aboutsummaryrefslogtreecommitdiff
path: root/docs
Commit message (Collapse)AuthorAge
* Update podman-generate-systemd man pageSujil022020-04-16
| | | | | | | Update links, content, and adding more examples to show how to run the generated .service files as root and non-root. Fix for #5497 Signed-off-by: Sujil02 <sushah@redhat.com>
* Merge pull request #5724 from zypA13510/patch-1OpenShift Merge Robot2020-04-08
|\ | | | | man page: add note about issue with SELinux
| * man page: add note about issue with SELinuxYuping Zuo2020-04-08
| | | | | | | | Signed-off-by: Yuping Zuo <zypA13510@users.noreply.github.com>
* | Merge pull request #5478 from giuseppe/auto-usernsOpenShift Merge Robot2020-04-06
|\ \ | | | | | | userns: support --userns=auto
| * | userns: support --userns=autoGiuseppe Scrivano2020-04-06
| |/ | | | | | | | | | | | | automatically pick an empty range and create an user namespace for the container. Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* | refactor infoBrent Baude2020-04-06
| | | | | | | | | | | | the current implementation of info, while typed, is very loosely done so. we need stronger types for our apiv2 implmentation and bindings. Signed-off-by: Brent Baude <bbaude@redhat.com>
* | Merge pull request #5620 from cfelder/play-kube-networkingOpenShift Merge Robot2020-04-06
|\ \ | |/ |/| Add support for specifying CNI networks in podman play kube
| * Add support for specifying CNI networks in podman play kubeChristian Felder2020-03-27
| | | | | | | | | | Fixes: #5609 Signed-off-by: Christian Felder <c.felder@fz-juelich.de>
* | Merge pull request #5649 from jwhonce/wip/varlinkOpenShift Merge Robot2020-03-31
|\ \ | | | | | | V2 Move varlink home
| * | V2 Move varlink homeJhon Honce2020-03-30
| | | | | | | | | | | | | | | | | | | | | | | | * move cmd/podman/varlink/* to pkg/varlink to support podmanV2 refactor * update Makefile * reformatted all impacted code Signed-off-by: Jhon Honce <jhonce@redhat.com>
* | | Switch to using --time as opposed to --timeout to better match Docker.Daniel J Walsh2020-03-31
|/ / | | | | | | | | | | | | We need to consistently use --time rather then --timeout throughout the code. Fix locations where timeout defaults are not set correctly as well. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4976 from rpjday/rpjday/podman_versionOpenShift Merge Robot2020-03-28
|\ \ | | | | | | docs: mention that "podman version" prints out Remote API Version
| * | docs: mention that "podman version" prints out Remote API VersionRobert P. J. Day2020-01-26
| | | | | | | | | | | | | | | | | | | | | | | | Since "man podman-version" seems to want to list everything printed about the current version, add a reference to Remote API Version for completeness. Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
* | | Add support for containers.confDaniel J Walsh2020-03-27
| | | | | | | | | | | | | | | | | | | | | vendor in c/common config pkg for containers.conf Signed-off-by: Qi Wang qiwan@redhat.com Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Fix Markdown typo in podman-create.1.mdErik Sjölund2020-03-27
| |/ |/| | | | | Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
* | Merge pull request #5495 from openSUSE/image-signOpenShift Merge Robot2020-03-24
|\ \ | | | | | | Add image signing with GPG tutorial
| * | Add image signing with GPG tutorialSascha Grunert2020-03-23
| | | | | | | | | | | | Signed-off-by: Sascha Grunert <sgrunert@suse.com>
* | | Merge pull request #5559 from rhatdan/dockerOpenShift Merge Robot2020-03-23
|\ \ \ | | | | | | | | Fix docker man page links
| * | | Fix docker man page linksDaniel J Walsh2020-03-19
| | | | | | | | | | | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | | Implemented --iidfile for podman commitSujil022020-03-19
|/ / / | | | | | | | | | | | | | | | | | | Added flag to Write the image ID to the file with podman commit command. Fix to issue #5461 Signed-off-by: Sujil02 <sushah@redhat.com>
* | | auto updatesValentin Rothberg2020-03-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add support to auto-update containers running in systemd units as generated with `podman generate systemd --new`. `podman auto-update` looks up containers with a specified "io.containers.autoupdate" label (i.e., the auto-update policy). If the label is present and set to "image", Podman reaches out to the corresponding registry to check if the image has been updated. We consider an image to be updated if the digest in the local storage is different than the one of the remote image. If an image must be updated, Podman pulls it down and restarts the container. Note that the restarting sequence relies on systemd. At container-creation time, Podman looks up the "PODMAN_SYSTEMD_UNIT" environment variables and stores it verbatim in the container's label. This variable is now set by all systemd units generated by `podman-generate-systemd` and is set to `%n` (i.e., the name of systemd unit starting the container). This data is then being used in the auto-update sequence to instruct systemd (via DBUS) to restart the unit and hence to restart the container. Note that this implementation of auto-updates relies on systemd and requires a fully-qualified image reference to be used to create the container. This enforcement is necessary to know which image to actually check and pull. If we used an image ID, we would not know which image to check/pull anymore. Fixes: #3575 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | Merge pull request #5439 from ttys3/fixup-systemdgen-with-new-paramOpenShift Merge Robot2020-03-16
