| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\
| |
| | |
volume: add support for non-volatile `upperdir`,`workdir` for overlay volumes
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Often users want their overlayed volumes to be `non-volatile` in nature
that means that same `upper` dir can be re-used by one or more
containers but overall of nature of volumes still have to be `overlay`
so work done is still on a overlay not on the actual volume.
Following PR adds support for more advanced options i.e custom `workdir`
and `upperdir` for overlayed volumes. So that users can re-use `workdir`
and `upperdir` across new containers as well.
Usage
```console
$ podman run -it -v myvol:/data:O,upperdir=/path/persistant/upper,workdir=/path/persistant/work alpine sh
```
Signed-off-by: Aditya R <arajan@redhat.com>
|
| |\ \
| | |
| | | |
network create: allow multiple subnets
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
podman network create --subnet, --gateway and --ip-range can now be
specified multiple times to join the network to more than one subnet.
This is very useful if you want to use a dual stack network and assign a
fixed ipv4 and ipv6 subnet. The order of the options is important here,
the first --gateway/--ip-range will be assigned to the first subnet and
so on.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
CI:DOCS: Unify podman prune filter description: volumes, networks, system
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |/
| |
| |
| |
| |
| | |
follow up of #12976
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
| |/
|
|
|
|
|
|
|
| |
Bumps Buildah to v1.24.0 and adopts the new values for pull:
true, false, never, and always. The pull-never and pull-always options
for the build command are still usable, but they have been removed from
the man page documentation with this change.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
|
| |
|
|
|
|
|
| |
* Add more documentation fixes similar to
8099a61b648a1cfc862461487f1db9ecd47d065e
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\
| |
| | |
[CI:DOCS] Fix filter description and unify filters docs for containers/images prune
|
| | |
| |
| |
| | |
Signed-off-by: Patrycja Guzik <patrycja.k.guzik@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
| |
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit includes:
* Handlers for generate systemd unit
with manually defined dependencies such as:
Wants=, After= and Requires=
* The new unit and e2e tests for checking generated systemd units
for container and pod with custom dependencies
* Documented descriptions for custom dependencies options
Signed-off-by: Eugene (Evgenii) Shubin <esendjer@gmail.com>
|
| |
|
|
|
|
|
|
| |
Since this option will also be used for netavark we should rename it to
something more generic. It is important that --cni-config-dir still
works otherwise we could break existing container cleanup commands.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
* Replace https://github.com/containers/podman/blob/master
with https://github.com/containers/podman/blob/main
to match the new default branch "main". Previously
the default branch was "master". The substitutions were
made in the documentation but not the code.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |\
| |
| | |
Prohibit --uid/gid map and --pod for container create/run
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
add a check in namespaceOptions() that ensures the user is not setting a new uid/gid map
if entering or creating a pod that has an infra container
resolves #12669
Signed-off-by: cdoern <cdoern@redhat.com>
|
| |\ \
| | |
| | | |
use libnetwork from c/common
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Make sure buildah uses the new network stack.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |_|/
|/| | |
Podman Pod Create --sysctl support
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
added support for pod wide sysctls. The sysctls supported are the same as the continer run controls.
These controls are only valid if the proper namespaces are shared within the pod, otherwise only the infra ctr gets the sysctl
resolves #12747
Signed-off-by: cdoern <cdoern@redhat.com>
|
| | |/
|/|
| |
| |
| |
| | |
Fixes: https://github.com/containers/podman/issues/11515
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| | |
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This option causes Podman to not only remove the specified containers
but all of the containers that depend on the specified
containers.
Fixes: https://github.com/containers/podman/issues/10360
Also ran codespell on the code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |/
|
|
|
|
|
|
| |
Make JSON more prominent in podman machine ls --help and man page.
[NO NEW TESTS NEEDED]
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The example as previously shown would result in "Error: multi doc yaml
could not be split". The change here has been tested to work, and it
matches the example in the [kubernetes
docs](https://kubernetes.io/docs/tasks/configure-pod-container/configure-pod-configmap/#configure-all-key-value-pairs-in-a-configmap-as-container-environment-variables).
Signed-off-by: Michael Hrivnak <mhrivnak@hrivnak.org>
|
| |\
| |
| | |
Implement virtfs volumes for podman machine
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use the same type of mounts for all the machine volumes.
The default could change in the future, depending on OS.
[NO NEW TESTS NEEDED]
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow using the built-in 9pfs feature of qemu,
mounting host directories into vm mountpoints.
The volumes are generic, the mounts are specific.
Wait for the machine to be "running", otherwise
the SSH function might throw an error instead.
Increase the default msize from 8 KiB to 128 KiB
[NO NEW TESTS NEEDED]
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |\ \
| | |
| | | |
Pod Security Option support and Infra Inheritance changes
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added support for pod security options. These are applied to infra and passed down to the
containers as added (unless overridden).
Modified the inheritance process from infra, creating a new function Inherit() which reads the config, and marshals the compatible options into an intermediate struct `InfraInherit`
This is then unmarshaled into a container config and all of this is added to the CtrCreateOptions. Removes the need (mostly) for special additons which complicate the Container_create
code and pod creation.
resolves #12173
Signed-off-by: cdoern <cdoern@redhat.com>
|
| | |
| |
| |
| | |
Signed-off-by: Pavel Dostál <pdostal@suse.cz>
|
| |\ \
| | |
| | | |
add --ip6 flag to podman create/run
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add the --ipv6 flag to podman create/run and pod create. We support the
--network name:ip6=<ip> syntax now but for docker compat we should also
support the --ip6 flag.
Note that there is no validation if the ip is actually a v6 or v4 address
because the backend does not care either.
Fixes #7511
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
|
| |\ \ \
| |/ /
|/| | |
[CI:DOCS]: sort swagger operations alpabetically
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use `sort-operations-alphabetically` to sort swagger operations
alphabetically
[CI:DOCS]
[NO-NEW-TESTS-NEEDED]
Signed-off-by: Aditya Rajan <arajan@redhat.com>
|
| |/
|
|
| |
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
|
| |\
| |
| | |
Allow users to add host user accounts to /etc/passwd
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some containers require certain user account(s) to exist within the
container when they are run. This option will allow callers to add a
bunch of passwd entries from the host to the container even if the
entries are not in the local /etc/passwd file on the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
| |\ \
| |/
|/| |
clarify `io.podman.annotations.seccomp`
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Clarify the semantics of the `io.podman.annotations.seccomp` annotation
which is set when a container has been created with a custom seccomp
profile.
Fixes: #12671
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
|
| |\ \
| |/
|/| |
[CI:DOCS] docs: document rootless userns mappings
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
document how the host IDs are mapped inside the rootless user
namespace.
Closes: https://github.com/containers/podman/issues/12676
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CRIU's pre-copy migration support relies on the soft dirty page tracking
in the Linux kernel:
https://www.kernel.org/doc/Documentation/vm/soft-dirty.txt
This functionality is not implemented for all architectures and it can
also be turned off in the kernel.
CRIU can check if the combination of architecture/kernel/CRIU supports
the soft dirty page tracking and exports this feature checking
functionality in go-criu.
This commit adds an early check if the user selects pre-copy
checkpointing to error out if the system does not support it.
Signed-off-by: Adrian Reber <areber@redhat.com>
|
| |\
| |
| | |
Podman run --passwd
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
added support for a new flag --passwd which, when false prohibits podman from creating entries in
/etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint
resolves #11805
Signed-off-by: cdoern <cdoern@redhat.com>
|
