podman network create --subnet, --gateway and --ip-range can now be
specified multiple times to join the network to more than one subnet.
This is very useful if you want to use a dual stack network and assign a
fixed ipv4 and ipv6 subnet. The order of the options is important here,
the first --gateway/--ip-range will be assigned to the first subnet and
so on.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Bumps Buildah to v1.24.0 and adopts the new values for pull:
true, false, never, and always. The pull-never and pull-always options
for the build command are still usable, but they have been removed from
the man page documentation with this change.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This commit includes:
* Handlers for generate systemd unit
with manually defined dependencies such as:
Wants=, After= and Requires=
* The new unit and e2e tests for checking generated systemd units
for container and pod with custom dependencies
* Documented descriptions for custom dependencies options
Signed-off-by: Eugene (Evgenii) Shubin <esendjer@gmail.com>
Since this option will also be used for netavark we should rename it to
something more generic. It is important that --cni-config-dir still
works otherwise we could break existing container cleanup commands.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
add a check in namespaceOptions() that ensures the user is not setting a new uid/gid map
if entering or creating a pod that has an infra container
resolves#12669
Signed-off-by: cdoern <cdoern@redhat.com>
added support for pod wide sysctls. The sysctls supported are the same as the continer run controls.
These controls are only valid if the proper namespaces are shared within the pod, otherwise only the infra ctr gets the sysctl
resolves#12747
Signed-off-by: cdoern <cdoern@redhat.com>
This option causes Podman to not only remove the specified containers
but all of the containers that depend on the specified
containers.
Fixes: https://github.com/containers/podman/issues/10360
Also ran codespell on the code
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add the --ipv6 flag to podman create/run and pod create. We support the
--network name:ip6=<ip> syntax now but for docker compat we should also
support the --ip6 flag.
Note that there is no validation if the ip is actually a v6 or v4 address
because the backend does not care either.
Fixes#7511
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Use the same type of mounts for all the machine volumes.
The default could change in the future, depending on OS.
[NO NEW TESTS NEEDED]
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
Allow using the built-in 9pfs feature of qemu,
mounting host directories into vm mountpoints.
The volumes are generic, the mounts are specific.
Wait for the machine to be "running", otherwise
the SSH function might throw an error instead.
Increase the default msize from 8 KiB to 128 KiB
[NO NEW TESTS NEEDED]
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
Added support for pod security options. These are applied to infra and passed down to the
containers as added (unless overridden).
Modified the inheritance process from infra, creating a new function Inherit() which reads the config, and marshals the compatible options into an intermediate struct `InfraInherit`
This is then unmarshaled into a container config and all of this is added to the CtrCreateOptions. Removes the need (mostly) for special additons which complicate the Container_create
code and pod creation.
resolves#12173
Signed-off-by: cdoern <cdoern@redhat.com>
Some containers require certain user account(s) to exist within the
container when they are run. This option will allow callers to add a
bunch of passwd entries from the host to the container even if the
entries are not in the local /etc/passwd file on the host.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1935831
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Clarify the semantics of the `io.podman.annotations.seccomp` annotation
which is set when a container has been created with a custom seccomp
profile.
Fixes: #12671
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
CRIU's pre-copy migration support relies on the soft dirty page tracking
in the Linux kernel:
https://www.kernel.org/doc/Documentation/vm/soft-dirty.txt
This functionality is not implemented for all architectures and it can
also be turned off in the kernel.
CRIU can check if the combination of architecture/kernel/CRIU supports
the soft dirty page tracking and exports this feature checking
functionality in go-criu.
This commit adds an early check if the user selects pre-copy
checkpointing to error out if the system does not support it.
Signed-off-by: Adrian Reber <areber@redhat.com>
added support for a new flag --passwd which, when false prohibits podman from creating entries in
/etc/passwd and /etc/groups allowing users to modify those files in the container entrypoint
resolves#11805
Signed-off-by: cdoern <cdoern@redhat.com>
At some places the checkpoint restore man pages were using the markdown
modifier `**` inside `*..*`. This does not seem to work as intended and
results in markdown modifiers present in the final man page. Switching
to `__` inside of `*..*` seems to fix this.