|\ \ \ | |/ / |/| | systemd generator: force run container detached if CreateCommand has no detach param
| * | force run container detached if container CreateCommand missing the detach param荒野無燈2020-03-14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the podman generated systemd service file has `Type=forking` service, so the command after `ExecStart=` should not run in front. if someone created a container and has the detach(`-d`) param missing like this ``` podman create --name ngxdemo -P nginxdemos/hello ``` and generate the file with `--new` param: ``` podman generate systemd --name --new ngxdemo ``` because `podman run xxx` has no `-d` param, so the container is not run in background and nerver exit. and systemd will fail to start the service: ``` sudo systemctl start container-ngxdemo.service Job for container-ngxdemo.service failed because a timeout was exceeded. See "systemctl status container-ngxdemo.service" and "journalctl -xe" for details. ``` Signed-off-by: 荒野無燈 <ttys3@outlook.com>
* | | man page cross-reference fixes: part 2Ed Santiago2020-03-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The other direction: fix or clean up elements documented in man pages but which did/do not exist in actual podman: * runlabel: add missing "-n" alias for --name And, remove man page entries for nonexistent options: * podman commit: --iidfile * podman container runlabel: --rootfs, --storage * podman create: --cpu-count There are two problems I don't know how to deal with. Both are related to main_local.go:rootCmd.PersistentFlags() : 1) podman-build.1.md documents --cni-config-dir and --runtime options, but these are not actually options under podman build; they are global options. The documentation in this man page differs from that under podman-build. 2) podman ps implements a binary --namespace option, but this option does not (cannot?) appear in --help because there's a global --namespace string option and Cobra somehow gets confused about this. Do we really intend for global options to be parsed on the right-hand side of subcommands? This strikes me as unintuitive and potentially confusing, although the fact that it has taken me this long to discover it suggests that it's not _that_ confusing. Suggestions welcome. I can file issues for 1/2 above, or simply teach my script to special-case ignore them. Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | man pages: fix inconsistenciesEd Santiago2020-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I wrote a script to cross-reference podman --help against man pages. It found a bunch of inconsistencies fix them: * options missing from man pages * options misspelled or misformatted in man pages (usually misplaced asterisks or missing dashes, but see --dns-opt) * one spurious comma in the actual source file --help This is a fix in which I iterate over 'podman CMD --help' and check for presence in man pages. The other way around (look for flags in man pages, check podman CMD --help) is probably impossible: there are too many special cases Signed-off-by: Ed Santiago <santiago@redhat.com>
* | | Merge pull request #5402 from vrothberg/syslogOpenShift Merge Robot2020-03-10
|\ \ \ | | | | | | | | docs: clarify bools in `podman --help`
| * | | docs: clarify that --syslog expects an argumentValentin Rothberg2020-03-10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Clarify in the man page that --syslog expexts an argument to prevent users from believing it's a switch. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Remove nonexistent --set arg from runlabel documentationClint Olson2020-03-10
|/ / / | | | | | | | | | Signed-off-by: Clint Olson <clint@populi.co>
* | | rootles tutorial: remove systemd unit exampleValentin Rothberg2020-03-09
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The example was not entirely correct. Users should use `podman generate systemd` and use the output either directly or as a template for further adjustments to their needs. Keeping an example in the rootless tutorial is a maintenance burdon and can easily suggest incorrect usage patterns to users. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | generate systemd: add `default.target` to INSTALLValentin Rothberg2020-03-09
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When enabling a systemd service we can specify which target will start it by specifying it in the `[INSTALL]` section. In case of root, this is commonly set to `multi-user.target` which is used to start other essential system services such as the network manager, D-BUS and more. However, the `multi-user.target` is not enough on all systems, especially when running rootless and enabling user services. Multiple users have reported issues that there isn't even an attempt to start the service. Setting the INSTALL target to `default.target` will fix the rootless case. However, `default.target` may vary among systems. Fedora Workstation, for instance, sets the `default.target` to the graphical target (i.e., runlevel 5) while Fedora Server sets it to `multi-user.target` which is on runlevel 2 and hence way earlier in the startup sequence. As INSTALL allows for specifying multiple INSTALL targets, we can set it to `multi-user.target` to continue supporting existing workloads AND to `default.target` which MAY redundantly attempt to start it at a later point; effectively a NOP for the root case and essential for rootless. Fixes: #5423 Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | Merge pull request #5412 from rhatdan/tmpdirOpenShift Merge Robot2020-03-08
