The --read-only-tmpfs option caused podman to mount tmpfs on /run, /tmp, /var/tmp
if the container is running int read-only mode.
The default is true, so you would need to execute a command like
--read-only --read-only-tmpfs=false to turn off this behaviour.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
integration of healthcheck into create and run as well as inspect.
healthcheck enhancements are as follows:
* add the following options to create|run so that non-docker images can
define healthchecks at the container level.
* --healthcheck-command
* --healthcheck-retries
* --healthcheck-interval
* --healthcheck-start-period
* podman create|run --healthcheck-command=none disables healthcheck as
described by an image.
* the healthcheck itself and the healthcheck "history" can now be
observed in podman inspect
* added the wiring for healthcheck history which logs the health history
of the container, the current failed streak attempts, and log entries
for the last five attempts which themselves have start and stop times,
result, and a 500 character truncated (if needed) log of stderr/stdout.
The timings themselves are not implemented in this PR but will be in
future enablement (i.e. next).
Signed-off-by: baude <bbaude@redhat.com>
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
With later changes of Podman, you can now use both the
--rm and --detach in a single run command. This PR removes
the documentation in the man pages saying this is not
allowed.
Fixes: #2601
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
First pass of entries for the Examples listed in the Cobra
Help. Will add others in following PR's.
Lots of users are attempting to run systemd within a container. They are
being blocked from running SELinux systems since they need the
container_manage_cgroup which is not enabled by default.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add support for executing an init binary as PID 1 in a container to
forward signals and reap processes. When the `--init` flag is set for
podman-create or podman-run, the init binary is bind-mounted to
`/dev/init` in the container and "/dev/init --" is prepended to the
container's command.
The default base path of the container-init binary is `/usr/libexec/podman`
while the default binary is catatonit [1]. This default can be changed
permanently via the `init_path` field in the `libpod.conf` configuration
file (which is recommended for packaging) or temporarily via the
`--init-path` flag of podman-create and podman-run.
[1] https://github.com/openSUSE/catatonitFixes: #1670
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
We need to recommend that users use Systemd unit files if they want
the container to restart automatically.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
when a user specifies --pod to podman create|run, we should create that pod
automatically. the port bindings from the container are then inherited by
the infra container. this signicantly improves the workflow of running
containers inside pods with podman. the user is still encouraged to use
podman pod create to have more granular control of the pod create options.
Signed-off-by: baude <bbaude@redhat.com>
We now default to setting storage options to "nodev", when running
privileged containers, we need to turn this off so the processes can
manipulate the image.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Also update some missing fields libpod.conf obtions in man pages.
Fix sort order of security options and add a note about disabling
labeling.
When a process requests a new label. libpod needs to reserve all
labels to make sure that their are no conflicts.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1406
Approved by: mheon
All bash examples are now placed in a code section (```). The PS1
prompt is set to `$`.
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1375
Approved by: rhatdan
- second heading
- consistent mail addresses <user@domain.com>
- change order with latest changes first
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1375
Approved by: rhatdan
The `--rm` flag will only cause a container to be removed when it has
been created and started successfully. Otherwise, it will not be
removed to allow the container to be inspected and to analyze the root
cause of the failure. Document those semantics more clearly in the
manpages to avoid confusion for users.
Fixes: #1359
Signed-off-by: Valentin Rothberg <vrothberg@suse.com>
Closes: #1362
Approved by: rhatdan
podman does not support nocopy so remove reference in the man page.
podman build now supports --isolation, so add documentation.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1225
Approved by: TomSweeneyRedHat
podman now supports --volumes-from flag, which allows users
to add all the volumes an existing container has to a new one.
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #931
Approved by: mheon
man-pages(7) has [1]:
> For commands, this shows the syntax of the command and its arguments
> (including options); boldface is used for as-is text and italics are
> used to indicate replaceable arguments. Brackets ([]) surround
> optional arguments, vertical bars (|) separate choices, and ellipses
> (...) can be repeated.
I've adjusted our SYNOPSIS entries to match that formatting, and
generally tried to make them more consistent with the precedent set by
the man-pages project. Outside of the SYNOPSIS entry, I prefer using
backticks for literals, although in some places I've left the **
bolding to keep things visually similar to a nearby SYNOPSIS entry.
[1]: http://man7.org/linux/man-pages/man7/man-pages.7.html
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #1027
Approved by: rhatdan
Went through the docs and fixed the alignment so they
all match up and look readable when doing 'man podman [command]"
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #943
Approved by: rhatdan
Also add annotations from the image the container was created
from.
Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
Closes: #886
Approved by: rhatdan
Format md files to work properly when converted to man pages.
Add sed command to cleanup table in podman man page.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #842
Approved by: mheon
This fixes an issue where if you did
man -k podman-run
podman-run (1) - (unknown subject)
Now you will see
man -k podman-run
podman-run (1) - Run a command in a new container
More importantly
man -k containers | grep podman
podman (1) - Simple management tool for containers and images
podman-kill (1) - Kills one or more containers with a signal
podman-pause (1) - Pause one or more containers
podman-ps (1) - Prints out information about containers
podman-rm (1) - Remove one or more containers
podman-start (1) - Start one or more containers
podman-stats (1) - Display a live stream of 1 or more containers' resource usage statistics
podman-stop (1) - Stop one or more containers
podman-unpause (1) - Unpause one or more containers
podman-wait (1) - Waits on one or more containers to stop and prints exit code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #676
Approved by: mheon
podman does not support autorestart. Should use systemd if you
want containers to restart
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #487
Approved by: edsantiago
--image-volumes tells podman what to do with the image volumes in the image config
There are 3 options: bind, tmpfs, and ignore
bind puts the volume contents in /var/lib/containers/storage/container-id/volumes/vol-dir
and bind mounts it into the container at /vol-dir
tmpfs mounts /vol-dir as a tmps into the container
ignore doesn't mount the image volumes onto the container
Signed-off-by: umohnani8 <umohnani@redhat.com>
Closes: #377
Approved by: rhatdan
podman command has storage options as a global option,
these should be set there, rather then in the create and
run commands.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #234
Approved by: baude
Also add --quiet option to kpod create/run since
this will help with writing tests.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #140
Approved by: TomSweeneyRedHat
James Cassell
Daniel J Walsh
Matthew Heon
Jhon Honce
baude
TomSweeneyRedHat
Debarshi Ray
Valentin Rothberg
OpenShift Merge Robot
Giuseppe Scrivano
Qi Wang
Matthew Heon
Valentin Rothberg
umohnani8
W. Trevor King
Ed Santiago