| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
added the following flags and handling for podman pod create
--memory-swap
--cpuset-mems
--device-read-bps
--device-write-bps
--blkio-weight
--blkio-weight-device
--cpu-shares
given the new backend for systemd in c/common, all of these can now be exposed to pod create.
most of the heavy lifting (nearly all) is done within c/common. However, some rewiring needed to be done here
as well!
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\
| |
| | |
[CI:DOCS] document isolate option for network create
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
[CI:DOCS]
document the podman network create -o=isolate which allows networks to cut themselves off
from external connections.
resolves #5805
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update the init container type default to once instead
of always to match k8s behavior.
Add a new annotation that can be used to change the init
ctr type in the kube yaml.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|/
|
|
|
|
| |
rme -> rm
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
|
|
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
| |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\
| |
| | |
Podman pull --all-tags shorthand option
|
| |
| |
| |
| |
| |
| |
| | |
I added the shorthand option for `podman pull --all-tags`. Like Docker,
Podman can now do `podman pull -a`.
Signed-off-by: Jake Correnti <jcorrenti13@gmail.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Add socket_activation.md
|
| | |
| | |
| | |
| | |
| | | |
Co-authored-by: Valentin Rothberg <vrothberg@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| | |
| | |
| | |
| | |
| | | |
Closes #14908
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Filter flag is added for podman stop and podman --remote stop. Filtering logic is implemented in
getContainersAndInputByContext(). Start filtering can be manipulated to use this logic as well to limit redundancy.
Signed-off-by: Karthik Elango <kelango@redhat.com>
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Followup to #14906, in which a nonexistent option was found
in a man page. The xref script was designed to catch that,
but I was too lax in my parsing: the option was documented
using wrong syntax, and the script didn't catch it.
Solution: do not allow *any* unrecognized cruft in the
option description lines. And fix all improperly-written
entries to conform to the rule:
**--option**=*value(s)*
Two asterisks around option, which must have two dashes. One
asterisk around value(s).
This is going to cause headaches for some people adding new
options, but I don't think I can fix that: there are many
factors that make an unparseable line. Adding 'hint' code
would make the script even more complex than it is. I have
to assume that our contributors are smart enough to look
at surrounding context and figure out the right way to
specify options.
Signed-off-by: Ed Santiago <santiago@redhat.com>
|
|\ \ \
| |_|/
|/| | |
Add podman events -f to be alias for --filter
|
| | |
| | |
| | |
| | |
| | |
| | | |
Needed for Docker compatibility.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| | | |
| | | | |
Add "podman kube play" cmd
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The "podman kube play" command is designed to be a replacement for the
"podman play kube" command.
It performs the same function as "play kube" while also still working with the same flags and options.
The "podman play kube" command is still functional as an alias of "kube play".
Closes #12475
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \ \
| |/ /
|/| | |
[CI:DOCS] man pages: replace -c with --cpu-shares
|
| | |
| | |
| | |
| | | |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
| |/
| |
| |
| | |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \
| | |
| | | |
Docker uses "-c" to mean "--cpu-shares" in create and run
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add support for -c as an alias for --cpu-shares to be compatible with
Docker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
|
|\ \ \
| |/ /
|/| | |
[CI:DOCS] rootless_tutorial: Remove incorrect advice regarding volume…
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
mount points
* Remove the instruction
"The mount point must exist in the container"
as it is incorrect which is shown by this example
```
$ mkdir dir1
$ podman run --rm -v ./dir1:/dir1:Z docker.io/library/fedora:36 touch /dir1/file
$ ls dir1
file
$ podman run --rm docker.io/library/fedora:36 ls -l /dir1
ls: cannot access '/dir1': No such file or directory
$ podman --version
podman version 4.1.1
$
```
* Rewrite the advice "You should always give the full path to the volume you'd like to mount"
so that it also mentions relative paths starting with a dot.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|/
|
|
|
|
| |
Closes #14906
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
|
|
|
|
|
| |
* Correct spelling and typos.
* Improve language.
Co-authored-by: Ed Santiago <santiago@redhat.com>
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
|
|
|
|
| |
* Reference --uidmap in --gidmap docs for additional information
* Remove --gidmap example "groupname -> 100000 / 30000 -> 0"
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* Add example "Extracting the list of container registries with a Go template".
