aboutsummaryrefslogtreecommitdiff
path: root/docs/source
Commit message (Collapse)AuthorAge
* auto updatesValentin Rothberg2020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to auto-update containers running in systemd units as generated with `podman generate systemd --new`. `podman auto-update` looks up containers with a specified "io.containers.autoupdate" label (i.e., the auto-update policy). If the label is present and set to "image", Podman reaches out to the corresponding registry to check if the image has been updated. We consider an image to be updated if the digest in the local storage is different than the one of the remote image. If an image must be updated, Podman pulls it down and restarts the container. Note that the restarting sequence relies on systemd. At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT" environment variables and stores it verbatim in the container's label. This variable is now set by all systemd units generated by `podman-generate-systemd` and is set to `%n` (i.e., the name of systemd unit starting the container). This data is then being used in the auto-update sequence to instruct systemd (via DBUS) to restart the unit and hence to restart the container. Note that this implementation of auto-updates relies on systemd and requires a fully-qualified image reference to be used to create the container. This enforcement is necessary to know which image to actually check and pull. If we used an image ID, we would not know which image to check/pull anymore. Fixes: #3575 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5439 from ttys3/fixup-systemdgen-with-new-paramOpenShift Merge Robot2020-03-16
|\ | | | | systemd generator: force run container detached if CreateCommand has no detach param
| * force run container detached if container CreateCommand missing the detach param荒野無燈2020-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the podman generated systemd service file has `Type=forking` service, so the command after `ExecStart=` should not run in front. if someone created a container and has the detach(`-d`) param missing like this ``` podman create --name ngxdemo -P nginxdemos/hello ``` and generate the file with `--new` param: ``` podman generate systemd --name --new ngxdemo ``` because `podman run xxx` has no `-d` param, so the container is not run in background and nerver exit. and systemd will fail to start the service: ``` sudo systemctl start container-ngxdemo.service Job for container-ngxdemo.service failed because a timeout was exceeded. See "systemctl status container-ngxdemo.service" and "journalctl -xe" for details. ``` Signed-off-by: 荒野無燈 <ttys3@outlook.com>
* | man page cross-reference fixes: part 2Ed Santiago2020-03-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The other direction: fix or clean up elements documented in man pages but which did/do not exist in actual podman: * runlabel: add missing "-n" alias for --name And, remove man page entries for nonexistent options: * podman commit: --iidfile * podman container runlabel: --rootfs, --storage * podman create: --cpu-count There are two problems I don't know how to deal with. Both are related to main_local.go:rootCmd.PersistentFlags() : 1) podman-build.1.md documents --cni-config-dir and --runtime options, but these are not actually options under podman build; they are global options. The documentation in this man page differs from that under podman-build. 2) podman ps implements a binary --namespace option, but this option does not (cannot?) appear in --help because there's a global --namespace string option and Cobra somehow gets confused about this. Do we really intend for global options to be parsed on the right-hand side of subcommands? This strikes me as unintuitive and potentially confusing, although the fact that it has taken me this long to discover it suggests that it's not _that_ confusing. Suggestions welcome. I can file issues for 1/2 above, or simply teach my script to special-case ignore them. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | man pages: fix inconsistenciesEd Santiago2020-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I wrote a script to cross-reference podman --help against man pages. It found a bunch of inconsistencies fix them: * options missing from man pages * options misspelled or misformatted in man pages (usually misplaced asterisks or missing dashes, but see --dns-opt) * one spurious comma in the actual source file --help This is a fix in which I iterate over 'podman CMD --help' and check for presence in man pages. The other way around (look for flags in man pages, check podman CMD --help) is probably impossible: there are too many special cases Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #5402 from vrothberg/syslogOpenShift Merge Robot2020-03-10
|\ \ | | | | | | docs: clarify bools in `podman --help`
| * | docs: clarify that --syslog expects an argumentValentin Rothberg2020-03-10
| | | | | | | | | | | | | | | | | | | | | Clarify in the man page that --syslog expexts an argument to prevent users from believing it's a switch. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Remove nonexistent --set arg from runlabel documentationClint Olson2020-03-10
|/ / | | | | | | Signed-off-by: Clint Olson <clint@populi.co>
* / generate systemd: add `default.target` to INSTALLValentin Rothberg2020-03-09
