| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We added the concept of image volumes in 2.2.0, to support
inspecting an image from within a container. However, this is a
strictly read-only mount, with no modification allowed.
By contrast, the new `image` volume driver creates a c/storage
container as its underlying storage, so we have a read/write
layer. This, in and of itself, is not especially interesting, but
what it will enable in the future is. If we add a new command to
allow these image volumes to be committed, we can now distribute
volumes - and changes to them - via a standard OCI image registry
(which is rather new and quite exciting).
Future work in this area:
- Add support for `podman volume push` (commit volume changes and
push resulting image to OCI registry).
- Add support for `podman volume pull` (currently, we require
that the image a volume is created from be already pulled; it
would be simpler if we had a dedicated command that did the
pull and made a volume from it)
- Add support for scratch images (make an empty image on demand
to use as the base of the volume)
- Add UOR support to `podman volume push` and
`podman volume pull` to enable both with non-image volume
drivers
Signed-off-by: Matthew Heon <matthew.heon@pm.me>
|
|\
| |
| | |
Improve generate systemd format
|
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/14897
Followup to #13814
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \
| |/
|/| |
Add labels to secrets
|
| |
| |
| |
| |
| |
| |
| | |
Add --label/-l label flag to secret create, and show labels when
inspecting secrets. Also allow labeling secrets via libpod/compat API.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] man pages: document some --format options
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Baby steps toward merging #14046: document Go format options
for podman events.
This is deliberately imperfect. I am not the right person
to document these. I am simply the person who is getting
a skeleton framework in place.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| |/ /
|/| | |
Add support for podman context as alias to podman system connection
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Alias
podman --context -> podman --connection
podman context use -> podman system connection default
podman context rm -> podman system connection rm
podman context create -> podman system connection add
podman context ls ->podman system connection ls
podman context inspect ->podman system connection ls --json (For
specified connections)
Podman context is a hidden command, but can be used for existing scripts
that assume Docker under the covers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Default to --dns-option to match Docker and Buildah
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
[NO NEW TESTS NEEDED] Existing tests cover this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \ \
| |/ / /
|/| | | |
[CI:DOCS] man pages: document some --format options
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Baby steps toward merging #14046: document a few of the Go format
command-line options.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \ \
| | | | |
| | | | | |
[CI:DOCS] Man pages: Refactor common options: --dns
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Only between podman-build, create, and run. podman-pod-create
is too different.
As usual I went with the podman-run version. This means
keeping the word "flag" (which should be "option"), for
ease of review. I will fix in my in-progress cleanup PR.
For podman-build, I removed "during the build" and changed
it to a note for that man page only.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Followup to #15621, which (correctly) removed parentheses from
md files. Turns out, a hidden part of our readthedocs process
depended on those parentheses. Update that step so it handles
the new, correct, <space><section-number> format.
Also update local-testing documentation in README, and clean it
up a little.
Fixes: #15822
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
--no-reset and --no-stream, in podman-stats and pod-stats.
Very minor tweak to --no-stream to account for pods.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Mostly went with the podman-run version. For ease of review, I
kept the "you" word -- I will fix that in my in-progress
cleanup PR.
This affects lots of files, each of which had slightly different
wording, but this actually isn't as bad as it looks. The diffs
were minor, and I'm pretty sure the new refactored text applies
equally well to all the man pages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| | |
In podman-create, exec, and run. Went with the podman-run version.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Three simple options shared among podman-create, exec, run.
I mostly went with the podman-run versions. For --tty, this
means that create and exec get the long stdout/stderr note.
(The example, though, remains only in podman-run). For -i,
mostly boldspace changes.
For --preserve-fds, podman-exec now has the "not with remote"
note (which it didn't until now)
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Man pages: refactor common options: --ip6
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Similar to yesterday's --ip. No changes to content, all I did
was variableize the instances of 'container'/'pod'.
Did not touch podman-network-connect file, but if someone
wants to look at that one and tell me whether all this long
text is applicable to it (or not), I'd appreciate it.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| | |
The default ip is 10.0.2.2 but is always the second ip from the
slirp4netns subnet, which can be changed via the cidr option.