(The example was already present but in a much shorter form)
* Add example "Extracting the list of container registries from JSON with jq".
* Add shell completion instructions
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Make sure that the docs for pull policies is consistent with Buildah and
reflects the implementation.
Further improve the help messages and auto completions.
[NO NEW TESTS NEEDED]
Fixes: #14846
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\
| |
| | |
make 9p security model configurable; document
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This addresses:
Symlinks don't work on podman machine on macOS Monterey when using volumes feature #13784
This change does NOT exactly fix the bug, but it does allow the user to
work around it via 'podman init' option, e.g.:
podman machine init -v "$HOME/git:$HOME/git:ro:security_model=none"
If the default security model were to be changed to 'none', then that
would fix the bug, at the possible cost of breaking any use cases that
depend on 'mapped-xattr'.
The documentation of the purpose and behavior of the different security
models seems to be rather light:
https://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
From testing, it appears that the mapped-xattr security model intends to
manage symlinks such that the guest can see the symlinks but the host
only sees regular files (with extended attributes). As far as I can
tell, this behavior only makes sense when the guest is the only thing
that ever needs to create and read symlinks. Otherwise, symlinks created
on the host are unusable on the guest, and vice versa.
As per the original commit: 8e7eeaa4dd14621bda15e396fcd7b9187bc500c5
[NO NEW TESTS NEEDED]
Also document existing ro and rw options.
Also remove misleading statement about /mnt. By my observation, this
line is incorrect. If the intended meaning is different, then I don't
understand.
The default volume is mounted read/write and is not within /mnt.
[core@localhost ~]$ mount | grep 9p
vol0 on /Users/chickey type 9p (rw,relatime,sync,dirsync,access=client,trans=virtio)
Signed-off-by: Corey Hickey <chickey@tagged.com>
|
|\ \
| | |
| | | |
Podman machine info
|
| |/
| |
| |
| |
| |
| |
| | |
Add podman machine info command, which displays infor about the machine
host as well as version info.
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \
| | |
| | | |
Update play kube docs
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Update play kube docs with supported fields for
configMap and deployment kinds.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
add support for the --uts flag in pod create, allowing users to avoid
issues with default values in containers.conf.
uts follows the same format as other namespace flags:
--uts=private (default), --uts=host, --uts=ns:PATH
resolves #13714
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
[CI:DOCS] Fix spelling "read only" -> "read-only"
|
| |/
| |
| |
| | |
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
|
|\ \
| | |
| | | |
podman pod create --memory
|
| |/
| |
| |
| |
| |
| |
| |
| | |
using the new resource backend, implement podman pod create --memory which enables
users to modify memory.max inside of the parent cgroup (the pod), implicitly impacting all
children unless overriden
Signed-off-by: Charlie Doern <cdoern@redhat.com>
|
|/
|
|
|
| |
This flag does not work (e.g. on Fedora 36) and not appear to be required (anymore?).
Signed-off-by: Michael Vorburger ⛑️ <mike@vorburger.ch>
|
|\
| |
| | |
podman-play-kube template: rename to podman-kube
|
| |
| |
| |
| |
| |
| | |
Mention the template in the docs for play-kube and generate-systemd.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
|
|\ \
| |/
|/| |
podman volume create --opt=o=timeout...
|
| |
| |
| |
| |
| |
| |
| | |
add an option to configure the driver timeout when creating a volume.
The default is 5 seconds but this value is too small for some custom drivers.
Signed-off-by: cdoern <cdoern@redhat.com>
|
|\ \
| | |
| | | |
Only allow Rootless runs of Podman Machine
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Podman Machine crashes if run as root. When creating the machine, we write the ignition so that the UID of the core user matches the UID of the user on the host. We by default, create the root user on the machine with UID 0. If the user on the host is root, the core UID and the Root UID collide, causing a the VM not to boot.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
|
|\ \ \
| | | |
| | | | |
volume: add two new options copy and nocopy
|
| |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
add two new options to the volume create command: copy and nocopy.
When nocopy is specified, the files from the container image are not
copied up to the volume.
Closes: https://github.com/containers/podman/issues/14722
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
|