summaryrefslogtreecommitdiff
path: root/docs/source/markdown
Commit message (Collapse)AuthorAge
* Merge pull request #7209 from giuseppe/support-mount-devptsOpenShift Merge Robot2020-08-04
|\ | | | | podman: support --mount type=devpts
| * podman: support --mount type=devptsGiuseppe Scrivano2020-08-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow to create a devpts mount. This is useful for containers that bind mount /dev/ from the host but at the same time want to create a terminal. It can be used as: podman run -v /dev:/dev --mount type=devpts,target=/dev/pts ... Closes: https://github.com/containers/podman/issues/6804 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Do not set host IP on ports when 0.0.0.0 requestedMatthew Heon2020-08-03
|/ | | | | | | | | | | | | | | | Docker and CNI have very different ideas of what 0.0.0.0 means. Docker takes it to be 0.0.0.0/0 - that is, bind to every IPv4 address on the host. CNI (and, thus, root Podman) take it to mean the literal IP 0.0.0.0. Instead, CNI interprets the empty string ("") as "bind to all IPs". We could ask CNI to change, but given this is established behavior, that's unlikely. Instead, let's just catch 0.0.0.0 and turn it into "" when we parse ports. Fixes #7014 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Change recommended systemd unit path for root.Paul Holzinger2020-08-01
| | | | | | | | | | `/usr/lib/systemd/system` should only be used by the package manager administrators should use: `/etc/systemd/system` or `/usr/local/lib/systemd/system` see: man systemd.unit Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #6851 from rhatdan/mountOpenShift Merge Robot2020-07-29
|\ | | | | Add podman image mount
| * Add podman image mountDaniel J Walsh2020-07-28
| | | | | | | | | | | | | | | | | | | | | | | | | | There are many use cases where you want to just mount an image without creating a container on it. For example you might want to just examine the content in an image after you pull it for security analysys. Or you might want to just use the executables on the image without running it in a container. The image is mounted readonly since we do not want people changing images. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | System tests: add environment, volume testsEd Santiago2020-07-28
|/ | | | | | | | | | | | | | | | | | Tests for #7094, in which symlinks in a volume would cause chown errors and nonrunnable containers. Tests for environment variable precedence, now include --env-host and proxy settings Fix a bug caught by covscan in helpers.t ('source' path would fail if path included spaces). Fix podman-run man page: it was incorrect in stating precedence between in-image environment and --env-host. Fixes: #7099 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #6909 from rhatdan/podmanOpenShift Merge Robot2020-07-28
|\ | | | | Switch all references to github.com/containers/libpod -> podman
| * Switch all references to github.com/containers/libpod -> podmanDaniel J Walsh2020-07-28
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7079 from rhatdan/tuturialOpenShift Merge Robot2020-07-28
|\ \ | |/ |/| update configuration for rootless podman
| * update configuration for rootless podmanDaniel J Walsh2020-07-25
| | | | | | | | | | | | | | | | | | | | | | I updated the configuration part of the tutorial on rootless podman. I added the order in which configuration files are read in and a hint, how users can create default configuration in the home directories. Closes #6777 Signed-off-by: Niklas Netter <niknett@gmail.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Cleanup handling of podman mount/unmountDaniel J Walsh2020-07-27
|/ | | | | | | | | | | We should default to the user name unmount rather then the internal name of umount. Also User namespace was not being handled correctly. We want to inform the user that if they do a mount when in rootless mode that they have to be first in the podman unshare state. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #6938 from jwhonce/wip/n-connectionOpenShift Merge Robot2020-07-24
|\ | | | | Refactor podman system connection
| * [WIP] Refactor podman system connectionJhon Honce2020-07-22
| | | | | | | | | | | | | | | | | | | | | | | | * Add support to manage multiple connections * Add connection * Remove connection * Rename connection * Set connection as default * Add markdown/man pages * Fix recursion in hack/xref-helpmsgs-manpages Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Merge pull request #7041 from jkonowitch/reset-docsOpenShift Merge Robot2020-07-24
|\ \ | | | | | | Improve Docs for `podman system reset`
| * | Update system.rstJeffrey Konowitch2020-07-23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com> Update podman-system-reset.1.md Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com> PR feedback Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com> remove errant punctuation Signed-off-by: Jeffrey Konowitch <jeff.konowitch@onepeloton.com>
* | | Fix exit code example in podman-run.1.mdErik Sjölund2020-07-23
| |/ |/| | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | Merge pull request #7006 from ashley-cui/umaskOpenShift Merge Robot2020-07-22
