| Commit message (Collapse) | Author | Age |
|---|
| |\
| |
| | |
Note port publishing needs in pods for create/run
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add notes to the podman-create and podman-run man pages
to note that ports do not need to be published and should not
be, for containers that will be part of a pod.
Addresses: #6769
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Fix podman build man pages to match buildah functionality.
Also document .dockerignore formatted files.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
it allows to manually tweak the configuration for cgroup v2.
we will expose some of the options in future as single
options (e.g. the new memory knobs), but for now add the more generic
--cgroup-conf mechanism for maximum control on the cgroup
configuration.
OCI specs change: https://github.com/opencontainers/runtime-spec/pull/1040
Requires: https://github.com/containers/crun/pull/459
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* override --url and/or --identity fields from containers.conf
* --connection flag has higher precedence than ActiveService from
containers.conf. Which is set via podman system connection default
* Add newline to error message printed on stderr
* Added --connection to bash completion and documentation
* Updated bindings to query server in case of no path or /
Closes #jira-991
Fixes #7276
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Squashed commits to work around CI issue
|
| |
|
|
|
|
|
|
| |
Add better error message when using `--pod` and `--hostname`.
Improve the docs to better explain the uts hostname relation.
Add more valid options for the `--uts` flag.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |
|
|
|
|
|
| |
it allows to customize the options passed down to the OCI runtime for
setting up the /proc mount.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |
|
|
|
|
|
|
| |
This adds support for the --cidr parameter that is supported
by slirp4netns since v0.3.0. This allows the user to change
the ip range that is used for the network inside the container.
Signed-off-by: Adis Hamzić <adis@hamzadis.com>
|
| |
|
|
|
|
|
|
|
|
| |
Podman 1.6.2 changed systemd mode auto-detection from commands ending in
``init`` to hard-coded paths ``/sbin/init`` and ``/usr/sbin/init``. This
broke FreeIPA container. ``podman run`` and ``podman create`` now
activate systemd mode when the command is ``/usr/local/sbin/init``.
Fixes: https://github.com/containers/podman/issues/7287
Signed-off-by: Christian Heimes <cheimes@redhat.com>
|
| |
|
|
|
|
|
|
| |
Lots of references to man pages missing from docs.podman.io
Also fix sort order in man pages and other documents.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
support outbound-addr
|
| | |
| |
| |
| |
| |
| | |
Fixes #6064
Signed-off-by: Bohumil Cervenka <5eraph@protonmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Addresses the multiple "default" userns values found
in the podman-run(1) man page: http://docs.podman.io/en/latest/markdown/podman-run.1.html.
This in response to: https://bugzilla.redhat.com/show_bug.cgi?id=1860126
which this PR wil fix.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
|
| |\ \
| | |
| | | |
podman: support --mount type=devpts
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow to create a devpts mount.
This is useful for containers that bind mount /dev/ from the host but
at the same time want to create a terminal.
It can be used as:
podman run -v /dev:/dev --mount type=devpts,target=/dev/pts ...
Closes: https://github.com/containers/podman/issues/6804
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Docker and CNI have very different ideas of what 0.0.0.0 means.
Docker takes it to be 0.0.0.0/0 - that is, bind to every IPv4
address on the host. CNI (and, thus, root Podman) take it to mean
the literal IP 0.0.0.0. Instead, CNI interprets the empty string
("") as "bind to all IPs".
We could ask CNI to change, but given this is established
behavior, that's unlikely. Instead, let's just catch 0.0.0.0 and
turn it into "" when we parse ports.
Fixes #7014
Signed-off-by: Matthew Heon <mheon@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
`/usr/lib/systemd/system` should only be used by the package manager
administrators should use: `/etc/systemd/system` or
`/usr/local/lib/systemd/system`
see: man systemd.unit
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
|
| |\
| |
| | |
Add podman image mount
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
There are many use cases where you want to just mount an image
without creating a container on it. For example you might want
to just examine the content in an image after you pull it for
security analysys. Or you might want to just use the executables
on the image without running it in a container.
The image is mounted readonly since we do not want people changing
images.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tests for #7094, in which symlinks in a volume would
cause chown errors and nonrunnable containers.
