| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This one is a nightmare, because --volume has been edited
in four different files throughout the years (five if you
count podman-build, which I am not including in this PR).
Those edits have not always been done in sync.
The list of options was reordered 2022-06-28 by Giuseppe in #14734,
but only in podman-create and -run (not in podman-pod-*). No
explanation of why, but I'll assume he knew what he was doing,
and have accepted that for the reference copy.
There was also a big edit in #8519.
The "Propagation property...bind mounted" sentence first appeared
in pod-clone, in #14299 by cdoern, with no obvious source of where
it came from. I choose to include it in the reference copy.
The "**copy**" option seems to work in pod-create, so I'm including
it in the reference copy. Someone please yell loudly if this is
not the case.
The "disables SELinux separation for containers used in the build",
no idea, changed that to just "for the container/pod"
The "advanced users / overlay / upperdir / workdir" paragraph
makes zero sense to me, but hey, I assume it applies to all
the commands, so I put it in the reference copy.
Finally, there's still a mishmash of backticks, asterisks, underscores,
and even quotation marks. Someone is gonna have to perform major
cleanup on this one day, but at least it'll be in only one place.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For systems that have extreme robustness requirements (edge devices,
particularly those in difficult to access environments), it is important
that applications continue running in all circumstances. When the
application fails, Podman must restart it automatically to provide this
robustness. Otherwise, these devices may require customer IT to
physically gain access to restart, which can be prohibitively difficult.
Add a new `--on-failure` flag that supports four actions:
- **none**: Take no action.
- **kill**: Kill the container.
- **restart**: Restart the container. Do not combine the `restart`
action with the `--restart` flag. When running inside of
a systemd unit, consider using the `kill` or `stop`
action instead to make use of systemd's restart policy.
- **stop**: Stop the container.
To remain backwards compatible, **none** is the default action.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
| |
An easy one. Went with the version from podman-run.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Man pages: refactor common options: --sysctl
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As promised, harder and harder to review. Please take your time
with this one.
For IPC, I went with the list form. For net, I used the single-
sentence form instead of a one-element list.
The container/pod diffs are clumsy, sorry. Maybe it's time to
start thinking of a more flexible conditional mechanism, but
I'd really like to avoid that so I hope this is acceptable.
In the first sentence I went with 'namespaced' (final 'd') in
all instances. I also got rid of the 'new' in 'new pod' in
pod-clone.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| |/
|/| |
[CI:DOCS] Fix manpage header formatting
|
| | |
| |
| |
| | |
Signed-off-by: Andrew Denton <adenton@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The refactors are starting to get harder to review - sorry.
Here the differences are pretty small, mostly changes to the
"it is a combination" wording and some asteriskization.
The more significant diffs are that there are some Notes that
are pod- or container- or build-specific; I needed to move those
from the middle to the end, then keep them in the source files
themselves. I don't think this affects readability of the
resulting man pages, but your opinion may differ.
Last important thing: I included the /dev/fuse text in the
common option, which means it will now show up in podman-build
(it was not previously there). If this text is not applicable
to podman-build, please LMK ASAP so I can just move it back
to individual source files.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
(memory-star, i.e., several memory options) that didn't get
included in #15276. Most of them are shoo-ins; the two in
container-clone and pod-clone deserve special attention
because of the "If unspecified" wording.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Went with the podman-run version, where the "example" is
in the option template as per our guidelines.
I could not include the network- or volume-create
man pages, nor podman build.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Man pages: refactor common options: --name
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Only for podman-create and -run, unfortunately: all the
others are too different, and can't easily be combined.
I went with the podman-run version because it was most
recently updated in #5192.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
podman update allows users to change the cgroup configuration of an existing container using the already defined resource limits flags
from podman create/run. The supported flags in crun are:
this command is also now supported in the libpod api via the /libpod/containers/<CID>/update endpoint where
the resource limits are passed inthe request body and follow the OCI resource spec format
–memory
–cpus
–cpuset-cpus
–cpuset-mems
–memory-swap
–memory-reservation
–cpu-shares
–cpu-quota
–cpu-period
–blkio-weight
–cpu-rt-period
–cpu-rt-runtime
-device-read-bps
-device-write-bps
-device-read-iops
-device-write-iops
-memory-swappiness
-blkio-weight-device
resolves #15067
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |\
| |
| | |
podman: add uid and gid options to keep-id
|
| | |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add two new options to the keep-id user namespace option:
- uid: allow to override the UID used inside the container.
- gid: allow to override the GID used inside the container.
