The `--rm` flag will only cause a container to be removed when it has
been created and started successfully. Otherwise, it will not be
removed to allow the container to be inspected and to analyze the root
cause of the failure. Document those semantics more clearly in the
manpages to avoid confusion for users.
Fixes: #1359
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1362
Approved by: rhatdan
Add a containers-mounts.conf(5) manpage. The mounts.conf is used by
other tools (e.g., CRI-O) as well. A dedicated manpage reduces
redundancy.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1350
Approved by: rhatdan
Use the "containers-" prefix for all references to the
containers-registries.conf and containers-storage.conf
configuration files.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1350
Approved by: rhatdan
I am often asked about the list of capabilities availabel to a container.
We should be listing this data in the inspect command for effective
capabilities and the bounding set.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1335
Approved by: TomSweeneyRedHat
A pause container is added to the pod if the user opts in. The default pause image and command can be overridden. Pause containers are ignored in ps unless the -a option is present. Pod inspect and pod ps show shared namespaces and pause container. A pause container can't be removed with podman rm, and a pod can be removed if it only has a pause container.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1187
Approved by: mheon
Using the vendored changes from psgo, incorporate JoinNamespaceAndProcessInfoByPids to get process information for each pid namespace of running containers in the pod. Also added a man page, and tests.
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1298
Approved by: mheon
Need to get some small changes into libpod to pull back into buildah
to complete buildah transition.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1270
Approved by: mheon
Default settings for storage can be overriden by setting these environment
variables.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1282
Approved by: mheon
podman does not support nocopy so remove reference in the man page.
podman build now supports --isolation, so add documentation.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1225
Approved by: TomSweeneyRedHat
It will be handy to know the runc and conmon versions as our
code gets into the wild.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1207
Approved by: rhatdan
This adds support for Dockerfile.in and fixes some limits
issues on docker build
Also adds support for podman build to read Dockerfile from stdin.
cat Dockerfile | podman build -f - .
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1209
Approved by: mheon
podman umount will currently only unmount file system if not other
process is using it, otherwise the umount decrements the container
storage to indicate that the caller is no longer using the mount
point, once the count gets to 0, the file system is actually unmounted.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1184
Approved by: TomSweeneyRedHat
Added Pause() and Unpause() to libpod/pod.go
Added man pages, tests and completions
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #1126
Approved by: rhatdan
Better explain the inner workings of both state types in comments
to make reviews and changes easier.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Trying to play with podman top, I had a hard time
finding info on format options.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1134
Approved by: umohnani8
As well as added tests, man pages, and completions.
Also reformatted and refactored a couple of other small things in the other pod commands.
Signed-off-by: haircommander <pehunt@redhat.com>
Use github.com/containers/psgo instead of execing `ps (1)`. The psgo
library enables a much more flexible interface with respect to which
data to be printed (e.g., capabilities, seccomp mode, PID, PCPU, etc.)
while the output can be parsed reliably. The library does not use
ps (1) but parses /proc and /dev instead. To list the processes of a
given container, psgo will join the mount namespace of the given
container and extract all data from there.
Notice that this commit breaks compatibility with docker-top.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1113
Approved by: rhatdan
Most images won't work without multiple ids/gids. Error out
immediately if there are no multiple ids available.
The error code when the user is not present in /etc/sub{g,u}id looks
like:
$ bin/podman run --rm -ti alpine echo hello
ERRO[0000] No subuid ranges found for user "gscrivano"
Closes: https://github.com/projectatomic/libpod/issues/1087
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1097
Approved by: rhatdan
podman now supports --volumes-from flag, which allows users
to add all the volumes an existing container has to a new one.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #931
Approved by: mheon
man-pages(7) has [1]:
> For commands, this shows the syntax of the command and its arguments
> (including options); boldface is used for as-is text and italics are
> used to indicate replaceable arguments. Brackets ([]) surround
> optional arguments, vertical bars (|) separate choices, and ellipses
> (...) can be repeated.
I've adjusted our SYNOPSIS entries to match that formatting, and
generally tried to make them more consistent with the precedent set by
the man-pages project. Outside of the SYNOPSIS entry, I prefer using
backticks for literals, although in some places I've left the **
bolding to keep things visually similar to a nearby SYNOPSIS entry.