Signed-off-by: Adrian Reber <areber@redhat.com>
Checkpoint a container using systemd as entrypoint will probably result
in an error as CRIU cannot handle all the resources latest systemd uses.
This updates the checkpoint man page with this information.
Signed-off-by: Adrian Reber <areber@redhat.com>
Added an option to podman machine init to declare the timezone of the
resulting machine. the default is to use the value of the host name or
else a given timezone name like America/Chicago.
Fixes: #11895
Signed-off-by: Brent Baude <bbaude@redhat.com>
[NO NEW TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
We currently do not show --external containers when the user specifies
it, unless they also specify the --all flag. This has led to confusion.
I see no reason not to list them without the --all flag if the user
specifies the option.
Fixes: https://github.com/containers/podman/issues/12353
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Rework the --network parse logic to support multiple networks with
specific network configuration settings.
--network can now be set multiple times. For bridge network mode the
following options have been added:
- **alias=name**: Add network-scoped alias for the container.
- **ip=IPv4**: Specify a static ipv4 address for this container.
- **ip=IPv6**: Specify a static ipv6 address for this container.
- **mac=MAC**: Specify a static mac address address for this container.
- **interface_name**: Specify a name for the created network interface inside the container.
So now you can set --network bridge:ip=10.88.0.10,mac=44:33:22:11:00:99
for the default bridge network as well as for network names.
This is better than using --ip because we can set the ip per network
without any confusion which network the ip address should be assigned
to.
The --ip, --mac-address and --network-alias options are still supported
but --ip or --mac-address can only be set when only one network is set.
This limitation already existed previously.
The ability to specify a custom network interface name is new
Fixes#11534
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Network connect now supports setting a static ipv4, ipv6 and mac address
for the container network. The options are added to the cli and api.
Fixes#9883
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
- Don't pointlessly repeat the names
- Improve documentation of the formats
- Use a table, per MANPAGE_SYNTAX.md
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
rootlessNetNS.Cleanup() has an issue with how it detects if cleanup
is needed, reading the container state is not good ebough because
containers are first stopped and than cleanup will be called. So at one
time two containers could wait for cleanup but the second one will fail
because the first one triggered already the cleanup thus making rootless
netns unavailable for the second container resulting in an teardown
error. Instead of checking the container state we need to check the
netns state.
Secondly, podman unshare --rootless-netns should not do the cleanup.
This causes more issues than it is worth fixing. Users also might want
to use this to setup the namespace in a special way. If unshare also
cleans this up right away we cannot do this.
[NO NEW TESTS NEEDED]
Fixes#12459
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Replace `multi-user.target` with `default.target` across the code base.
It seems like the multi-user one is not available for (rootless) users
on F35 anymore is causing issues in all kinds of ways, for instance,
enabling the podman.service or generated systemd units.
Fixes: #12438
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add a new flag to set the start timeout for a generated systemd unit.
To make naming consistent, add a new --stop-timeout flag as well and let
the previous --time map to it.
Fixes: #11618
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Add a note to the generated kube yaml if we detect a
volume is being mounted. The note lets the user know
what needs to be done to avoid permission denied error
when trying to access the volume for an unprivileged
container.
Add the same note to the man pages.
NO NEW TESTS NEEDED
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
Add a note to show how to workaround the `--tz` option
being ignored in the run command.
Related to: https://bugzilla.redhat.com/show_bug.cgi?id=1984251
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
There are at least two runtimes that support checkpoint and restore:
runc and crun. Although the checkpoints created by these are almost
compatible, it is not (yet) possible to restore a checkpoint created
with one runtime with the other runtime. To make checkpoint/restore
usage more comfortable this adds code to look into the checkpoint
archive during restore and to set the runtime to the one used during
checkpointing.
This also adds a check, if the user explicitly sets a runtime during
restore, that the runtime is also the same as used during checkpointing.
If a different runtime is selected than the one used during
checkpointing the restore will fail early.
