Two versions: one for container-related commands, one for pods.
The container one is easy: all versions matched, so I made no
changes.
The pod one is hard to review. I went with the pod-clone
version because the pod-create one looks suspicious: it
talks in terms of containers, not pods. It's possible
that I've got it wrong, and that these two cannot be
combined, so please review very carefully. I strongly
recommend using hack/markdown-preprocess-review for this one.
Signed-off-by: Ed Santiago <santiago@redhat.com>
I chose the version from podman-run because it is the most
up-to-date, and most correct wrt current syntax guidelines.
Differences are in arg description, language, and asterisks.
Signed-off-by: Ed Santiago <santiago@redhat.com>
The Linux implementation uses /proc/stat - the FreeBSD equivalent is
quite different where this information is exposed via sysctl.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
Allow end users to preprocess default environment variables before
injecting them into container using `--env-merge`
Usage
```
podman run -it --rm --env-merge some=${some}-edit --env-merge
some2=${some2}-edit2 myimage sh
```
Closes: https://github.com/containers/podman/issues/15288
Signed-off-by: Aditya R <arajan@redhat.com>
`systemd-tmpfiles` reads "user" configurations in
`/usr/share/user-tmpfiles.d` when `--user` mode is set.
User unit `systemd-tmpfiles-setup.service` can be enabled to alias
rootless socket through systemd-tmpfiles.
Signed-off-by: SeongChan Lee <foriequal@gmail.com>
Rootless Docker daemon exposes its API socket on
`$XDG_RUNTIME_DIR/docker.sock`. On tmpfiles.d, `%t` is same as
`$XDG_RUNTIME_DIR` in `--user` mode, and `/run` otherwise.
We can reuse the same config file for both mode with this change.
Signed-off-by: SeongChan Lee <foriequal@gmail.com>
This commit includes the initial addition of a .packit.yaml which will
run scratch builds for active Fedora releases which get the latest
Podman using Fedora's official packaging sources.
More packit integration to come in the future.
[NO NEW TESTS NEEDED]
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
Also, do a general cleanup of all the timeout code. Changes
include:
- Convert from int to *uint where possible. Timeouts cannot be
negative, hence the uint change; and a timeout of 0 is valid,
so we need a new way to detect that the user set a timeout
(hence, pointer).
- Change name in the database to avoid conflicts between new data
type and old one. This will cause timeouts set with 4.2.0 to be
lost, but considering nobody is using the feature at present
(and the lack of validation means we could have invalid,
negative timeouts in the DB) this feels safe.
- Ensure volume plugin timeouts can only be used with volumes
created using a plugin. Timeouts on the local driver are
nonsensical.
- Remove the existing test, as it did not use a volume plugin.
Write a new test that does.
The actual plumbing of the containers.conf timeout in is one line
in volume_api.go; the remainder are the above-described cleanups.
Signed-off-by: Matthew Heon <mheon@redhat.com>
I chose the version from podman-create. (This is unusual. podman-run
tends to have the better-maintained, more up-to-date version.)
Signed-off-by: Ed Santiago <santiago@redhat.com>
A NOP option. I chose the container word, of course, and the
word 'option' instead of 'flag'. I also hyphenated where needed.
I'm choosing to eliminate the "not on remote" text, because I
don't think it's true: podman-remote happily accepts that
flag on all those commands, including build. (It's marked
as hidden on build, but still accepted).
Signed-off-by: Ed Santiago <santiago@redhat.com>
For FreeBSD, we need the name of the 'network jail' which is the parent
of all containers in a pod. Having a separate jail for the network
configuration also simplifies the implementation of CNI plugins so we
use this pattern for solitary containers as well as pods.
[NO NEW TESTS NEEDED]
Signed-off-by: Doug Rabson <dfr@rabson.org>
Only on podman create and run: the --cpus option on container-clone
and pod-clone can probably be combined, but maybe later. pod-create
has unique wording that can't be combined.
This is a freebie to review: the text in both files was already
identical, and I made no changes to it. hack/markdown-preprocess-review
will agree, and show you no diffs, because there are none worth
seeing.
Signed-off-by: Ed Santiago <santiago@redhat.com>
`podman kube play` can create pods and containers from YAML
read from a URL poiniting to a YAML file.
For example: `podman kube play https://example.com/demo.yml`.
`podman kube down` can also teardown pods and containers created
from that YAML file by also reading YAML from a URL, provided the
YAML file the URL points to has not been changed or altered since
it was used to create pods and containers
Closes#14955
Signed-off-by: Niall Crowe <nicrowe@redhat.com>
When using remote podman client, not all transports work as expected. So
document this limitation.
Fixes: containers/podman#15141
Signed-off-by: Tomas Volf <tomas.volf@showmax.com>
Support inspecting image healthcheck using docker supported
`.Config.HealthCheck` by aliasing field to `.HealthCheck`
Now supports
```Console
podman image inspect -f "{{.Config.Healthcheck}}" imagename
```
Closes: https://github.com/containers/podman/issues/14661
Signed-off-by: Aditya R <arajan@redhat.com>
When an unsupported limit on cgroups V1 rootless systems
is requested, podman prints an warning message and
ignores the option/flag.
```
Target options/flags:
--cpu-period, --cpu-quota, --cpu-rt-period, --cpu-rt-runtime,
--cpus, --cpu-shares, --cpuset-cpus, --cpuset-mems, --memory,
--memory-reservation, --memory-swap, --memory-swappiness,
--blkio-weight, --device-read-bps, --device-write-bps,
--device-read-iops, --device-write-iops, --blkio-weight-device
```
Related to https://github.com/containers/podman/discussions/10152
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
Refactor the RawInput process of the `rm` and
`start` subcommands, like the other subcommands
such as `restart, stop, etc`.
[NO NEW TESTS NEEDED]
Signed-off-by: Toshiki Sonoda <sonoda.toshiki@fujitsu.com>
Much like --cidfile (#15414), --pod-id-file has two meanings.
One is used in pod-related commands, one in container ones.
Both meanings read the file, so the read/write split used
in --cidfile is not applicable here.
podman-pod-create keeps its --pod-id-file option because
that one cannot be refactored: that's the only command (now)
that writes a pod-id file.
Reviewable using hack/markdown-preprocess-review but I
did take some liberties with the #### args because they
were wrong. And, since I had to much with the description
text anyway (resulting in diffs), I also took the liberty
of cleaning up a double space.
Signed-off-by: Ed Santiago <santiago@redhat.com>
I've been doing the man-page cleanup distractedly, while
fighting other fires, and submitted some crap:
* #15339: I used single angle brackets, not double
* #15407: I only refactored --cert-dir from some man pages, not all
Easy to review with hack/markdown-preprocess-review, because all the
removed texts are identical. The only diff is that container-certs.d
is now a link.
Sorry about that. I'm going to spend more time being careful.
Signed-off-by: Ed Santiago <santiago@redhat.com>
OpenShift Merge Robot