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | When enabling a systemd service we can specify which target will start it by specifying it in the `[INSTALL]` section. In case of root, this is commonly set to `multi-user.target` which is used to start other essential system services such as the network manager, D-BUS and more. However, the `multi-user.target` is not enough on all systems, especially when running rootless and enabling user services. Multiple users have reported issues that there isn't even an attempt to start the service. Setting the INSTALL target to `default.target` will fix the rootless case. However, `default.target` may vary among systems. Fedora Workstation, for instance, sets the `default.target` to the graphical target (i.e., runlevel 5) while Fedora Server sets it to `multi-user.target` which is on runlevel 2 and hence way earlier in the startup sequence. As INSTALL allows for specifying multiple INSTALL targets, we can set it to `multi-user.target` to continue supporting existing workloads AND to `default.target` which MAY redundantly attempt to start it at a later point; effectively a NOP for the root case and essential for rootless. Fixes: #5423 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* Merge pull request #5412 from rhatdan/tmpdirOpenShift Merge Robot2020-03-08
|\ | | | | Allow users to set TMPDIR environment
| * Allow users to set TMPDIR environmentDaniel J Walsh2020-03-06
| | | | | | | | | | | | | | Some users have small /var/tmp directories and need to be able to specify a different location for temporary files, which includes more space. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Fix spelling mistakes in code found by codespellDaniel J Walsh2020-03-07
|/ | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #4772 from boaz0/closes_4628OpenShift Merge Robot2020-03-04
|\ | | | | Add the rmi flag to podman-run to delete container image
| * Add the rmi flag to podman-run to delete container imageBoaz Shuster2020-03-03
| | | | | | | | | | | | | | | | | | | | The --rmi flag will delete the container image after its execution unless that image is already been used by another container(s). This is useful when one wants to execute a container once and remove any resources attached to it. Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | Update docs/source/markdown/podman-build.1.mdDaniel J Walsh2020-03-02
| | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Allow devs to set labels in container images for default capabilities.Daniel J Walsh2020-03-02
|/ | | | | | | | | | | | | | | | This patch allows users to specify the list of capabilities required to run their container image. Setting a image/container label "io.containers.capabilities=setuid,setgid" tells podman that the contained image should work fine with just these two capabilties, instead of running with the default capabilities, podman will launch the container with just these capabilties. If the user or image specified capabilities that are not in the default set, the container will print an error message and will continue to run with the default capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* Merge pull request #5300 from baude/disablehealthOpenShift Merge Robot2020-02-23
|\ | | | | Add --no-healthcheck command to create/run
| * Add --no-healthcheck command to create/runBrent Baude2020-02-22
| | | | | | | | | | | | | | | | Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well. Fixes: #5299 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | docs: symlink to host device is resolvedStefan Becker2020-02-23
|/ | | | | | | | | Also apply changes from commit 3fd9f0c028f9dab7c8923629d4dc5d38e594db1a to the other two commands that have the --device option. Documents #4550 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* podman images: add --filter=since=XXEd Santiago2020-02-20
| | | | | | | | | | | | | | | | | | | | | | Looks like a bit of a misunderstanding from early on. Docker implements --filter=since=IMAGE. Podman implements 'after' instead of 'since'. Add an equivalent case statement to handle both, keeping 'after' because we have no way of knowing if it is used in the field. Update documentation ... and fix what looks like a complete misinterpretation of what the code actually does: the man page claimed that these were time fields, but I don't see any possible incantation in which a time value works or could work. Updated docs to reflect IMAGE usage. Also changed nonworking '==' to single '='. Added tests. [UPDATE: skip with broken podman-remote] Fixes: #5040 Signed-off-by: Ed Santiago <santiago@redhat.com>
* Merge pull request #5241 from mheon/pod_network_opts_addOpenShift Merge Robot2020-02-20
|\ | | | | Add network opts to pods
| * Add network options to podman pod createMatthew Heon2020-02-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables most of the network-related functionality from `podman run` in `podman pod create`. Custom CNI networks can be specified, host networking is supported, DNS options can be configured. Also enables host networking in `podman play kube`. Fixes #2808 Fixes #3837 Fixes #4432 Fixes #4718 Fixes #4770 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | Merge pull request #5225 from vrothberg/fix-5087OpenShift Merge Robot2020-02-19
|\ \ | | | | | | config: use built-in TOML merge and adhere to label setting
| * | libpod.conf: clarify `label` descriptionValentin Rothberg2020-02-19
| | | | | | | | | | | | | | | | | | | | | Clarify that the label option sets the defaults which can still be overriden by the CLI. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #5233 from QiWang19/login/out-parameterOpenShift Merge Robot2020-02-19
|\ \ \ | |/ / |/| | fix mandatory parameter in login/logout
| * | fix mandatory parameter in login/logoutQi Wang2020-02-18
| | | | | | | | | | | | | | | | | | | | | fix #5146 Insted of using a registry as mandatory parameter, this path allows podman to use the first registry from registries.conf. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #5243 from Akasurde/misc_typoOpenShift Merge Robot2020-02-18
|\ \ \ | |/ / |/| | Misc typo fixes