If runc and crun will create compatible checkpoints in the future the
check can be changed to treat crun and runc as compatible
checkpoint/restore runtimes.
Signed-off-by: Adrian Reber <areber@redhat.com>
There is a problem with creating and storing the exit command when the
container was created. It only contains the options the container was
created with but NOT the options the container is started with. One
example would be a CNI network config. If I start a container once, then
change the cni config dir with `--cni-config-dir` ans start it a second
time it will start successfully. However the exit command still contains
the wrong `--cni-config-dir` because it was not updated.
To fix this we do not want to store the exit command at all. Instead we
create it every time the conmon process for the container is startet.
This guarantees us that the container cleanup process is startet with
the correct settings.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
CRIU supports checkpoint/restore of file locks. This feature is
required to checkpoint/restore containers running applications
such as MySQL.
Signed-off-by: Radostin Stoyanov <radostin@redhat.com>
pass down the "idmap" mount option to the OCI runtime.
Needs: https://github.com/containers/crun/pull/780
Closes: https://github.com/containers/podman/issues/12154
[NO NEW TESTS NEEDED] there is no crun version yet that support the
new feature.
Test case (must run as root):
podman run --rm -v foo:/foo alpine touch /foo/bar
podman run --uidmap 0:1:1000 --rm -v foo:/foo:idmap alpine ls -l /foo
total 0
-rw-r--r-- 1 root root 0 Nov 15 14:01 bar
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
* Support `checkpoint --pre-checkpoint`
* Support `checkpoint --with-previous`
* Disable `restore --import-previous` for the remote client since we had
to send two files which in turn would require to tar them up and hence
be a breaking change. Podman 4.0 would be the chance and I hope we'll
find time before that to remote-restore prettier.
Note that I did not run over swagger yet to check whether all parameters
are actually documented due to time constraints.
Fixes: #12334
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Podman adds a few environment variables by default, and
currently there is no way to get rid of them from your container.
This option will allow you to specify which defaults you don't
want.
--unsetenv-all will remove all default environment variables.
Default environment variables can come from podman builtin,
containers.conf or from the container image.
Fixes: https://github.com/containers/podman/issues/11836
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit updates the man pages for checkpoint and restore to describe
the '--print-stats' parameter.
Signed-off-by: Adrian Reber <areber@redhat.com>
Fixed syntax so that podman image scp transfer works with no user specified.
This command can only be executed as root so to obtain the default user, I searched for
the SUDO_USER environmental variable. If that is not found, we error out and inform the user
to set this variable and make sure they are running as root
Signed-off-by: cdoern <cdoern@redhat.com>
Signed-off-by: cdoern <cbdoer23@g.holycross.edu>
Add new CI check to confirm that links and references
in SEE ALSO sections are properly formatted and that
links are valid (at least in theory: we do no actual
URL fetching to test for 404).
The check is piggybacked into existing xref-helpmsgs-manpages
script. It could conceivably be more elegant to write a
separate tool for this purpose, but I don't wish to duplicate
the logic for finding and reading markdown files.
Script identified various problems, which I fix in this PR:
. missing '**' (asterisks) around some references, or '**'
in the wrong place.
. links pointing to github.com/.../tree/ instead of /blob/
(github redirects those automatically, but I like
consistency)
. a few copy-paste errors, e.g. subgid linking to subuid.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Support downloading files, for instance via
`podman load -i server.com/image.tar`. The specified URL is downloaded
in the frontend and stored as a temp file that gets passed down to the
backend.
Also vendor in c/common@main to use the new `pkg/download`.
Fixes: #11970
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
A comment was made on internal mailing list about confusion on SELinux
labeling of volumes. This PR makes it a little more clear about when
you should or should not relabel.