Tests for environment variable precedence, now
include --env-host and proxy settings
Fix a bug caught by covscan in helpers.t ('source'
path would fail if path included spaces).
Fix podman-run man page: it was incorrect in stating
precedence between in-image environment and --env-host.
Fixes: #7099
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |\
| |
| | |
Switch all references to github.com/containers/libpod -> podman
|
| | |
| |
| |
| | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
update configuration for rootless podman
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I updated the configuration part of the tutorial on rootless podman. I added the
order in which configuration files are read in and a hint, how users can create
default configuration in the home directories.
Closes #6777
Signed-off-by: Niklas Netter <niknett@gmail.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
| |
We should default to the user name unmount rather then the internal
name of umount.
Also User namespace was not being handled correctly. We want to inform
the user that if they do a mount when in rootless mode that they have
to be first in the podman unshare state.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
Refactor podman system connection
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* Add support to manage multiple connections
* Add connection
* Remove connection
* Rename connection
* Set connection as default
* Add markdown/man pages
* Fix recursion in hack/xref-helpmsgs-manpages
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| |\ \
| | |
| | | |
Improve Docs for `podman system reset`
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com>
Update podman-system-reset.1.md
Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com>
PR feedback
Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com>
remove errant punctuation
Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com>
|
| | |/
|/|
| |
| | |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\ \
| | |
| | | |
Add --umask flag for create, run
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
--umask sets the umask inside the container
Defaults to 0022
Co-authored-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \
| | |
| | | |
Add noop function disable-content-trust
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
People who use docker scripts with Podman see failures
if they use disable-content-trust flag. This flag already
existed for podman build, adding it to pull/push/create/run.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
docs: Fix formatting mistake
|
| | |
| |
| |
| | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
Part of this section was a code block, and part of it was absorbed into
the preceding normal paragraph.
Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
| |
Add support -v for overlay volume mounts in podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Qi Wang <qiwan@redhat.com>
|
| |\
| |
| | |
allow switching of port-forward approaches in rootless/using slirp4netns
|
| | |
| |
| |
| | |
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Jhon Honce <jhonce@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Podman is committed to inclusivity, a core value of open source. Historically, there have been technology terms that are problematic and divisive, and should be changed. We are currently taking time to audit our repository in order to eliminate such terminology, and replace it with more inclusive terms. We are starting where we can, with our own code, comments, and documentation. However, such terms may be used in dependencies, and must be used in our repositories at the current moment for compatibility. Podman will change these terms in our repo as soon as new and better terminology is available to us via our dependencies.
For more information: https://www.redhat.com/en/blog/making-open-source-more-inclusive-eradicating-problematic-language?sc_cid=701600000011gf0AAA
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |/
|
|
|
|
|
|
| |
When running "podman pod create --share user" the errors appears:
Error: User sharing functionality not supported on pod level
Fix docs and remove 'user' from shareable parameters.
Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
|
| |
|
|
|
|
| |
This also pulls in latest runc and containers/common
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
--sdnotify container|conmon|ignore
With "conmon", we send the MAINPID, and clear the NOTIFY_SOCKET so the OCI
runtime doesn't pass it into the container. We also advertise "ready" when the
OCI runtime finishes to advertise the service as ready.
With "container", we send the MAINPID, and leave the NOTIFY_SOCKET so the OCI
runtime passes it into the container for initialization, and let the container advertise further metadata.
This is the default, which is closest to the behavior podman has done in the past.
The "ignore" option removes NOTIFY_SOCKET from the environment, so neither podman nor
any child processes will talk to systemd.
This removes the need for hardcoded CID and PID files in the command line, and
the PIDFile directive, as the pid is advertised directly through sd-notify.
Signed-off-by: Joseph Gooch <mrwizard@dok.org>
|
| |\
| |
| | |
Add --tz flag to create, run
|
| | |
| |
| |
| |
| |
| |
| | |
--tz flag sets timezone inside container
Can be set to IANA timezone as well as `local` to match host machine
Signed-off-by: Ashley Cui <acui@redhat.com>
|
| |\ \
| | |
| | | |
Set engine env from common config
|