|\ \ | | | | | | Add --umask flag for create, run
| * | Add --umask flag for create, runAshley Cui2020-07-21
| |/ | | | | | | | | | | | | | | --umask sets the umask inside the container Defaults to 0022 Co-authored-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #7036 from rhatdan/dockerOpenShift Merge Robot2020-07-21
|\ \ | | | | | | Add noop function disable-content-trust
| * | Add noop function disable-content-trustDaniel J Walsh2020-07-21
| |/ | | | | | | | | | | | | | | People who use docker scripts with Podman see failures if they use disable-content-trust flag. This flag already existed for podman build, adding it to pull/push/create/run. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #7028 from xordspar0/patch-1OpenShift Merge Robot2020-07-21
|\ \ | |/ |/| docs: Fix formatting mistake
| * Document proxy env var precedenceJordan Christiansen2020-07-21
| | | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
| * docs: Clarify how env var overriding worksJordan Christiansen2020-07-21
| | | | | | | | Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
| * docs: Fix formatting mistakeJordan Christiansen2020-07-20
| | | | | | | | | | | | | | Part of this section was a code block, and part of it was absorbed into the preceding normal paragraph. Signed-off-by: Jordan Christiansen <xordspar0@gmail.com>
* | Switch references from libpod.conf to containers.confDaniel J Walsh2020-07-20
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Add support for overlay volume mounts in podman.Qi Wang2020-07-20
| | | | | | | | Add support -v for overlay volume mounts in podman. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com> Signed-off-by: Qi Wang <qiwan@redhat.com>
* Merge pull request #6965 from giuseppe/followup-pr6324OpenShift Merge Robot2020-07-17
|\ | | | | allow switching of port-forward approaches in rootless/using slirp4netns
| * docs: document the new slirp4netns optionsGiuseppe Scrivano2020-07-16
| | | | | | | | Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Fix `podman system connection` panicJhon Honce2020-07-15
| | | | | | | | Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | Fix & add notes regarding problematic language in codebaseAshley Cui2020-07-15
| | | | | | | | | | | | | | | | Podman is committed to inclusivity, a core value of open source. Historically, there have been technology terms that are problematic and divisive, and should be changed. We are currently taking time to audit our repository in order to eliminate such terminology, and replace it with more inclusive terms. We are starting where we can, with our own code, comments, and documentation. However, such terms may be used in dependencies, and must be used in our repositories at the current moment for compatibility. Podman will change these terms in our repo as soon as new and better terminology is available to us via our dependencies. For more information: https://www.redhat.com/en/blog/making-open-source-more-inclusive-eradicating-problematic-language?sc_cid=701600000011gf0AAA Signed-off-by: Ashley Cui <acui@redhat.com>
* | docs: user namespace can't be shared in podsSagi Shnaidman2020-07-14
|/ | | | | | | | When running "podman pod create --share user" the errors appears: Error: User sharing functionality not supported on pod level Fix docs and remove 'user' from shareable parameters. Signed-off-by: Sagi Shnaidman <sshnaidm@redhat.com>
* Vendor in new version of BuildahDaniel J Walsh2020-07-09
| | | | | | This also pulls in latest runc and containers/common Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Implement --sdnotify cmdline option to control sd-notify behaviorJoseph Gooch2020-07-06
| | | | | | | | | | | | | | | | | | | --sdnotify container|conmon|ignore With "conmon", we send the MAINPID, and clear the NOTIFY_SOCKET so the OCI runtime doesn't pass it into the container. We also advertise "ready" when the OCI runtime finishes to advertise the service as ready. With "container", we send the MAINPID, and leave the NOTIFY_SOCKET so the OCI runtime passes it into the container for initialization, and let the container advertise further metadata. This is the default, which is closest to the behavior podman has done in the past. The "ignore" option removes NOTIFY_SOCKET from the environment, so neither podman nor any child processes will talk to systemd. This removes the need for hardcoded CID and PID files in the command line, and the PIDFile directive, as the pid is advertised directly through sd-notify. Signed-off-by: Joseph Gooch <mrwizard@dok.org>
* Merge pull request #6836 from ashley-cui/tzlibpodOpenShift Merge Robot2020-07-06
|\ | | | | Add --tz flag to create, run
| * Add --tz flag to create, runAshley Cui2020-07-02
| | | | | | | | | | | | | | --tz flag sets timezone inside container Can be set to IANA timezone as well as `local` to match host machine Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #6790 from QiWang19/set_engine_envOpenShift Merge Robot2020-07-06
|\ \ | | | | | | Set engine env from common config
| * | Set engine env from common configQi Wang2020-07-03
| |/ | | | | | | | | | | | | Set the env that is used by Podman. related issue containers/common#31 Signed-off-by: Qi Wang <qiwan@redhat.com>