We need a similar comment in podman pod create, but it does not support
--security-opt processing yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Added functionality for users to transfer images from root storage to rootless storage without using sshd. This is
done through rootful podman by running `sudo podman image scp root@localhost::image user@localhost:: the user is needed
in order to find and use their uid/gid to exec a new process.
added necessary tests, and functions for this implementation. Created new image function Transfer so that
the underlying code is majorly removed from CLI
Signed-off-by: cdoern <cdoern@redhat.com>
Since we want to use the rootless cni ns also for netavark we should
pick a more generic name. The name is now "rootless network namespace"
or short "rootless netns".
The rename might cause some issues after the update but when the
all containers are restarted or the host is rebooted it should work
correctly.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
So far, the infra containers of pods required pulling down an image
rendering pods not usable in disconnected environments. Instead, build
an image locally which uses local pause binary.
Fixes: #10354
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Kernel memory option has been depracated in runtime-spec, It is
believed that it will not work properly on certain kernels. runc
ignores it.
This PR removes documentation of the flag and also prints a warning if
a user uses it.
[NO NEW TESTS NEEDED]
Helps Fix: https://github.com/containers/podman/issues/12045
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If podman uses Workdir="/" or the workdir specified in the image, it
should not add it to the yaml.
If Podman find environment variables in the image, they should not
get added to the yaml.
If the container or pod do not have changes to SELinux we should not
print seLinuxOpt{}
If the container or pod do not change any dns options the yaml should
not have a dnsOption={}
If the container is not privileged it should not have privileged=false
in the yaml.
Fixes: https://github.com/containers/podman/issues/11995
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Stop using "*" to indicate default. Add default field to make
it more obvios and the json field more machine usable.
Fixes: https://github.com/containers/podman/issues/12019
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Made changes so that if the pod contains all exited containers and only infra is running, remove the pod.
resolves#11713
Signed-off-by: cdoern <cdoern@redhat.com>
Users enabling CONTAINER_HOST==PATH is indicating to podman they intend
to use remote functionality.
Fixes: https://github.com/containers/podman/issues/11196
Update man pages to document all of the environment variables.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Change the default format of `podman search` to only display the name
and the description of each image. The index is redundant to the name
and consumes a lot of space, and other descriptors (i.e., stars,
official, automated) are specific to Docker Hub and also consume a lot
space. Users can still use `--format` for displaying the descriptors
they want to.
Add a `--compatible` flag to offer an easy way to get them back.
Also update the man page to account for the behavior and get some fresh
data in the examples.
Motivated by a recent conversation in libimage:
https://github.com/containers/common/pull/802#issuecomment-937108734
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Cleanup some other errors in the podman build man page.
Also slip a link between .dockerignore and containerignore.5 man page
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
* JSON and API description fields are no longer truncated. Formatting
moved to client, better support of MVP.
* --no-trunc now defaults to true
* Updated tests for changes
Closes#11894
Signed-off-by: Jhon Honce <jhonce@redhat.com>
Add --time flag to podman container rm
Add --time flag to podman pod rm
Add --time flag to podman volume rm
Add --time flag to podman network rm
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
added support for a volumes from container. this flag just required movement of the volumes-from flag declaration
out of the !IsInfra block, and minor modificaions to container_create.go
Signed-off-by: cdoern <cdoern@redhat.com>
This option will setup the containers to not modify their /etc/hosts
file and just use the one from the image.
Fixes: https://github.com/containers/podman/issues/9500
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Users can set --pids-limit to -1 now to set unlimited
pids limit for a container - this matches the convention.
[NO TESTS NEEDED]
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
added the option for the user to specify a rate, in bytes, at which they would like to be able
to read from the device being added to the pod. This is the first in a line of pod device options.
WARNING: changed pod name json tag to pod_name to avoid confusion when marshaling with the containerspec's name
Signed-off-by: cdoern <cdoern@redhat.com>
it allows to pass the current std streams down to the container.
conmon support: https://github.com/containers/conmon/pull/289
[NO TESTS NEEDED] it needs a new conmon.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Update the descriptions of the --arch, --os, --variant, and --platform
options, since the last of those hasn't been a no-op for some time, and
it was recently extended to accept multiple values.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The :U flag can be used to change the ownership of source volumes based on
the UID, GID of the container. This is only supported by the --volume option,
this will allow to use --mount option as well.