For example, the following command will map the rootless user (that
has UID=0 inside the rootless user namespace) to the UID=11 inside the
container user namespace:
$ podman run --userns=keep-id:uid=11 --rm -ti fedora cat /proc/self/uid_map
0 1 11
11 0 1
12 12 65525
Closes: https://github.com/containers/podman/issues/15294
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Only applicable to podman-create and -run. I went with the -run
version because it is cleaner and more recently updated.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
| |
Whew! This one started off identical everywhere, but the version
in podman-run got fixed in #1380, then again in #5192, with no
corresponding fixes to any of the other man pages.
I went with the podman-run version, with a small change in wording.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
| |
Only between podman-create and -run. (podman-build is too
different). I went with the podman-run version.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
--dns-opt and --dns-search, but only in podman-create and -run.
Went with the -run version in both cases; --dns-opt remained
unchanged, but in --dns-search I changed 'and' to 'with'.
Did not consolidate podman-build or podman-pod-create: too
different.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
| |
I went with the podman-run version, which better conforms to
style conventions.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
| |
I chose the one from podman-run, but reordered ns/private
to put them in alphabetical order.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
[CI:DOCS] Man pages: refactor common options: --ipc
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is not an easy one to review, sorry.
I went with the version from podman-create. The differences
against podman-run are subtle: apostrophes, whitespace, and
the arg description in the '####' line. Suggestion for review:
run hack/markdown-preprocess-review, then after you finish
with that, cd /tmp/markdown<TAB>/ipc and use your favorite
two-file diff tool to compare podman-run* against zzz*.
I did not even try to combine the podman-build one; that one
is too different.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\ \
| |/
|/| |
run,create: add support for `--env-merge` for preprocessing default environment variables
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow end users to preprocess default environment variables before
injecting them into container using `--env-merge`
Usage
```
podman run -it --rm --env-merge some=${some}-edit --env-merge
some2=${some2}-edit2 myimage sh
```
Closes: https://github.com/containers/podman/issues/15288
Signed-off-by: Aditya R <arajan@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Two versions: one for container-related commands, one for pods.
The container one is easy: all versions matched, so I made no
changes.
The pod one is hard to review. I went with the pod-clone
version because the pod-create one looks suspicious: it
talks in terms of containers, not pods. It's possible
that I've got it wrong, and that these two cannot be
combined, so please review very carefully. I strongly
recommend using hack/markdown-preprocess-review for this one.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
| |
I chose the version from podman-run because it is the most
up-to-date, and most correct wrt current syntax guidelines.
Differences are in arg description, language, and asterisks.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
| |
I chose the version from podman-create. (This is unusual. podman-run
tends to have the better-maintained, more up-to-date version.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
A NOP option. I chose the container word, of course, and the
word 'option' instead of 'flag'. I also hyphenated where needed.
I'm choosing to eliminate the "not on remote" text, because I
don't think it's true: podman-remote happily accepts that
flag on all those commands, including build. (It's marked
as hidden on build, but still accepted).
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Only on podman create and run: the --cpus option on container-clone
and pod-clone can probably be combined, but maybe later. pod-create
has unique wording that can't be combined.
This is a freebie to review: the text in both files was already
identical, and I made no changes to it. hack/markdown-preprocess-review
will agree, and show you no diffs, because there are none worth
seeing.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Warning messages are printed and ignored if we use an unsupported option on cgroups V1 rootless systems
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When an unsupported limit on cgroups V1 rootless systems
is requested, podman prints an warning message and
ignores the option/flag.
```
Target options/flags:
--cpu-period, --cpu-quota, --cpu-rt-period, --cpu-rt-runtime,
--cpus, --cpu-shares, --cpuset-cpus, --cpuset-mems, --memory,
--memory-reservation, --memory-swap, --memory-swappiness,
--blkio-weight, --device-read-bps, --device-write-bps,
--device-read-iops, --device-write-iops, --blkio-weight-device
```
Related to https://github.com/containers/podman/discussions/10152
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| |\ \
| | |
| | | |
[CI:DOCS] Update Troubleshooting.md
|
| | |/
| |
| |
| |
| |
| |
| | |
- Fix the item number
- Fix the links
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Much like --cidfile (#15414), --pod-id-file has two meanings.
One is used in pod-related commands, one in container ones.
Both meanings read the file, so the read/write split used
in --cidfile is not applicable here.
podman-pod-create keeps its --pod-id-file option because
that one cannot be refactored: that's the only command (now)
that writes a pod-id file.