|\ \ | | | | | | Allow users to set TMPDIR environment
| * | Allow users to set TMPDIR environmentDaniel J Walsh2020-03-06
| | | | | | | | | | | | | | | | | | | | | Some users have small /var/tmp directories and need to be able to specify a different location for temporary files, which includes more space. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Fix spelling mistakes in code found by codespellDaniel J Walsh2020-03-07
|/ / | | | | | | Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #4772 from boaz0/closes_4628OpenShift Merge Robot2020-03-04
|\ \ | | | | | | Add the rmi flag to podman-run to delete container image
| * | Add the rmi flag to podman-run to delete container imageBoaz Shuster2020-03-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The --rmi flag will delete the container image after its execution unless that image is already been used by another container(s). This is useful when one wants to execute a container once and remove any resources attached to it. Signed-off-by: Boaz Shuster <boaz.shuster.github@gmail.com>
* | | Update docs/source/markdown/podman-build.1.mdDaniel J Walsh2020-03-02
| | | | | | | | | | | | | | | Signed-off-by: Valentin Rothberg <rothberg@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | | Allow devs to set labels in container images for default capabilities.Daniel J Walsh2020-03-02
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch allows users to specify the list of capabilities required to run their container image. Setting a image/container label "io.containers.capabilities=setuid,setgid" tells podman that the contained image should work fine with just these two capabilties, instead of running with the default capabilities, podman will launch the container with just these capabilties. If the user or image specified capabilities that are not in the default set, the container will print an error message and will continue to run with the default capabilities. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* | Merge pull request #5300 from baude/disablehealthOpenShift Merge Robot2020-02-23
|\ \ | | | | | | Add --no-healthcheck command to create/run
| * | Add --no-healthcheck command to create/runBrent Baude2020-02-22
| | | | | | | | | | | | | | | | | | | | | | | | Now support --no-healthcheck option to disable defined healthchecks in a container image. --health-cmd=none remains supported as well. Fixes: #5299 Signed-off-by: Brent Baude <bbaude@redhat.com>
* | | docs: symlink to host device is resolvedStefan Becker2020-02-23
|/ / | | | | | | | | | | | | | | | | Also apply changes from commit 3fd9f0c028f9dab7c8923629d4dc5d38e594db1a to the other two commands that have the --device option. Documents #4550 Signed-off-by: Stefan Becker <chemobejk@gmail.com>
* | podman images: add --filter=since=XXEd Santiago2020-02-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Looks like a bit of a misunderstanding from early on. Docker implements --filter=since=IMAGE. Podman implements 'after' instead of 'since'. Add an equivalent case statement to handle both, keeping 'after' because we have no way of knowing if it is used in the field. Update documentation ... and fix what looks like a complete misinterpretation of what the code actually does: the man page claimed that these were time fields, but I don't see any possible incantation in which a time value works or could work. Updated docs to reflect IMAGE usage. Also changed nonworking '==' to single '='. Added tests. [UPDATE: skip with broken podman-remote] Fixes: #5040 Signed-off-by: Ed Santiago <santiago@redhat.com>
* | Merge pull request #5241 from mheon/pod_network_opts_addOpenShift Merge Robot2020-02-20
|\ \ | | | | | | Add network opts to pods
| * | Add network options to podman pod createMatthew Heon2020-02-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables most of the network-related functionality from `podman run` in `podman pod create`. Custom CNI networks can be specified, host networking is supported, DNS options can be configured. Also enables host networking in `podman play kube`. Fixes #2808 Fixes #3837 Fixes #4432 Fixes #4718 Fixes #4770 Signed-off-by: Matthew Heon <matthew.heon@pm.me>
* | | Merge pull request #5225 from vrothberg/fix-5087OpenShift Merge Robot2020-02-19
|\ \ \ | | | | | | | | config: use built-in TOML merge and adhere to label setting
| * | | libpod.conf: clarify `label` descriptionValentin Rothberg2020-02-19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Clarify that the label option sets the defaults which can still be overriden by the CLI. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
* | | | Merge pull request #5233 from QiWang19/login/out-parameterOpenShift Merge Robot2020-02-19
|\ \ \ \ | |/ / / |/| | | fix mandatory parameter in login/logout
| * | | fix mandatory parameter in login/logoutQi Wang2020-02-18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | fix #5146 Insted of using a registry as mandatory parameter, this path allows podman to use the first registry from registries.conf. Signed-off-by: Qi Wang <qiwan@redhat.com>
* | | | Merge pull request #5243 from Akasurde/misc_typoOpenShift Merge Robot2020-02-18
|\ \ \ \ | |/ / / |/| | | Misc typo fixes
| * | | Misc typo fixesAbhijeet Kasurde2020-02-18
| |/ / | | | | | | | | | Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
* | | Merge pull request #5223 from vrothberg/ps-image-idOpenShift Merge Robot2020-02-18
|\ \ \ | |/ / |/| | podman-ps: support image IDs