Signed-off-by: Eduardo Vega <edvegavalerio@gmail.com>
Add an option to `podman save` to allow uncompressed layers when
copying OCI images. Do the neccessary plumbing for the remote client,
add tests and vendor in the latest commit from c/common to fetch
the neccessary changes in libimage.
Closes: #11613
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Adds a note about the limitation of network aliases to the man pages
This should satisfy https://issues.redhat.com/browse/RUN-1189
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
added support for pod devices. The device gets added to the infra container and
recreated in all containers that join the pod.
This required a new container config item to keep track of the original device passed in by the user before
the path was parsed into the container device.
Signed-off-by: cdoern <cdoern@redhat.com>
At this point and even though we are always improving the play and
generate kube functions, I would say it no longers needs to be denoted
as under development.
[NO TESTS NEEDED]
Signed-off-by: Brent Baude <bbaude@redhat.com>
Once we have this option, the new documentation from users becomes
a little simpler.
brew install podman
podman machine init --now
podman run ...
--now option is based off of `systemctl enable XYZ.service --now`
[NO TESTS NEEDED] The infrastructure has not been setup yet to test
podman machine init.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
allow users to specify what username to use when ssh-ing into the vm.
If the username flag is set, the username will be the flag value. If the
flag is not set and the the vm name is specified, the default user of
the vm will be used. if the flag is not set, and the vm name is not
specified, then the username of the default connection will be used.
Signed-off-by: Ashley Cui <acui@redhat.com>
* podman-inspect: make references be live links, not a static
list. Also, remove container- and image-inspect, because
those are NOPs.
* podman-pull: add a missing right-paren
* podman-search, podman: remove unwanted indentation from
some file descriptions. Markdown indentation renders as
one very very long line, requiring the user to use a
horizontal scroll bar to read the text. I searched
using grep '^ ' and eyeball-looking for text that
doesn't look like one-line code examples, and see
no more, but eyeball checks are fragile.
One bug remains: MyST renders mailto: links uglily. I can find
no way to fix this other than patching the source code.
Signed-off-by: Ed Santiago <santiago@redhat.com>
Standardize on no-trunc through the code.
Alias notruncate where necessary.
Standardize on the man page display of no-trunc.
Fixes: https://github.com/containers/podman/issues/8941
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add support for the ipvlan cni plugin. This allows us to create,
inspect and list ipvlan networks correctly.
Fixes#10478
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Support setting the macvlan mode with `podman network create -d macvlan
--opt mode=bridge`. This will correctly set the specified macvlan mode
in the cni conflist file.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Make use of the new network interface in libpod.
This commit contains several breaking changes:
- podman network create only outputs the new network name and not file
path.
- podman network ls shows the network driver instead of the cni version
and plugins.
- podman network inspect outputs the new network struct and not the cni
conflist.
- The bindings and libpod api endpoints have been changed to use the new
network structure.
The container network status is stored in a new field in the state. The
status should be received with the new `c.getNetworkStatus`. This will
migrate the old status to the new format. Therefore old containers should
contine to work correctly in all cases even when network connect/
disconnect is used.
New features:
- podman network reload keeps the ip and mac for more than one network.
- podman container restore keeps the ip and mac for more than one
network.
- The network create compat endpoint can now use more than one ipam
config.
The man pages and the swagger doc are updated to reflect the latest
changes.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Along with the name (id) and the version(_id)
But only show the information if is available
Examples: Fedora CoreOS, Ubuntu Focal
[NO TESTS NEEDED]
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
added support for the --volume flag in pods using the new infra container design.
users can specify all volume options they can with regular containers
resolves#10379
Signed-off-by: cdoern <cdoern@redhat.com>
Allows users to specify a readonly rootfs with :O, in exchange podman will create a writable overlay.
bump builah to v1.22.1-0.20210823173221-da2b428c56ce
[NO TESTS NEEDED]
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
The short option 'a' for the --all-tags option in the pull
page is not valid, remove it.
