summaryrefslogtreecommitdiff
path: root/docs/source/markdown
Commit message (Collapse)AuthorAge
* generate systemd: make mounts portableValentin Rothberg2021-05-31
| | | | | | | | | | | | | | | | | | | Commit 748826fc88fc fixed a bug where slow mounting of the runroot was causing issues when the units are started at boot. The fix was to add the container's runroot to the required mounts; the graph root has been added as well. Hard-coding the run- and graphroot to the required mounts, however, breaks the portability of units generated with --now. Those units are intended to be running on any machine as, theoreticaly, any user. Make the mounts portable by using the `%t` macro for the run root. Since the graphroot's location varies across root and ordinary users, drop it from the list of required mounts. The graphroot was not causing issues. Fixes: #10493 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* docs: --cert-dir: point to containers-certs.d(5)Valentin Rothberg2021-05-25
| | | | | | | | | Point to containers-certs.d(5) for details on the default paths, the lookup logic and the structure of these directories. Previously, the man pages stated that the default path would be in `/etc/containers/...` which is not entirely and a red herring for users (see #10116). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Podman info add support for status of cgroup controllersflouthoc2021-05-25
| | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* docs: generate systemd: XDG_RUNTIME_DIRValentin Rothberg2021-05-25
| | | | | | | A conversation on the customer portal suggests that to add an extra note about the requirement of XDG_RUNTIME_DIR to be set. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* image prune: remove unused images only with `--all`Valentin Rothberg2021-05-17
| | | | | | | | | | | | | | | | | | Fix a regression in `podman image prune` where unused images were accidentally removed even when `--all=false`. Extend and partially rewrite the e2e tests to make sure we're not regressing again in the future. Fixing the aforementioned issue revealed another issue in the default prune filter. While prune should remove all "dangling" images (i.e., those without tag), it removed only "intermediate" ones; dangling images without children. Remove the mistaken comment from the libimage migration. Also clarify the help message and man page. Fixes: #10350 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Add support for cli network prune --filter flagJakub Guzik2021-05-12
| | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* Revert escaped double dash man page flag syntaxPaul Holzinger2021-05-07
| | | | | | | | Commit 800a2e2d35 introduced a way to disable the conversion of `--`into an en dash on docs.podman.io, so the ugly workaround of escaping the dashes is no longer necessary. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #10249 from rhatdan/man1OpenShift Merge Robot2021-05-07
|\ | | | | [CI:DOCS] Add documentation on short-names
| * Add documentation on short-namesDaniel J Walsh2021-05-07
| | | | | | | | | | | | | | | | | | Once we settle on the wording for short-names in podman-pull, I will add the same section to all of the podman commands that use pull. Also ran through all man pages with a spell checker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10202 from EduardoVega/9763-kube-auto-updateOpenShift Merge Robot2021-05-07
|\ \ | | | | | | Add support to preserve auto-update labels in play / generate kube
| * | Adds support to preserve auto update labels in generate and play kubeEduardo Vega2021-05-06
| | | | | | | | | | | | | | | | | | In the case of generate kube the auto-update labels will be converted into kube annotations and for play kube they will be converted back to labels since that's what podman understands Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | | Merge pull request #10221 from ashley-cui/envsecOpenShift Merge Robot2021-05-07
|\ \ \ | |/ / |/| | Add support for environment variable secrets
| * | Add support for environment variable secretsAshley Cui2021-05-06
| | | | | | | | | | | | | | | | | | | | | | | | Env var secrets are env vars that are set inside the container but not commited to and image. Also support reading from env var when creating a secret. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #9689 from boaz0/boaz-1OpenShift Merge Robot2021-05-06
|\ \ \ | |_|/ |/| | add restart-policy to container filters & --filter to podman start
| * | Add restart-policy to container filters & --filter to podman startBoaz Shuster2021-05-06
| | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Add containers.conf information for changing defaultsDaniel J Walsh2021-05-06
|/ / | | | | | | | | | | | | | | | | | | We probably should put a whole bunch of other documentation in man pages about containers.conf, but let's settle on this description before we go add other docs. Helps with: https://github.com/containers/podman/issues/2669 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | codespell cleanupDaniel J Walsh2021-05-05
| | | | | | | | | | | | [NO TESTS NEEDED] This is just running codespell on podman Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10185 from rhatdan/volumeOpenShift Merge Robot2021-05-05
|\ \ | | | | | | Add filepath glob support to --security-opt unmask
| * | Add filepath glob support to --security-opt unmaskDaniel J Walsh2021-05-04
| | | | | | | | | | | | | | | | | | | | | | | | Want to allow users to specify --security-opt unmask=/proc/*. This allows us to run podman within podman more securely, then specifing umask=all, also gives the user more flexibilty. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10208 from Luap99/play-kube-macOpenShift Merge Robot2021-05-05
|\ \ \ | | | | | | | | add --mac-address to podman play kube
| * | | add --mac-address to podman play kubePaul Holzinger2021-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new --mac-address flag to podman play kube. This is used to specify a static MAC address which should be used for the pod. This option can be specified several times because play kube can create more than one pod. Fixes #9731 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | migrate Podman to containers/common/libimageValentin Rothberg2021-05-05