* / auto-update: clarify systemd-unit requirementsValentin Rothberg2020-07-06
|/ | | | | | | | | | Clarify in the help message and the man page that auto updates only work with systemd units that are similar to the ones from `generate systemd --new`. Units that merely start/stop a container do not work as they will use the same image. Fixes: #6793 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #6773 from markstos/issue-6756-improve-inspect-docsOpenShift Merge Robot2020-06-30
|\ | | | | docs: recommend alternatives to podman inspect
| * docs: recommend alternatives to podman inspectMark Stosberg2020-06-30
| | | | | | | | | | | | | | | | | | | | | | | | podman inspect is problematic because there can be naming clashes. Also, it only inspects a couple of types of objects and the docs for it didn't help discover that several more types could be inspected as well. To address both concerns, we deprecate `podman inspect` and update the docs to point to to the recommend alternatives. Issue: #6756 Signed-off-by: Mark Stosberg <mark@rideamigos.com>
* | Add a note on the APIs supported by `system service`Matthew Heon2020-06-29
|/ | | | | | | | This makes it clear that we target compatibility with a specific Docker version (v1.40), but do not reject other versions. It also adds a link to documentation on the Podman-specific API. Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #6808 from mheon/allow_empty_hostportOpenShift Merge Robot2020-06-29
|\ | | | | Allow empty host port in --publish flag
| * Allow empty host port in --publish flagMatthew Heon2020-06-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I didn't believe that this was actually legal, but it looks like it is. And, unlike our previous understanding (host port being empty means just use container port), empty host port actually carries the same meaning as `--expose` + `--publish-all` (that is, assign a random host port to the given container port). This requires a significant rework of our port handling code to handle this new case. I don't foresee this being commonly used, so I optimized having a fixed port number as fast path, which this random assignment code running after the main port handling code only if necessary. Fixes #6806 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #6666 from giuseppe/conmon-delegateOpenShift Merge Robot2020-06-29
|\ \ | |/ |/| podman: add new cgroup mode split
| * podman: add new cgroup mode splitGiuseppe Scrivano2020-06-25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When running under systemd there is no need to create yet another cgroup for the container. With conmon-delegated the current cgroup will be split in two sub cgroups: - supervisor - container The supervisor cgroup will hold conmon and the podman process, while the container cgroup is used by the OCI runtime (using the cgroupfs backend). Closes: https://github.com/containers/libpod/issues/6400 Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | Docs: consistency between man / --helpEd Santiago2020-06-24
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New functionality in hack/man-page-checker: start cross- referencing the man page 'Synopsis' line against the output of 'podman foo --help'. This is part 1, flag/option consistency. Part 2 (arg consistency) is too big and will have to wait for later. flag/option consistency means: if 'podman foo --help' includes the string '[flags]' in the Usage message, make sure the man page includes '[*options*]' in its Synopsis line, and vice-versa. This found several inconsistencies, which I've fixed. While doing this I realized that Cobra automatically includes a 'Flags:' subsection in its --help output for all subcommands that have defined flags. This is great - it lets us cross-check against the usage synopsis, and make sure that '[flags]' is present or absent as needed, without fear of human screwups. If a flag-less subcommand ever gets extended with flags, but the developer forgets to add '[flags]' and remove DisableFlagsInUseLine, we now have a test that will catch that. (This, too, caught two instances which I fixed). I don't actually know if the new man-page-checker functionality will work in CI: I vaguely recall that it might run before 'make podman' does; and also vaguely recall that some steps were taken to remedy that. Signed-off-by: Ed Santiago <santiago@redhat.com>
* podman untag: error if tag doesn't existValentin Rothberg2020-06-24
| | | | | | | | | | | Throw an error if a specified tag does not exist. Also make sure that the user input is normalized as we already do for `podman tag`. To prevent regressions, add a set of end-to-end and systemd tests. Last but not least, update the docs and add bash completions. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Fix typo in manpage for `podman auto update`.Peter Oliver2020-06-23
| | | | Signed-off-by: Peter Oliver <git@mavit.org.uk>
* V2 podman system connectionJhon Honce2020-06-23
| | | | | | | | | * Implement command * Refactor podman-remote to pull from containers.conf by default * podman-remote defaults to --remote being true * Write podman-system-connection.1.md Signed-off-by: Jhon Honce <jhonce@redhat.com>