[1]: http://man7.org/linux/man-pages/man7/man-pages.7.html
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #1027
Approved by: rhatdan
When we run containers in detach mode, nothing cleans up the network stack or
the mount points. This patch will tell conmon to execute the cleanup code when
the container exits.
It can also be called to attempt to cleanup previously running containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #942
Approved by: mheon
Instead of setting the --registry flag to search a single registry,
prefix the registry before the image name in the input, an example is
`podman search registry.fedoraproject.org/fedora` and this will search for
the fedora image in only registry.fedoraproject.org.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #1011
Approved by: rhatdan
Since podman search requires credentials to search private registries,
add the --authfile flag to allow users to pass in credentials from a
different authfile than the default one.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #998
Approved by: rhatdan
podman image and podman container have alternate CLI
to standard CLI for a lot of commands. The man pages
can be shared between both. This patch adds links so that
of some executes
`podman image load`, they will actually see the `podman load` man page.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #993
Approved by: mheon
Signals are proxied to the container process whether or not
the tty is used
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #984
Approved by: mheon
Also podman ps now allows user to only output size of root FS, changed language of images and ps --sort to be by "created" as opposed to "time", and refactored the way templates are created (converted from psJSONParams type).
Signed-off-by: haircommander <pehunt@redhat.com>
Closes: #948
Approved by: rhatdan
podman images will not show intermediate images by default.
To view all images, including intermediate images created during
a build, use the --all flag.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #947
Approved by: rhatdan
Went through the docs and fixed the alignment so they
all match up and look readable when doing 'man podman [command]"
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #943
Approved by: rhatdan
This will add --layers support.
Also add missing information in man pages on podman build features.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #938
Approved by: umohnani8
Until podman build supports caching, their are no intermediary builds,
but people might still use scripts that use the --all option.
Adding this will not hurt anything and could fix scripts.
Also fixed sorting issues in options handling of images
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #896
Approved by: mheon
Also add annotations from the image the container was created
from.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #886
Approved by: rhatdan
Format md files to work properly when converted to man pages.
Add sed command to cleanup table in podman man page.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #842
Approved by: mheon
We only want root to be allowed to access this socket.
Also move socket to /run/podman directory. This requires
us to drop a podman.conf tmpfiles.d file.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #806
Approved by: mheon
Collecting the Podman/libpod specifics in one place allows us use the
hooks documentation which the previous commit made more generic.
The re-ordered SEE ALSO is because [1]:
> The list should be ordered by section number and then alphabetically
> by name.
[1]: http://man7.org/linux/man-pages/man7/man-pages.7.html
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #772
Approved by: mheon
Currently podman build http://remote.com/Dockerfile does not work.
podman always treats this file as an Archive.
Vendoring in the latest buildah code fixes this issue. Also updated
the man pages to better explain the syntax.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #775
Approved by: TomSweeneyRedHat
document --format|-f in the commit man page. also, improve the error
message when user tries to use -m with the oci image format.
Resolves: 765
Signed-off-by: baude <bbaude@redhat.com>
Closes: #768
Approved by: rhatdan
Fixes a bug where the force bool was being ignored when deleting images
via the varlink interface.
Also, minor fix to the docs to add a line break between methods and types in
the doc index.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #753
Approved by: rhatdan
We have decided to alphabetize things in the API documentation to help users
find things easier. It also solves an issue where when being made, the API.md doc
would remake itself in a different order resulting in massive diffs in the pull
requests but no new content.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #739
Approved by: baude
Using varlink's idl parser, we generate API documentation for the podman
API relying on the .varlink file as the source.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #734
Approved by: baude
file names for podman load, save, export, and import cannot
contain ":" in them. It is a reserved character for parsing
filenames.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #694
Approved by: rhatdan
This fixes an issue where if you did
man -k podman-run
podman-run (1) - (unknown subject)
Now you will see
man -k podman-run
podman-run (1) - Run a command in a new container
More importantly
man -k containers | grep podman
podman (1) - Simple management tool for containers and images
podman-kill (1) - Kills one or more containers with a signal
podman-pause (1) - Pause one or more containers
podman-ps (1) - Prints out information about containers
podman-rm (1) - Remove one or more containers
podman-start (1) - Start one or more containers
podman-stats (1) - Display a live stream of 1 or more containers' resource usage statistics
podman-stop (1) - Stop one or more containers
podman-unpause (1) - Unpause one or more containers
podman-wait (1) - Waits on one or more containers to stop and prints exit code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #676
Approved by: mheon
If a container is already running, and a user asks to start it -a (attach), we should
honor this and attach to the container.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #634
Approved by: baude
In the case where podman needs to pull an image, if that registry that the image
resides on is known to be insesure (as defined in /etc/containers/registries.conf),
tls-verify should be altered on the fly.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #626
Approved by: mheon
Format the examples in podman-diff.md better.