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2090166
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Ugh. This had about five different variations among twelve files.
I went with the version from podman-create, kube play, login, pull,
push, run. The others:
- manifest-add and create did not include the "true, false, missing"
text. Now they do. (If this text is N/A to these two, please yell).
Also, these two were written with "talking" instead of "contacting"
the registry.
- podman-build had "does not work with remote", but this
does not seem to be true, so I removed it. None of the
other files had that.
- the wording in podman-search is just weird, with "if needed"
and "is listed" and unclear "insecure registries". I just
nuked it all. If that wording was deliberate, for some reason
that applies only to podman-search, please yell.
- podman-container-runlabel has one diff that I like, actually
spelling out containers-registries.conf(5), but incorporating
that would make this even harder to review. I will add that
to my in-progress doc-cleanup PR.
Review recommendation: run hack/markdown-preprocess-review but
just quit out of it immediately (on both popups). Ignore it completely.
Then cd /tmp/markdown-preprocess-review.diffs/tls-verify and run
$ clear;for i in podman-*;do echo;echo $i;wdiff -t $i zzz-chosen.md;done
This will show the major diffs between each version and the chosen one.
Assumes you have wdiff installed. If you have another colorize-actual-
individual-word-diffs tool installed, use that. I like cdif[1].
[1] https://github.com/kaz-utashiro/sdif-tools
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Almost identical between podman-create, run, and pod-create.
The "Notes" are different, so I left those duplicated between
podman-create and run, and left the different one in pod-create.
podman-container-restore also has --publish but it's unrelated.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
Only shared between podman-create and run. The latter was
updated in #5192, and that is the text I chose.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Only shared by podman-create, -pull, -run. No changes
made other than whitespace, so this should be a gimme.
podman-build, import, and manifest-* also have --os options,
but those are unrelated and I can't find a way to combine
any two of them.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Between podman-create, run, and pod-create. The big difference
is that I changed 'IP' to 'IPv4' in podman-pod-create, I believe
that was an oversight in #12611.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
generate systemd: warn on --restart without --new
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Emit a warning to the user when generating a unit with --new on a
container that was created with a custom --restart policy. As shown
in #15284, a custom --restart policy in that case can lead to issues
on system shutdown where systemd attempts to nuke the unit but Podman
keeps on restarting the container.
Fixes: #15284
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
| |
podman-create and -run only. The SELinux text was added
to podman-run (but not -create) in #3631, and reformatted
in #5192. I assume here that it also applies to podman-create.
Per feedback from Dan, added :s0 to SELinux context
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
fix several podman events issues
|
| |
| |
| |
| |
| |
| | |
List the default paths to the event log file and the tmpdir option.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|\ \
| |/
|/| |
[CI:DOCS] Man pages: refactor common options: --volumes-from
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Removed a spurious right-bracket; went with upper-case for options;
removed 'you's; added some <<container|pod>>s.
Hard to review because none of the existing man pages had it
quite right.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|/
|
|
|
|
|
| |
Make sure that the wording of mounting something _from_ the source
_into_ the destination is consistent.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This one is a nightmare, because --volume has been edited
in four different files throughout the years (five if you
count podman-build, which I am not including in this PR).
Those edits have not always been done in sync.
The list of options was reordered 2022-06-28 by Giuseppe in #14734,
but only in podman-create and -run (not in podman-pod-*). No
explanation of why, but I'll assume he knew what he was doing,
and have accepted that for the reference copy.
There was also a big edit in #8519.
The "Propagation property...bind mounted" sentence first appeared
in pod-clone, in #14299 by cdoern, with no obvious source of where
it came from. I choose to include it in the reference copy.
The "**copy**" option seems to work in pod-create, so I'm including
it in the reference copy. Someone please yell loudly if this is
not the case.
The "disables SELinux separation for containers used in the build",
no idea, changed that to just "for the container/pod"
The "advanced users / overlay / upperdir / workdir" paragraph
makes zero sense to me, but hey, I assume it applies to all
the commands, so I put it in the reference copy.
