summaryrefslogtreecommitdiff
path: root/docs/source
Commit message (Collapse)AuthorAge
* generate systemd: make mounts portableValentin Rothberg2021-05-31
| | | | | | | | | | | | | | | | | | | Commit 748826fc88fc fixed a bug where slow mounting of the runroot was causing issues when the units are started at boot. The fix was to add the container's runroot to the required mounts; the graph root has been added as well. Hard-coding the run- and graphroot to the required mounts, however, breaks the portability of units generated with --now. Those units are intended to be running on any machine as, theoreticaly, any user. Make the mounts portable by using the `%t` macro for the run root. Since the graphroot's location varies across root and ordinary users, drop it from the list of required mounts. The graphroot was not causing issues. Fixes: #10493 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #10429 from ashley-cui/manifestdocsOpenShift Merge Robot2021-05-25
|\ | | | | [CI:DOCS] Document all transports for podman manifest add
| * Document all transports for podman manifest addAshley Cui2021-05-21
| | | | | | | | | | | | [CI:DOCS] podman manifest add manpage was missing some transports. Signed-off-by: Ashley Cui <acui@redhat.com>
* | docs: --cert-dir: point to containers-certs.d(5)Valentin Rothberg2021-05-25
| | | | | | | | | | | | | | | | | | Point to containers-certs.d(5) for details on the default paths, the lookup logic and the structure of these directories. Previously, the man pages stated that the default path would be in `/etc/containers/...` which is not entirely and a red herring for users (see #10116). Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Podman info add support for status of cgroup controllersflouthoc2021-05-24
| | | | | | | | Signed-off-by: flouthoc <flouthoc.git@gmail.com>
* | Merge pull request #10400 from rhatdan/rootOpenShift Merge Robot2021-05-21
|\ \ | |/ |/| Clear the storage-options from the graphdriver if users specifies --root
| * Clear the storage-options from the graphdriver if users specifies --rootDaniel J Walsh2021-05-19
| | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: https://github.com/containers/podman/issues/10393 Currently if a user specifies a --root flag to override the location of the container storage, we still enforce the storage-opts from storage.conf. This causes issues with people trying to intereact with the additional stores feature, and then forces them to use the obscure --storage-opt="" option. I belive this should be the default and we already do this when the user specifies the --storage-driver option. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Add support for podman manifest rm commandDaniel J Walsh2021-05-19
|/ | | | | | This is mainly to match command line of Docker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* docs: generate systemd: XDG_RUNTIME_DIRValentin Rothberg2021-05-19
| | | | | | | A conversation on the customer portal suggests that to add an extra note about the requirement of XDG_RUNTIME_DIR to be set. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #10366 from ashley-cui/secretoptionsOpenShift Merge Robot2021-05-17
|\ | | | | Support uid,gid,mode options for secrets
| * Support uid,gid,mode options for secretsAshley Cui2021-05-17
| | | | | | | | | | | | | | Support UID, GID, Mode options for mount type secrets. Also, change default secret permissions to 444 so all users can read secret. Signed-off-by: Ashley Cui <acui@redhat.com>
* | Merge pull request #10328 from Luap99/completionsOpenShift Merge Robot2021-05-17
|\ \ | | | | | | Several shell completion fixes
| * | Several shell completion fixesPaul Holzinger2021-05-17
| |/ | | | | | | | | | | | | | | | | | | - fix network filters - add prune filters - pod create --share support comma separated namespaces [NO TESTS NEEDED] Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | image prune: remove unused images only with `--all`Valentin Rothberg2021-05-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix a regression in `podman image prune` where unused images were accidentally removed even when `--all=false`. Extend and partially rewrite the e2e tests to make sure we're not regressing again in the future. Fixing the aforementioned issue revealed another issue in the default prune filter. While prune should remove all "dangling" images (i.e., those without tag), it removed only "intermediate" ones; dangling images without children. Remove the mistaken comment from the libimage migration. Also clarify the help message and man page. Fixes: #10350 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | [CI:DOCS] Update first line in intro pageTomSweeneyRedHat2021-05-14
|/ | | | | | | | | Remove the word `consumption` and give a better description for the first line of the introduction page. Fixes: #10325 Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
* Merge pull request #10254 from jmguzik/prune-filter-cliOpenShift Merge Robot2021-05-14
|\ | | | | Add support for cli network prune --filter flag
