The hostname `host.containers.internal` is way easier to remember and should IMHO be preferred to be used, as it is:
a) easier to remember than some random IP
b) if the IP changes some time in the future the container will continue to work
And explain hostname adding in more detail
As per @mheon's suggestion.
And explain hostname adding *reason*
Also implies an suggestion for using the hostname instead.
And port change from podman-create man page to podman-run, too
Signed-off-by: rugk <rugk+git@posteo.de>
You've renamed your branch from master to main and thus this URL here did not work anymore and caused a glitch in displaying the image in the docs.
Signed-off-by: rugk <rugk+git@posteo.de>
Remove outdated information on go bindings. Moved the tips for
debugging into the REAME and tidied up relevant links.
Fixes: #9334
[CI_DOCS]
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
First, make podman diff accept optionally a second argument. This allows
the user to specify a second image/container to compare the first with.
If it is not set the parent layer will be used as before.
Second, podman container diff should only use containers and podman
image diff should only use images. Previously, podman container diff
would use the image when both an image and container with this name
exists.
To make this work two new parameters have been added to the api. If they
are not used the previous behaviour is used. The same applies to the
bindings.
Fixes#10649
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Clarify in the man page that podman-search is not generally realiable
way of determining the presence/existence of an image. The results of
the v1 and the v2 endpoints depend on the implementation of each
registry; the semantics are not really specified. Some registries may
not support search at all as it's not part of the OCI dist spec.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1978556
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
feat: read secret config from config file if the user hasn't entered
explicit config values
feat: allow to specify `--driver-opts opt1=val1,opt2=val2` in the secret
create command to allow overriding the default values
fix: show driver options in `podman secret inspect`
Signed-off-by: Tino Rusch <tino.rusch@gmail.com>
Added logic and handling for two new Podman pod create Flags.
--cpus specifies the total number of cores on which the pod can execute, this
is a combination of the period and quota for the CPU.
--cpuset-cpus is a string value which determines of these available cores,
how many we will truly execute on.
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
The man pages of podman push/pull were incomplete in explaining all
supported transports. To keep things simple, explain the defaults,
refer to containers-transports(5) and give some examples.
Fixes: #10730
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Insisting on “DCO” imposes formalities, that serve self-purpose. One cannot
assume that the submitter has time or will to read texts about symbolism in
software contributions. If the system wants to see the text
nrEAUIEUAIe eanuitdnuae EAIUEAUIAIE »ℓ§444.3.72b)°»°ℓ§euaieauuae
in each commit, people will write this, or any other text, that the system wants to
see. All such text, which presence is mandated by the system, has the same value.
Signed-off-by: Дилян Палаузов <git-dpa@aegee.org>
MANPAGE_SYNTAX was edited.
The following manpages have been adapted to the MANPAGE_SYNTAX:
- podman-container-prune
- podman-container-restore
The following manpages have had little changes:
- podman-attach
- podman-auto-update
- podman-commit
- podman-completion
- podman-container-checkpoint
- podman-container-cleanup
- podman-container-exists
Signed-off-by: Alexander Richter <67486332+Procyhon@users.noreply.github.com>
The following manpages have been adapted to the MANPAGE_SYNTAX:
- podman-completion
- podman-container-checkpoint
- podman-container-cleanup
- podman-container-exists
The following manpages have had little changes:
- podman-attach
- podman-commit
- MANPAGE_SYNTAX
- Makefile
Signed-off-by: Alexander Richter <67486332+Procyhon@users.noreply.github.com>
Insisting on “DCO” imposes formalities, that serve self-purpose. One cannot
assume that the submitter has time or will to read texts about symbolism in
software contributions. If the system wants to see the text
nrEAUIEUAIe eanuitdnuae EAIUEAUIAIE »ℓ§444.3.72b)°»°ℓ§euaieauuae
in each commit, people will write this, or any other text, that the system wants to
see. All such text, which presence is mandated by the system, has the same value.
