opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-06 11:32:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update document formatting and packaging code

Browse Source 
* Refactored code and Makefile to support new docs layout
* Removed some old code packaging code
* Add Readme.md to document what we're doing

Signed-off-by: Jhon Honce <jhonce@redhat.com>
Signed-off-by: baude <bbaude@redhat.com>
This commit is contained in:
Jhon Honce
2019-10-29 17:27:12 -07:00
committed by baude
parent 52b92023ed
commit 486fcd4e1e
157 changed files with 195 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
docs/source/markdown/links/podman-container-attach.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-attach.1

1
docs/source/markdown/links/podman-container-commit.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-commit.1

1
docs/source/markdown/links/podman-container-cp.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-cp.1

1
docs/source/markdown/links/podman-container-create.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-create.1

1
docs/source/markdown/links/podman-container-diff.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-diff.1

1
docs/source/markdown/links/podman-container-exec.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-exec.1

1
docs/source/markdown/links/podman-container-export.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-export.1

1
docs/source/markdown/links/podman-container-init.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-init.1

1
docs/source/markdown/links/podman-container-inspect.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-inspect.1

1
docs/source/markdown/links/podman-container-kill.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-kill.1

1
docs/source/markdown/links/podman-container-list.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-ps.1

1
docs/source/markdown/links/podman-container-logs.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-logs.1

1
docs/source/markdown/links/podman-container-ls.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-ps.1

1
docs/source/markdown/links/podman-container-mount.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-mount.1

1
docs/source/markdown/links/podman-container-pause.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-pause.1

1
docs/source/markdown/links/podman-container-port.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-port.1

1
docs/source/markdown/links/podman-container-ps.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-ps.1

1
docs/source/markdown/links/podman-container-restart.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-restart.1

1
docs/source/markdown/links/podman-container-rm.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-rm.1

1
docs/source/markdown/links/podman-container-run.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-run.1

1
docs/source/markdown/links/podman-container-start.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-start.1

1
docs/source/markdown/links/podman-container-stats.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-stats.1

1
docs/source/markdown/links/podman-container-stop.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-stop.1

1
docs/source/markdown/links/podman-container-top.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-top.1

1
docs/source/markdown/links/podman-container-umount.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-umount.1

1
docs/source/markdown/links/podman-container-unmount.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-umount.1

1
docs/source/markdown/links/podman-container-unpause.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-unpause.1

1
docs/source/markdown/links/podman-container-wait.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-wait.1

1
docs/source/markdown/links/podman-help.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman.1

1
docs/source/markdown/links/podman-image-build.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-build.1

1
docs/source/markdown/links/podman-image-history.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-history.1

1
docs/source/markdown/links/podman-image-import.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-import.1

1
docs/source/markdown/links/podman-image-inspect.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-inspect.1

1
docs/source/markdown/links/podman-image-list.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-images.1

1
docs/source/markdown/links/podman-image-load.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-load.1

1
docs/source/markdown/links/podman-image-ls.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-images.1

1
docs/source/markdown/links/podman-image-pull.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-pull.1

1
docs/source/markdown/links/podman-image-push.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-push.1

1
docs/source/markdown/links/podman-image-rm.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-rmi.1

1
docs/source/markdown/links/podman-image-save.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-save.1

1
docs/source/markdown/links/podman-image-tag.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-tag.1

1
docs/source/markdown/links/podman-list.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-ps.1

1
docs/source/markdown/links/podman-ls.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-ps.1

1
docs/source/markdown/links/podman-system-info.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-info.1

1
docs/source/markdown/links/podman-unmount.1 Normal file
View File

@ -0,0 +1 @@
.so man1/podman-umount.1

60
docs/source/markdown/podman-attach.1.md Normal file
View File

@ -0,0 +1,60 @@
% podman-attach(1)
## NAME
podman\-attach - Attach to a running container
## SYNOPSIS
**podman attach** [*options*] *container*
**podman container attach** [*options*] *container*
## DESCRIPTION
The attach command allows you to attach to a running container using the container's ID
or name, either to view its ongoing output or to control it interactively.
You can detach from the container (and leave it running) using a configurable key sequence. The default
sequence is `ctrl-p,ctrl-q`.
Configure the keys sequence using the **--detach-keys** option, or specifying
it in the **libpod.conf** file: see **libpod.conf(5)** for more information.
## OPTIONS
**--detach-keys**=*sequence*
Override the key sequence for detaching a container. Format is a single character `[a-Z]` or
a comma separated sequence of `ctrl-<value>`, where `<value>` is one of:
`a-z`, `@`, `^`, `[`, `\\`, `]`, `^` or `_`.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
**--no-stdin**
Do not attach STDIN. The default is false.
**--sig-proxy**=*true*|*false*
Proxy received signals to the process (non-TTY mode only). SIGCHLD, SIGSTOP, and SIGKILL are not proxied. The default is *true*.
## EXAMPLES
```
$ podman attach foobar
[root@localhost /]#
```
```
$ podman attach --latest
[root@localhost /]#
```
```
$ podman attach 1234
[root@localhost /]#
```
```
$ podman attach --no-stdin foobar
```
## SEE ALSO
podman(1), podman-exec(1), podman-run(1)