| * Add support for cli network prune --filter flagJakub Guzik2021-05-12
| | | | | | | | Signed-off-by: Jakub Guzik <jakubmguzik@gmail.com>
* | Add host.serviceIsRemote to podman info resultsJhon Honce2021-05-10
|/ | | | | | | | | | | | | | | | Developers asked for a deterministic field to verify if podman is running via API or linked directly to libpod library. $ podman info --format '{{.Host.ServiceIsRemote}}' false $ podman-remote info --format '{{.Host.ServiceIsRemote}}' true $ podman --remote info --format '{{.Host.ServiceIsRemote}}' true * docs/conf.py formatted via black Signed-off-by: Jhon Honce <jhonce@redhat.com>
* Revert escaped double dash man page flag syntaxPaul Holzinger2021-05-07
| | | | | | | | Commit 800a2e2d35 introduced a way to disable the conversion of `--`into an en dash on docs.podman.io, so the ugly workaround of escaping the dashes is no longer necessary. Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* Merge pull request #10249 from rhatdan/man1OpenShift Merge Robot2021-05-07
|\ | | | | [CI:DOCS] Add documentation on short-names
| * Add documentation on short-namesDaniel J Walsh2021-05-07
| | | | | | | | | | | | | | | | | | Once we settle on the wording for short-names in podman-pull, I will add the same section to all of the podman commands that use pull. Also ran through all man pages with a spell checker. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10255 from rcowsill/no-dash-convOpenShift Merge Robot2021-05-07
|\ \ | | | | | | [CI:DOCS] Stop conversion of `--` into en dash
| * | [CI:DOCS] Stop conversion of `--` into en dashRob Cowsill2021-05-06
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the documentation source `--` is only used in long option names or console output. Currently any unescaped `--` that's not in a code block/inline gets converted into a single "en dash". This is confusing to the reader because long options start with two dashes, not one. This switches off the dash transformation in Sphinx. Quotation marks, apostrophes and ellipses are still transformed as before. It also switches off all smart transforms in the podman-remote windows documentation build. This matches the Linux man page build, which doesn't use smart transforms. Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
* | | Merge pull request #10202 from EduardoVega/9763-kube-auto-updateOpenShift Merge Robot2021-05-07
|\ \ \ | | | | | | | | Add support to preserve auto-update labels in play / generate kube
| * | | Adds support to preserve auto update labels in generate and play kubeEduardo Vega2021-05-06
| |/ / | | | | | | | | | | | | | | | In the case of generate kube the auto-update labels will be converted into kube annotations and for play kube they will be converted back to labels since that's what podman understands Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
* | | Merge pull request #10221 from ashley-cui/envsecOpenShift Merge Robot2021-05-07
|\ \ \ | |/ / |/| | Add support for environment variable secrets
| * | Add support for environment variable secretsAshley Cui2021-05-06
| | | | | | | | | | | | | | | | | | | | | | | | Env var secrets are env vars that are set inside the container but not commited to and image. Also support reading from env var when creating a secret. Signed-off-by: Ashley Cui <acui@redhat.com>
* | | Merge pull request #9689 from boaz0/boaz-1OpenShift Merge Robot2021-05-06
|\ \ \ | |_|/ |/| | add restart-policy to container filters & --filter to podman start
| * | Add restart-policy to container filters & --filter to podman startBoaz Shuster2021-05-06
| | | | | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Add containers.conf information for changing defaultsDaniel J Walsh2021-05-06
|/ / | | | | | | | | | | | | | | | | | | We probably should put a whole bunch of other documentation in man pages about containers.conf, but let's settle on this description before we go add other docs. Helps with: https://github.com/containers/podman/issues/2669 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | codespell cleanupDaniel J Walsh2021-05-05
| | | | | | | | | | | | [NO TESTS NEEDED] This is just running codespell on podman Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10185 from rhatdan/volumeOpenShift Merge Robot2021-05-05
|\ \ | | | | | | Add filepath glob support to --security-opt unmask
| * | Add filepath glob support to --security-opt unmaskDaniel J Walsh2021-05-04
| | | | | | | | | | | | | | | | | | | | | | | | Want to allow users to specify --security-opt unmask=/proc/*. This allows us to run podman within podman more securely, then specifing umask=all, also gives the user more flexibilty. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Merge pull request #10208 from Luap99/play-kube-macOpenShift Merge Robot2021-05-05
|\ \ \ | | | | | | | | add --mac-address to podman play kube
| * | | add --mac-address to podman play kubePaul Holzinger2021-05-04