Signed-off-by: Дилян Палаузов <git-dpa@aegee.org>
crun 0.20.1 changed an error message that we relied on. Deal
with it by accepting the old and new message.
Also (unrelated): sneak in some doc fixes to get rid of
nasty go-md2man warnings that have crept into man pages.
Signed-off-by: Ed Santiago <santiago@redhat.com>
This just reorders the options in the podman-container-checkpoint man
page alphabetically. No actual content changed.
Signed-off-by: Adrian Reber <areber@redhat.com>
Updated version for the MANPAGE_SYNTAX and adaption of the syntax for
the manpages of podman-commit, podman-attach, and podman-auto-update.
Signed-off-by: Alexander Richter <67486332+Procyhon@users.noreply.github.com>
This change makes secrets and machine handling match the handling of
other subcommands of Podman.
Possible fixes: https://github.com/containers/podman/issues/10513
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The code for mounts.conf including the man page lives in
containers/common, so remove it from Podman to prevent
divergence among the two repositories.
Fixes: #10512
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Commit 748826fc88 fixed a bug where slow mounting of the runroot was
causing issues when the units are started at boot. The fix was to add
the container's runroot to the required mounts; the graph root has been
added as well.
Hard-coding the run- and graphroot to the required mounts, however,
breaks the portability of units generated with --now. Those units are
intended to be running on any machine as, theoreticaly, any user.
Make the mounts portable by using the `%t` macro for the run root.
Since the graphroot's location varies across root and ordinary users,
drop it from the list of required mounts. The graphroot was not causing
issues.
Fixes: #10493
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Point to containers-certs.d(5) for details on the default paths, the
lookup logic and the structure of these directories. Previously, the
man pages stated that the default path would be in `/etc/containers/...`
which is not entirely and a red herring for users (see #10116).
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Fixes: https://github.com/containers/podman/issues/10393
Currently if a user specifies a --root flag to override the location of
the container storage, we still enforce the storage-opts from
storage.conf. This causes issues with people trying to intereact with
the additional stores feature, and then forces them to use the obscure
--storage-opt="" option. I belive this should be the default and we
already do this when the user specifies the --storage-driver option.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
A conversation on the customer portal suggests that to add an extra note
about the requirement of XDG_RUNTIME_DIR to be set.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Support UID, GID, Mode options for mount type secrets. Also, change
default secret permissions to 444 so all users can read secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
Fix a regression in `podman image prune` where unused images were
accidentally removed even when `--all=false`. Extend and partially
rewrite the e2e tests to make sure we're not regressing again in the
future.
Fixing the aforementioned issue revealed another issue in the default
prune filter. While prune should remove all "dangling" images (i.e.,
those without tag), it removed only "intermediate" ones; dangling images
without children. Remove the mistaken comment from the libimage
migration.
Also clarify the help message and man page.
Fixes: #10350
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Remove the word `consumption` and give a better description for the
first line of the introduction page.
Fixes: #10325
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Developers asked for a deterministic field to verify if podman is
running via API or linked directly to libpod library.
$ podman info --format '{{.Host.ServiceIsRemote}}'
false
$ podman-remote info --format '{{.Host.ServiceIsRemote}}'
true
$ podman --remote info --format '{{.Host.ServiceIsRemote}}'
true
* docs/conf.py formatted via black
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Commit 800a2e2d35 introduced a way to disable the conversion of `--`into
an en dash on docs.podman.io, so the ugly workaround of escaping the
dashes is no longer necessary.
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
Once we settle on the wording for short-names in podman-pull, I will
add the same section to all of the podman commands that use pull.
Also ran through all man pages with a spell checker.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
In the case of generate kube the auto-update labels will be converted into kube annotations and for play kube they will be converted back to labels since that's what podman understands
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
In the documentation source `--` is only used in long option names or
console output. Currently any unescaped `--` that's not in a code
block/inline gets converted into a single "en dash". This is confusing
to the reader because long options start with two dashes, not one.