712
docs/source/markdown/podman-build.1.md Normal file
View File

@ -0,0 +1,712 @@
% podman-build(1)
## NAME
podman\-build - Build a container image using a Containerfile
## SYNOPSIS
**podman build** [*options*] [*context*]
**podman image build** [*options*] [*context*]
## DESCRIPTION
**podman build** Builds an image using instructions from one or more Containerfiles or Dockerfiles and a specified build context directory. A Containerfile uses the same syntax as a Dockerfile internally. For this document, a file referred to as a Containerfile can be a file named either 'Containerfile' or 'Dockerfile'.
The build context directory can be specified as the http(s) URL of an archive, git repository or Containerfile.
If no context directory is specified, then Podman will assume the current working directory as the build context, which should contain the Containerfile.
Containerfiles ending with a ".in" suffix will be preprocessed via CPP(1). This can be useful to decompose Containerfiles into several reusable parts that can be used via CPP's **#include** directive. Notice, a Containerfile.in file can still be used by other tools when manually preprocessing them via `cpp -E`.
When the URL is an archive, the contents of the URL is downloaded to a temporary location and extracted before execution.
When the URL is an Containerfile, the Containerfile is downloaded to a temporary location.
When a Git repository is set as the URL, the repository is cloned locally and then set as the context.
## OPTIONS
**--add-host**=*host*
Add a custom host-to-IP mapping (host:ip)
Add a line to /etc/hosts. The format is hostname:ip. The **--add-host** option can be set multiple times.
**--annotation**=*annotation*
Add an image *annotation* (e.g. annotation=*value*) to the image metadata. Can be used multiple times.
Note: this information is not present in Docker image formats, so it is discarded when writing images in Docker formats.
**--authfile**=*path*
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. (Not available for remote commands)
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--build-arg**=*arg=value*
Specifies a build argument and its value, which will be interpolated in
instructions read from the Containerfiles in the same way that environment
variables are, but which will not be added to environment variable list in the
resulting image's configuration.
**--cache-from**
Images to utilize as potential cache sources. Podman does not currently support caching so this is a NOOP.
**--cap-add**=*CAP\_xxx*
When executing RUN instructions, run the command specified in the instruction
with the specified capability added to its capability set.
Certain capabilities are granted by default; this option can be used to add
more.
**--cap-drop**=*CAP\_xxx*
When executing RUN instructions, run the command specified in the instruction
with the specified capability removed from its capability set.
The CAP\_AUDIT\_WRITE, CAP\_CHOWN, CAP\_DAC\_OVERRIDE, CAP\_FOWNER,
CAP\_FSETID, CAP\_KILL, CAP\_MKNOD, CAP\_NET\_BIND\_SERVICE, CAP\_SETFCAP,
CAP\_SETGID, CAP\_SETPCAP, CAP\_SETUID, and CAP\_SYS\_CHROOT capabilities are
granted by default; this option can be used to remove them.
If a capability is specified to both the **--cap-add** and **--cap-drop**
options, it will be dropped, regardless of the order in which the options were
given.
**--cert-dir**=*path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
**--cgroup-parent**=*path*
Path to cgroups under which the cgroup for the container will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
**--compress**
This option is added to be aligned with other containers CLIs.
Podman doesn't communicate with a daemon or a remote server.
Thus, compressing the data before sending it is irrelevant to Podman.
**--cni-config-dir**=*directory*
Location of CNI configuration files which will dictate which plugins will be
used to configure network interfaces and routing for containers created for
handling `RUN` instructions, if those containers will be run in their own
network namespaces, and networking is not disabled.
**--cni-plugin-path**=*directory[:directory[:directory[...]]]*
List of directories in which the CNI plugins which will be used for configuring
network namespaces can be found.
**--cpu-period**=*limit*
Limit the CPU CFS (Completely Fair Scheduler) period
Limit the container's CPU usage. This flag tell the kernel to restrict the container's CPU usage to the period you specify.
**--cpu-quota**=*limit*
Limit the CPU CFS (Completely Fair Scheduler) quota
Limit the container's CPU usage. By default, containers run with the full
CPU resource. This flag tell the kernel to restrict the container's CPU usage
to the quota you specify.
**--cpu-shares**, **-c**=*shares*
CPU shares (relative weight)
By default, all containers get the same proportion of CPU cycles. This proportion
can be modified by changing the container's CPU share weighting relative
to the weighting of all other running containers.
To modify the proportion from the default of 1024, use the **--cpu-shares**
flag to set the weighting to 2 or higher.
The proportion will only apply when CPU-intensive processes are running.
When tasks in one container are idle, other containers can use the
left-over CPU time. The actual amount of CPU time will vary depending on
the number of containers running on the system.
For example, consider three containers, one has a cpu-share of 1024 and
two others have a cpu-share setting of 512. When processes in all three
containers attempt to use 100% of CPU, the first container would receive
50% of the total CPU time. If you add a fourth container with a cpu-share
of 1024, the first container only gets 33% of the CPU. The remaining containers