Reviewable using hack/markdown-preprocess-review but I
did take some liberties with the #### args because they
were wrong. And, since I had to much with the description
text anyway (resulting in diffs), I also took the liberty
of cleaning up a double space.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are two meanings: one writes a cidfile, the other reads.
Split into two .md files.
This can be reviewed with hack/markdown-preprocess-review .
The main differences you'll see are all in cidfile.read:
1) I use the <<subcommand>> feature. This works nicely for
kill, pause/unpause, and stop. It works less nicely for
rm, because the man page will show "...and rm the container"
(a human might prefer to see "REMOVE the container"). Given
the benefit of this cleanup, I think this is a fine tradeoff.
2) I choose to include the "multiple times" text even on man pages
where it wasn't present before. I tested to make sure it works.
3) The #### line I choose is IMHO the best one.
Minor differences:
* I believe the "remove the container" text in podman-kill
and podman-stop is a copy/paste error. This PR fixes it.
* The only differences between the cidfile.write texts is
the #### line (my version is best) and a final period.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
After pulling/creating an image of a foreign platform, Podman will
happily use it when looking it up in the local storage and will not
pull down the image matching the host platform.
As discussed in #12682, the reasoning for it is Docker compatibility and
the fact that user already rely on the behavior. While Podman is now
emitting a warning when an image is in use not matching the local
platform, the documentation was lacking that information.
Fixes: #15300
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor the --authfile option.
My suggestion for review:
1) run hack/markdown-preprocess-review and immediately Ctrl-Q to
quit out of diffuse, which is completely unusable for this
many files; then
2) cd /tmp/markdown-preprocess-review.diffs/authfile
- this is the directory created by the review script
3) rm podman-image-sign* podman-log* podman-search.1.md.in
- because they're essentially identical to podman-create
4) rm podman-manifest-* podman-push.*
- because they're 100% identical to podman-kube-play
5) rm podman-kube-play*
- because it's apart-from-whitespace identical to podman-build
(use "wdiff" to confirm)
6) rm podman-auto-update*
- because that's the one I chose (hence == zzz-chosen.md)
(You should obviously run your own diff/cmp before rm, to confirm
my assertions about which files are identical).
After all that, you have a manageable number of files which
you can scan, read, diff against zzz-chosen.md, even run diffuse.
This option is IMHO the poster child for why we need this kind
of man page refactoring.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refactor the --annotation option, but only between podman create,
kube play, and run.
This does not include:
* podman build:
- usage is in terms of images, not containers/pods
* manifest add, manifest annotate:
- usage is in terms of images, not containers/pods
- also, wording is slightly different
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Smaller, more reviewable chunks.
This is just one option, --arch. Future PRs may, if the reviewing
is easy, include multiple options. This one includes fixes to
the preprocessor script, though:
* big oops, I was not handling '<<something pod|something>>'
where 'pod' appears other than the beginning of the string.
* I was also not handling 'container<<| or pod>>', where one
side was empty.
* Behavior change: <<subcommand>>, on podman-pod-foo,
becomes just 'foo' (not 'pod foo'). This will be useful
in a future PR where we refactor --pod-id-file.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
| |
Continued. Harder-to-review ones this time.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Followup to #15174. These are the options that are easy(ish)
to review: those that have only drifted slightly, and need
only minor tweaks to bring back to sanity. For the most part,
I went with the text in podman-run because that was cleaned up
in #5192 way back in 2020. These diffs primarily consist of
using '**' (star star) instead of backticks, plus other
formatting and punctuation changes.
This PR also adds a README in the options dir, and a new
convention: <<container text...|pod text...>> which tries
to do the right thing based on whether the man page name
includes "-pod-" or not. Since that's kind of hairy code,
I've also added a test suite for it.
Finally, since this is impossible to review by normal means,
I'm temporarily committing hack/markdown-preprocess-review,
a script that will diff option-by-option. I will remove it
once we finish this cleanup, but be advised that there are
still 130+ options left to examine, and some of those are
going to be really hard to reunite.
Review script usage: simply run it (you need to have 'diffuse'
installed). It isn't exactly obvious, but it shouldn't take more
than a minute to figure out. The rightmost column (zzz-chosen.md)
is the "winner", the actual content that will be used henceforth.
You really want an ultrawide screen here.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
podman-create and -run have many options in common. To date,
these are copy-pasted and haphazardly maintained.
Solution: add an include mechanism, '@@option foo', such
that multiple md source files can fetch from one common file.
This is a Phase One commit, a very small subset of what's
possible. Purpose of this commit is ease of review. If this
passes review, much more (trickier stuff) will be forthcoming.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