This switches off the dash transformation in Sphinx. Quotation marks,
apostrophes and ellipses are still transformed as before.
It also switches off all smart transforms in the podman-remote windows
documentation build. This matches the Linux man page build, which
doesn't use smart transforms.
Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
Env var secrets are env vars that are set inside the container but not
commited to and image. Also support reading from env var when creating a
secret.
Signed-off-by: Ashley Cui <acui@redhat.com>
We probably should put a whole bunch of other documentation in man
pages about containers.conf, but let's settle on this description
before we go add other docs.
Helps with: https://github.com/containers/podman/issues/2669
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Migrate the Podman code base over to `common/libimage` which replaces
`libpod/image` and a lot of glue code entirely.
Note that I tried to leave bread crumbs for changed tests.
Miscellaneous changes:
* Some errors yield different messages which required to alter some
tests.
* I fixed some pre-existing issues in the code. Others were marked as
`//TODO`s to prevent the PR from exploding.
* The `NamesHistory` of an image is returned as is from the storage.
Previously, we did some filtering which I think is undesirable.
Instead we should return the data as stored in the storage.
* Touched handlers use the ABI interfaces where possible.
* Local image resolution: previously Podman would match "foo" on
"myfoo". This behaviour has been changed and Podman will now
only match on repository boundaries such that "foo" would match
"my/foo" but not "myfoo". I consider the old behaviour to be a
bug, at the very least an exotic corner case.
* Futhermore, "foo:none" does *not* resolve to a local image "foo"
without tag anymore. It's a hill I am (almost) willing to die on.
* `image prune` prints the IDs of pruned images. Previously, in some
cases, the names were printed instead. The API clearly states ID,
so we should stick to it.
* Compat endpoint image removal with _force_ deletes the entire not
only the specified tag.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Want to allow users to specify --security-opt unmask=/proc/*.
This allows us to run podman within podman more securely, then
specifing umask=all, also gives the user more flexibilty.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a new --mac-address flag to podman play kube. This is used to specify
a static MAC address which should be used for the pod. This option can be
specified several times because play kube can create more than one pod.
Fixes#9731
Signed-off-by: Paul Holzinger <paul.holzinger@web.de>
changed struct to policyMapper
change "image" to "registry" in multiple locations
Updated documentation with registry alias & autoupdate local
Added relevant test
Signed-off-by: Parker Van Roy <pvanroy@redhat.com>
Only one VM can be up at a time. If another VM is running, or the current VM is running, error out on a podman machine start
[NO TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
When building Sphinx HTML docs, preprocess markdown files and convert
pandoc-style title lines into recommonmark eval_rst blocks
This gives command HTML pages the same title as the equivalent manpage
Fixes: containers/podman.io#385
Signed-off-by: Rob Cowsill <42620235+rcowsill@users.noreply.github.com>
This option allows users to specify the maximum amount of time to run
before conmon sends the kill signal to the container.
Fixes: https://github.com/containers/podman/issues/6412
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently we have rootless users who want to leak their groups access
into containers, but this group access is only able to be pushed in by
a hard to find OCI Runtime annotation. This PR makes this option a lot
more visable and hides the complexity within the podman client.
This option is only really needed for local rootless users. It makes
no sense for remote clients, and probably makes little sense for
rootfull containers.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
OpenShift Merge Robot
rugk
Brent Baude
Mehul Arora
Paul Holzinger
Valentin Rothberg
Matej Vasek
Jhon Honce
Tino Rusch
Alexander Richter
cdoern
Daniel J Walsh
Дилян Палаузов
Kye Shi
flouthoc
Ed Santiago
Adrian Reber
Boaz Shuster
Ashley Cui
Paul Holzinger
TomSweeneyRedHat
Jakub Guzik
Eduardo Vega
Rob Cowsill
Parker Van Roy
Erik Sjölund