The description for --type in the inspect docs was slightly different
from that in the inline help.
Also stated what values to use in the Go template for the --format flag.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #620
Approved by: mheon
podman does not support autorestart. Should use systemd if you
want containers to restart
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #487
Approved by: edsantiago
The progress should not be show for import, load, and commit. It makes machine
parsing of the output much more difficult. Also, each command should output an
image ID or name for the user.
Added a --verbose flag for users that still want to see progress.
Resolves issue #450
Signed-off-by: baude <bbaude@redhat.com>
Closes: #456
Approved by: rhatdan
(minor) One example in the podman-top man page results in an
error when actually invoked:
unable to find PID field in ps output. try a different set of ps arguments
Cause: commit 6cb1c31d (PR #400) has to check PIDs in order to
filter those in the container.
Solution: add 'pid' to the list of requested output fields in
the sample command.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Closes: #457
Approved by: rhatdan
update man page with example outputs. tidy up the man page
where applicable.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #429
Approved by: rhatdan
When trying to tag an alias (tag) of an image using only the shortname
and no tag, we were unable to find the image in storage. This corrects
that issue and adds an integration test to protect against regression. I
also updated the man page per the filed issue.
While writing the integration test, I discovered that inspect could also
not find a tagged image without its :tag.
Resolves Issue #385
Resolves Issue #384
Signed-off-by: baude <bbaude@redhat.com>
Closes: #398
Approved by: mheon
--image-volumes tells podman what to do with the image volumes in the image config
There are 3 options: bind, tmpfs, and ignore
bind puts the volume contents in /var/lib/containers/storage/container-id/volumes/vol-dir
and bind mounts it into the container at /vol-dir
tmpfs mounts /vol-dir as a tmps into the container
ignore doesn't mount the image volumes onto the container
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #377
Approved by: rhatdan
Inspect should be able to inspect one or more containers depending
on the user input. Therefore, inspect output should be in array
format so the consumer could potentially iterate it. This PR allows
users to specify one more or containers|images|or a mix for
inspection. The output, as stated, is therefore in array form. This
holds true even for a singular image.
In the case that the user enters an invalid container|image "name", we
handle that gracefully. Podman will output json for the valid names
until it reaches the invalid one. For example:
In this case, podman will out the json for alpine and then print an
error about 123 being invalid. It will not continute onto busybox.
This behavior imatates docker.
This addresses issue #360
Signed-off-by: baude <bbaude@redhat.com>
Closes: #371
Approved by: baude
When using podman to pull an image, print the image id after
the image is pulled.
Resolves issue #329
Signed-off-by: baude <bbaude@redhat.com>
Closes: #342
Approved by: rhatdan
Changing these fields caused the output of podman inspect to more
closely match docker inspect.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #306
Approved by: mheon
Fix issues with tailing of container logs as described
in issue #16. Also add in the ability to use a duration or
known time stamp formats for the --since flag.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #317
Approved by: mheon
sudo is not required when running as root, and # indicates
that you are already root. $ indicates you are not root.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Valentin Rothberg
Daniel J Walsh
Matthew Heon
haircommander
TomSweeneyRedHat
Micah Abbott
baude
Giuseppe Scrivano
William Zhang
umohnani8
W. Trevor King
Joe Doss
Peter Oliver
Nathan Williams
Matthew Heon
Ed Santiago