to the file +Write the pod ID to the file. **-p**, **--publish**=*port* -Publish a port or range of ports from the pod to the host +Publish a port or range of ports from the pod to the host. Format: `ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort` Both hostPort and containerPort can be specified as a range of ports. When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range. -Use `podman port` to see the actual mapping: `podman port CONTAINER $CONTAINERPORT` +Use `podman port` to see the actual mapping: `podman port CONTAINER $CONTAINERPORT`. NOTE: This cannot be modified once the pod is created. diff --git a/docs/source/markdown/podman-ps.1.md b/docs/source/markdown/podman-ps.1.md index 23bf9f45d..2f8112aab 100644 --- a/docs/source/markdown/podman-ps.1.md +++ b/docs/source/markdown/podman-ps.1.md @@ -55,7 +55,8 @@ Valid placeholders for the Go template are listed below: | **Placeholder** | **Description** | | --------------- | ------------------------------------------------ | | .ID | Container ID | -| .Image | Image ID/Name | +| .Image | Image Name/ID | +| .ImageID | Image ID | | .Command | Quoted command used | | .CreatedAt | Creation time for container | | .RunningFor | Time elapsed since container was started | diff --git a/docs/source/markdown/podman-run.1.md b/docs/source/markdown/podman-run.1.md index f391307b3..220b32a46 100644 --- a/docs/source/markdown/podman-run.1.md +++ b/docs/source/markdown/podman-run.1.md @@ -218,6 +218,9 @@ can be used to specify device permissions, it is combination of Example: **--device=/dev/sdc:/dev/xvdc:rwm**. +Note: if _host_device_ is a symbolic link then it will be resolved first. +The container will only store the major and minor numbers of the host device. + Note: if the user only has access rights via a group, accessing the device from inside a rootless container will fail. The **crun**(1) runtime offers a workaround for this by adding the option **--annotation run.oci.keep_original_groups=1**. @@ -560,6 +563,10 @@ Valid _mode_ values are: Not implemented. +**--no-healthcheck**=*true|false* + +Disable any defined healthchecks for container. + **--no-hosts**=**true**|**false** Do not create _/etc/hosts_ for the container. |