| * | Misc typo fixesAbhijeet Kasurde2020-02-18
| |/ | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | Merge pull request #5223 from vrothberg/ps-image-idOpenShift Merge Robot2020-02-18
|\ \ | |/ |/| podman-ps: support image IDs
| * podman-ps: support image IDsValentin Rothberg2020-02-17
| | | | | | | | | | | | | | Support printing image IDs via `--format "{{.ImageID}}"`. Fixes: #5160 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Update documentation of commit command to show image reference is optionalAllan Jacquet-Cretides2020-02-15
|/ | | | | | | | | | | Following Commit ba1d1304a67b ("make image reference for commit optional") Updates usage text used by cobra and markdown document used to generate MAN page. Fixes: #5145 Signed-off-by: Allan Jacquet-Cretides <allan.jacquet@gmail.com>
* Merge pull request #5192 from kolyshkin/manOpenShift Merge Robot2020-02-14
|\ | | | | podman-run(1): fixes
| * podman(1): fixesKir Kolyshkin2020-02-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I saw some bad formatting when reading "man podman-run" and proceeded to fix it. I have now opened a can of worms... This commit tries to fix some of the formatting, wording and other bugs I came across (unfortunately not all of them). Can't list every fix that I made here, but in general: - format lists as such (prepend items with "- "); - format examples as such (enclose in ```...```); - format literal values (option names, literal values) as **bold**; - format man page references as **page**(1). - format replacements (option values) and file names as _italic_; - remove some duplicate info (such as what's the default value); - move option value description to option syntax; - end sentences with a period. To test: ```console $ make docs $ man ./docs/build/man/podman-run.1 ### check terminal formatting $ man -Tps ./docs/build/man/podman-run.1 > podman-run.ps $ ps2pdf podman-run.ps ### optional $ evince podman-run.pdf ### check printer formatting (or use ps viewr ``` NOTE - there is much more to do here; - I haven't checked any factual contents, this is about formatting Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
* | Merge pull request #5115 from QiWang19/images-formatOpenShift Merge Robot2020-02-13
|\ \ | | | | | | images --format compatible with docker
| * | images --format compatible with dockerQi Wang2020-02-10
| | | | | | | | | | | | | | | | | | | | | This patch lets valid values of --format be compatible with docker. Replace CreatedTime with CreatedAt, Created with CreatedSince. Keep CreatedTime and Created are valid as hidden options. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | Merge pull request #5152 from QiWang19/device-cgroup-ruleOpenShift Merge Robot2020-02-13
|\ \ \ | |_|/ |/| | support device-cgroup-rule
| * | support device-cgroup-ruleQi Wang2020-02-12
| |/ | | | | | | | | | | | | fix #4876 Add `--device-cgroup-rule` to podman create and run. This enables to add device rules after the container has been created. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | Merge pull request #5144 from marusak/doc_fixesOpenShift Merge Robot2020-02-12
|\ \ | |/ |/| [CI:DOCS] podman system service doc fixes
| * doc: Fix examples for 'podman system service'Matej Marusak2020-02-10
| | | | | | | | Signed-off-by: Matej Marusak <mmarusak@redhat.com>
* | docs: add workaround for --device with rootless containers (II)Stefan Becker2020-02-10
|/ | | | | | | | | | Update documentation for crun >= 0.11. See https://github.com/containers/crun/commit/6df930821d80a8e151674f0fda1321fba93bb92d Fixes #4477 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* Move podman-service to podman-system-serviceMatthew Heon2020-02-06
| | | | | | Fixes #5108 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Force --all when --filter is passed to podman psMatthew Heon2020-02-04
| | | | | | | | | | When we filter, it should be out of all containers, not just running ones, by default - this is necessary to ensure Docker compatability. Fixes #5050 Signed-off-by: Matthew Heon <mheon@redhat.com>
* Merge pull request #5028 from baude/commitimageOpenShift Merge Robot2020-01-30
|\ | | | | make image reference for commit optional
| * make image reference for commit optionalBrent Baude2020-01-30
| | | | | | | | | | | | | | | | to match docker compat, the image tag should be optional. Fixes: #5027 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5024 from rpjday/markdown/asterisksOpenShift Merge Robot2020-01-30
|\ \ | |/ |/| markdown: fix erroneous asterisk markup for options
| * markdown: fix erroneous asterisk markup for optionsRobert P. J. Day2020-01-30
| | | | | | | | | | | | | | Fix option markup in a number of man pages so it renders properly when viewing online. Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
* | Merge pull request #4951 from rpjday/docs/unshareOpenShift Merge Robot2020-01-30
|\ \ | |/ |/| markdown: fix grammar/formatting, standardize on markdown
| * markdown: fix grammar/formatting, standardize on markdownRobert P. J. Day2020-01-23
| | | | | | | | | | | | | | | | | | | | | | While fixing grammar and list formatting issues, standardize on markdown as follows: - commands are marked by '**' - files are marked by backquotes - list items are marked with leading '-' Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
* | Merge pull request #4984 from baude/pullarchoverrideOpenShift Merge Robot2020-01-28
|\ \ | | | | | | expose --arch-override option for pull
| * | expose --arch-override option for pullBrent Baude2020-01-27
| | | | | | | | | | | | | | | | | | | | | | | | We no longer wish to hide the --arch-override from the cli on pulls. we now expose it. docs updated. tests already exist. Fixes: #4849 Signed-off-by: Brent Baude <bbaude@redhat.com>