Finally, there's still a mishmash of backticks, asterisks, underscores,
and even quotation marks. Someone is gonna have to perform major
cleanup on this one day, but at least it'll be in only one place.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
health check: add on-failure actions
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
For systems that have extreme robustness requirements (edge devices,
particularly those in difficult to access environments), it is important
that applications continue running in all circumstances. When the
application fails, Podman must restart it automatically to provide this
robustness. Otherwise, these devices may require customer IT to
physically gain access to restart, which can be prohibitively difficult.
Add a new `--on-failure` flag that supports four actions:
- **none**: Take no action.
- **kill**: Kill the container.
- **restart**: Restart the container. Do not combine the `restart`
action with the `--restart` flag. When running inside of
a systemd unit, consider using the `kill` or `stop`
action instead to make use of systemd's restart policy.
- **stop**: Stop the container.
To remain backwards compatible, **none** is the default action.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit was automatically cherry-picked
by buildah-vendor-treadmill v0.3
from the buildah vendor treadmill PR, #13808
Changes since 2022-08-16:
- buildah 4139: minor line-number changes to the diff
file because helpers.bash got edited
- buildah 4190: skip the new test if remote
- buildah 4195: add --retry / --retry-delay
- changes to deal with vendoring gomega, units
- changes to the podman login error message in system test
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
|
|
|
|
|
|
|
| |
Another easy one. Difference is that pod-create was fixed
in #14532 (s/ignore/not allowed/) but pod-clone was not.
I went with the fixed version.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|
|
|
|
|
| |
An easy one. Went with the version from podman-run.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\
| |
| | |
[CI:DOCS] Man pages: refactor common options: --sysctl
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As promised, harder and harder to review. Please take your time
with this one.
For IPC, I went with the list form. For net, I used the single-
sentence form instead of a one-element list.
The container/pod diffs are clumsy, sorry. Maybe it's time to
start thinking of a more flexible conditional mechanism, but
I'd really like to avoid that so I hope this is acceptable.
In the first sentence I went with 'namespaced' (final 'd') in
all instances. I also got rid of the 'new' in 'new pod' in
pod-clone.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \
| | |
| | | |
Update system reset warning message regarding deletion of volumes
|
| | |
| | |
| | |
| | |
| | |
| | | |
[NO NEW TESTS NEEDED]
Signed-off-by: Barnabé BALP <contact@barnabebalp.fr>
|
|\ \ \
| | | |
| | | | |
Support auto updates for Kubernetes workloads
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add auto-update support to `podman kube play`. Auto-update policies can
be configured for:
* the entire pod via the `io.containers.autoupdate` annotation
* a specific container via the `io.containers.autoupdate/$name` annotation
To make use of rollbacks, the `io.containers.sdnotify` policy should be
set to `container` such that the workload running _inside_ the container
can send the READY message via the NOTIFY_SOCKET once ready. For
further details on auto updates and rollbacks, please refer to the
specific article [1].
Since auto updates and rollbacks bases on Podman's systemd integration,
the k8s YAML must be executed in the `podman-kube@` systemd template.
For further details on how to run k8s YAML in systemd via Podman, please
refer to the specific article [2].
An examplary k8s YAML may look as follows:
```YAML
apiVersion: v1
kind: Pod
metadata:
annotations:
io.containers.autoupdate: "local"
io.containers.autoupdate/b: "registry"
labels:
app: test
name: test_pod
spec:
containers:
- command:
- top
image: alpine
name: a
- command:
- top
image: alpine
name: b
```
[1] https://www.redhat.com/sysadmin/podman-auto-updates-rollbacks
[2] https://www.redhat.com/sysadmin/kubernetes-workloads-podman-systemd
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| |_|/
|/| | |
[CI:DOCS] Fix manpage header formatting
|
| | |
| | |
| | |
| | | |
Signed-off-by: Andrew Denton <adenton@redhat.com>
|