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Migrate the Podman code base over to `common/libimage` which replaces `libpod/image` and a lot of glue code entirely. Note that I tried to leave bread crumbs for changed tests. Miscellaneous changes: * Some errors yield different messages which required to alter some tests. * I fixed some pre-existing issues in the code. Others were marked as `//TODO`s to prevent the PR from exploding. * The `NamesHistory` of an image is returned as is from the storage. Previously, we did some filtering which I think is undesirable. Instead we should return the data as stored in the storage. * Touched handlers use the ABI interfaces where possible. * Local image resolution: previously Podman would match "foo" on "myfoo". This behaviour has been changed and Podman will now only match on repository boundaries such that "foo" would match "my/foo" but not "myfoo". I consider the old behaviour to be a bug, at the very least an exotic corner case. * Futhermore, "foo:none" does *not* resolve to a local image "foo" without tag anymore. It's a hill I am (almost) willing to die on. * `image prune` prints the IDs of pruned images. Previously, in some cases, the names were printed instead. The API clearly states ID, so we should stick to it. * Compat endpoint image removal with _force_ deletes the entire not only the specified tag. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Add --all to podman startBoaz Shuster2021-05-03
|/ / | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com> Co-authored-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #10063 from ParkerVR/autoupdate-localOpenShift Merge Robot2021-04-29
|\ \ | | | | | | Autoupdate Local
| * | TODO completeParker Van Roy2021-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | changed struct to policyMapper change "image" to "registry" in multiple locations Updated documentation with registry alias & autoupdate local Added relevant test Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | | Merge pull request #10170 from ashley-cui/machineoneOpenShift Merge Robot2021-04-29
|\ \ \ | |/ / |/| | [NO TESTS NEEDED] Check if another VM is running on machine start
| * | Check if another VM is running on machine startAshley Cui2021-04-28
| |/ | | | | | | | | | | | | | | Only one VM can be up at a time. If another VM is running, or the current VM is running, error out on a podman machine start [NO TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #10134 from rhatdan/conmonOpenShift Merge Robot2021-04-27
|\ \ | | | | | | [CI:DOCS] Add more documentation on conmon
| * | Add more documentation on conmonDaniel J Walsh2021-04-27
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10119 from rhatdan/timeoutOpenShift Merge Robot2021-04-27
|\ \ | |/ |/| Add podman run --timeout option
| * Add podman run --timeout optionDaniel J Walsh2021-04-23
| | | | | | | | | | | | | | | | | | This option allows users to specify the maximum amount of time to run before conmon sends the kill signal to the container. Fixes: https://github.com/containers/podman/issues/6412 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | [CI:DOCS] Fix Markdown layout bugsErik Sjölund2021-04-25
|/ | | | | | | * Add missing backticks to mark the end of the code block. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Merge pull request #9495 from rhatdan/groupsOpenShift Merge Robot2021-04-22
|\ | | | | Add '--group-add keep-groups': supplementary groups into container
| * Add --group-add keep-groups: suplimentary groups into containerDaniel J Walsh2021-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | Currently we have rootless users who want to leak their groups access into containers, but this group access is only able to be pushed in by a hard to find OCI Runtime annotation. This PR makes this option a lot more visable and hides the complexity within the podman client. This option is only really needed for local rootless users. It makes no sense for remote clients, and probably makes little sense for rootfull containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Fixes from make codespellDaniel J Walsh2021-04-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10103 from pipern/patch-1OpenShift Merge Robot2021-04-21
|\ \ | | | | | | [CI:DOCS] Typo fix to usage text of --compress option
| * | Typo fix to usage text of --compress optionNick Piper2021-04-21
| |/ | | | | | | | | | | Correction of `--format-docker-dir` in to `--format=docker-dir` Signed-off-by: Nick Piper <nick.piper@cgi.com>
* / Add --noheading flag to all list commandsDaniel J Walsh2021-04-21
|/ | | | | | | | | | Currently we have only podman images list --noheading. This PR Adds this option to volumes, containers, pods, networks, machines, and secrets. Fixes: https://github.com/containers/podman/issues/10065 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* [CI:DOCS] Fix Markdown table layout bugsErik Sjölund2021-04-20
| | | | | | | | | * Fix the Markdown table layout bugs that manifest themselves in corrupted tables in the generated HTML pages http://docs.podman.io/en/latest/markdown/podman-create.1.html http://docs.podman.io/en/latest/markdown/podman-run.1.html Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.mdErik Sjölund2021-04-20
| | | | | | | | | | Introduce the concept of "intermediate UID" to explain how --uidmap works when running rootless. Add Markdown tables to show examples of how UIDs are mapped. Co-authored-by: Tom Sweeney <tsweeney@redhat.com> Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* [CI:DOCS] Add missing dash to verbose optionTomSweeneyRedHat2021-04-19
| | | | | | | The `--verbose` option in the import man page was missing a dash, this corrects it. Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #10041 from chenk008/add_pidfile_flagOpenShift Merge Robot2021-04-19
|\ | | | | Add flag "--pidfile" for podman create/run
| * improve documentchenkang2021-04-17
| | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * Modify according to commentschenkang2021-04-17
| | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
| * add flag "--pidfile" for podman create/runwuhua.ck2021-04-16
| | | | | | | | Signed-off-by: chenkang <kongchen28@gmail.com>
* | add --ip to podman play kubePaul Holzinger2021-04-16
|/ | | | | | | | | | Add a new --ip flag to podman play kube. This is used to specify a static IP address which should be used for the pod. This option can be specified several times because play kube can create more than one pod. Fixes #8442 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Update documentation of podman-run to reflect volume "U" optionPablo Correa Gómez2021-04-14
| | | | | | | The "U" option is accepted by `--volume` in `podman-build`, but documentation is missing Signed-off-by: Pablo Correa Gómez <ablocorrea@hotmail.com>
* Fix handling of $NAME and $IMAGE in runlabelDaniel J Walsh2021-04-12
| | | | | | | | Fixes: https://github.com/containers/podman/issues/9405 Add system runlabel tests. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #9935 from EduardoVega/5788-kube-volumeOpenShift Merge Robot2021-04-12
|\ | | | | Add support for play/generate kube PersistentVolumeClaims and Podman volumes
| * Add support for play/generate kube volumesEduardo Vega2021-04-09
| | | | | | | | Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>