Addresses: #11536
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Kubernetes has a concept of init containers that run and exit before
the regular containers in a pod are started. We added init containers
to podman pods as well. This patch adds support for generating init
containers in the kube yaml when a pod we are converting had init
containers. When playing a kube yaml, it detects an init container
and creates such a container in podman accordingly.
Note, only init containers created with the init type set to "always"
will be generated as the "once" option deletes the init container after
it has run and exited. Play kube will always creates init containers
with the "always" init container type.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
In case the command inside the podman unshare env failed podman unshare
always exits with 125 and prints `Error: exit status 125`. This is a
bad user experience and makes it difficult to use in scripts which could
expect certain exit codes.
This commit makes sure podman unshare uses the same exit code as the
command and does not print the useless `exit status X` message.
Also to match podman run/exec it should return 126 for EPERM
and 127 for ENOENT.
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Commit 092902b455 introduced advanced network options for podman play
kube. However this never worked because it unconditionally set the
network mode to bridge after it parsed the network option.
Added a test to ensure the correct mode is set.
Truly fixes#10807
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
The macvlan driver is not deprecated, only the --macvlan flag is.
Remove the flag from the man page since it is deprecated and add a
warning to podman network create if it is used.
[NO TESTS NEEDED]
Fixes#11400
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Following PR adds support for `kubectl` like `pod logs` to podman.
Usage `podman pod logs <podIDorName` gives a stream of logs for all
the containers within the pod with **containername** as a field.
Just like **`kubectl`** also supports `podman pod logs -c ctrIDorName podIDorName`
to limit the log stream to any of the specificied container which belongs to pod.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
`generate systemd --new` is looking at the "create command" of the
container/pod which is simply the os.Args at creation time.
It does not work on containers or pods created via the REST API since
the create command is not set. `--new` does work on such containers and
pods since there is no reliable way to reverse-map their configs to
command-line arguments of podman.
Fixes: #11370
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
`podman cp` does not allow for globbing or filtering copied data in any
form. `docker cp` does not either, so Podman remains compatible. Due
to a number of requests, highlight how users can effectively achieve
that by means of chaining with tools such as xargs(1) or find(1), or by
making use of `podman mount`.
Closes: #11346Closes: #11194
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
InfraContainer should go through the same creation process as regular containers. This change was from the cmd level
down, involving new container CLI opts and specgen creating functions. What now happens is that both container and pod
cli options are populated in cmd and used to create a podSpecgen and a containerSpecgen. The process then goes as follows
FillOutSpecGen (infra) -> MapSpec (podOpts -> infraOpts) -> PodCreate -> MakePod -> createPodOptions -> NewPod -> CompleteSpec (infra) -> MakeContainer -> NewContainer -> newContainer -> AddInfra (to pod state)
Signed-off-by: cdoern <cdoern@redhat.com>
Following feature makes sure that users can load contents of external
tarball into the podman volumes.
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
add the ability for play kube to tear down based on the yaml used to
play it. it is indicated by --down in the play kube command. volumes
are NOT deleted during the teardown. pods and their containers are
stopped and removed.
Signed-off-by: Brent Baude <bbaude@redhat.com>
OpenShift Merge Robot
Paul Holzinger
Daniel J Walsh
Patrycja Guzik
tomsweeneyredhat
Erik Sjölund
esendjer
cdoern
Michael Hrivnak
Pavel Dostál
Anders F Björklund
Valentin Rothberg
Adrian Reber
Giuseppe Scrivano
Brent Baude
Jakub Guzik
Ondra Machacek
Miloslav Trmač
Jakub Dzon
Urvashi Mohnani
Radostin Stoyanov
cdoern
José Guilherme Vanz
Ed Santiago
Yahav Itzhak
Aditya Rajan
Giacomo Sanchietti
Ashley Cui
Stefan Weil
Junichi Uekawa
Boaz Shuster
Jhon Honce
Chen Zhiwei
Chris Evich
Nalin Dahyabhai
Eduardo Vega
flouthoc
Shion Tanaka
Jakub Guzik