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add a new --mac-address flag to podman play kube. This is used to specify a static MAC address which should be used for the pod. This option can be specified several times because play kube can create more than one pod. Fixes #9731 Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
* | | | migrate Podman to containers/common/libimageValentin Rothberg2021-05-05
| |/ / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Migrate the Podman code base over to `common/libimage` which replaces `libpod/image` and a lot of glue code entirely. Note that I tried to leave bread crumbs for changed tests. Miscellaneous changes: * Some errors yield different messages which required to alter some tests. * I fixed some pre-existing issues in the code. Others were marked as `//TODO`s to prevent the PR from exploding. * The `NamesHistory` of an image is returned as is from the storage. Previously, we did some filtering which I think is undesirable. Instead we should return the data as stored in the storage. * Touched handlers use the ABI interfaces where possible. * Local image resolution: previously Podman would match "foo" on "myfoo". This behaviour has been changed and Podman will now only match on repository boundaries such that "foo" would match "my/foo" but not "myfoo". I consider the old behaviour to be a bug, at the very least an exotic corner case. * Futhermore, "foo:none" does *not* resolve to a local image "foo" without tag anymore. It's a hill I am (almost) willing to die on. * `image prune` prints the IDs of pruned images. Previously, in some cases, the names were printed instead. The API clearly states ID, so we should stick to it. * Compat endpoint image removal with _force_ deletes the entire not only the specified tag. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Add --all to podman startBoaz Shuster2021-05-03
|/ / | | | | | | | | Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com> Co-authored-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #10063 from ParkerVR/autoupdate-localOpenShift Merge Robot2021-04-29
|\ \ | | | | | | Autoupdate Local
| * | TODO completeParker Van Roy2021-04-29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | changed struct to policyMapper change "image" to "registry" in multiple locations Updated documentation with registry alias & autoupdate local Added relevant test Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
* | | Merge pull request #10170 from ashley-cui/machineoneOpenShift Merge Robot2021-04-29
|\ \ \ | | | | | | | | [NO TESTS NEEDED] Check if another VM is running on machine start
| * | | Check if another VM is running on machine startAshley Cui2021-04-28
| | |/ | |/| | | | | | | | | | | | | | | | | | | Only one VM can be up at a time. If another VM is running, or the current VM is running, error out on a podman machine start [NO TESTS NEEDED] Signed-off-by: Ashley Cui <acui@redhat.com>
* | | [CI:DOCS] Improve titles of command HTML pagesRob Cowsill2021-04-28
| |/ |/| | | | | | | | | | | | | | | | | | | When building Sphinx HTML docs, preprocess markdown files and convert pandoc-style title lines into recommonmark eval_rst blocks This gives command HTML pages the same title as the equivalent manpage Fixes: containers/podman.io#385 Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
* | Merge pull request #10134 from rhatdan/conmonOpenShift Merge Robot2021-04-27
|\ \ | | | | | | [CI:DOCS] Add more documentation on conmon
| * | Add more documentation on conmonDaniel J Walsh2021-04-27
| |/ | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #10119 from rhatdan/timeoutOpenShift Merge Robot2021-04-27
|\ \ | |/ |/| Add podman run --timeout option
| * Add podman run --timeout optionDaniel J Walsh2021-04-23
| | | | | | | | | | | | | | | | | | This option allows users to specify the maximum amount of time to run before conmon sends the kill signal to the container. Fixes: https://github.com/containers/podman/issues/6412 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | [CI:DOCS] Fix Markdown layout bugsErik Sjölund2021-04-25
|/ | | | | | | * Add missing backticks to mark the end of the code block. Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* Merge pull request #9495 from rhatdan/groupsOpenShift Merge Robot2021-04-22
|\ | | | | Add '--group-add keep-groups': supplementary groups into container
| * Add --group-add keep-groups: suplimentary groups into containerDaniel J Walsh2021-04-21
| | | | | | | | | | | | | | | | | | | | | | | | | | Currently we have rootless users who want to leak their groups access into containers, but this group access is only able to be pushed in by a hard to find OCI Runtime annotation. This PR makes this option a lot more visable and hides the complexity within the podman client. This option is only really needed for local rootless users. It makes no sense for remote clients, and probably makes little sense for rootfull containers. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
| * Fixes from make codespellDaniel J Walsh2021-04-21
| | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>