receive 16.5%, 16.5% and 33% of the CPU.
On a multi-core system, the shares of CPU time are distributed over all CPU
cores. Even if a container is limited to less than 100% of CPU time, it can
use 100% of each individual CPU core.
For example, consider a system with more than three cores. If you start one
container **{C0}** with **-c=512** running one process, and another container
**{C1}** with **-c=1024** running two processes, this can result in the following
division of CPU shares:
PID container CPU CPU share
100 {C0} 0 100% of CPU0
101 {C1} 1 100% of CPU1
102 {C1} 2 100% of CPU2
**--cpuset-cpus**=*num*
CPUs in which to allow execution (0-3, 0,1)
**--cpuset-mems**=*nodes*
Memory nodes (MEMs) in which to allow execution (0-3, 0,1). Only effective on NUMA systems.
If you have four memory nodes on your system (0-3), use `--cpuset-mems=0,1`
then processes in your container will only use memory from the first
two memory nodes.
**--creds**=*creds*
The [username[:password]] to use to authenticate with the registry if required.
If one or both values are not supplied, a command line prompt will appear and the
value can be entered. The password is entered without echo.
**--device**=*device*
Add a host device to the container. The format is `<device-on-host>[:<device-on-container>][:<permissions>]` (e.g. --device=/dev/sdc:/dev/xvdc:rwm)
**--disable-compression, -D**
Don't compress filesystem layers when building the image unless it is required
by the location where the image is being written. This is the default setting,
because image layers are compressed automatically when they are pushed to
registries, and images being written to local storage would only need to be
decompressed again to be stored. Compression can be forced in all cases by
specifying **--disable-compression=false**.
**--disable-content-trust**
This is a Docker specific option to disable image verification to a Docker
registry and is not supported by Podman. This flag is a NOOP and provided
solely for scripting compatibility.
**--dns**=*dns*
Set custom DNS servers
This option can be used to override the DNS configuration passed to the container. Typically this is necessary when the host DNS configuration is invalid for the container (e.g., 127.0.0.1). When this is the case the `--dns` flag is necessary for every run.
The special value **none** can be specified to disable creation of /etc/resolv.conf in the container by Podman. The /etc/resolv.conf file in the image will be used without changes.
**--dns-option**=*option*
Set custom DNS options
**--dns-search**=*domain*
Set custom DNS search domains
**--file**, **-f**=*Containerfile*
Specifies a Containerfile which contains instructions for building the image,
either a local file or an **http** or **https** URL. If more than one
Containerfile is specified, *FROM* instructions will only be accepted from the
first specified file.
If a build context is not specified, and at least one Containerfile is a
local file, the directory in which it resides will be used as the build
context.
If you specify `-f -`, the Containerfile contents will be read from stdin.
**--force-rm**=*true|false*
Always remove intermediate containers after a build, even if the build fails (default false).
**--format**
Control the format for the built image's manifest and configuration data.
Recognized formats include *oci* (OCI image-spec v1.0, the default) and
*docker* (version 2, using schema format 2 for the manifest).
Note: You can also override the default format by setting the BUILDAH\_FORMAT
environment variable. `export BUILDAH_FORMAT=docker`
**-h**, **--help**
Print usage statement
**--iidfile**=*ImageIDfile*
Write the image ID to the file.
**--ipc**=*how*
Sets the configuration for IPC namespaces when handling `RUN` instructions.
The configured value can be "" (the empty string) or "container" to indicate
that a new IPC namespace should be created, or it can be "host" to indicate
that the IPC namespace in which `podman` itself is being run should be reused,
or it can be the path to an IPC namespace which is already in use by
another process.
**--isolation**=*type*
Controls what type of isolation is used for running processes as part of `RUN`
instructions. Recognized types include *oci* (OCI-compatible runtime, the
default), *rootless* (OCI-compatible runtime invoked using a modified
configuration and its --rootless flag enabled, with *--no-new-keyring
--no-pivot* added to its *create* invocation, with network and UTS namespaces
disabled, and IPC, PID, and user namespaces enabled; the default for
unprivileged users), and *chroot* (an internal wrapper that leans more toward
chroot(1) than container technology).
Note: You can also override the default isolation type by setting the
BUILDAH\_ISOLATION environment variable. `export BUILDAH_ISOLATION=oci`
**--label**=*label*
Add an image *label* (e.g. label=*value*) to the image metadata. Can be used multiple times.
**--layers**
Cache intermediate images during the build process (Default is `true`).
Note: You can also override the default value of layers by setting the BUILDAH\_LAYERS
environment variable. `export BUILDAH_LAYERS=true`
**--logfile**=*filename*
Log output which would be sent to standard output and standard error to the
specified file instead of to standard output and standard error.
**--loglevel** *number*
Adjust the logging level up or down. Valid option values range from -2 to 3,
with 3 being roughly equivalent to using the global *--debug* option, and
values below 0 omitting even error messages which accompany fatal errors.
**--memory**, **-m**=*LIMIT*
Memory limit (format: <number>[<unit>], where unit = b (bytes), k (kilobytes), m (megabytes), or g (gigabytes))
Allows you to constrain the memory available to a container. If the host
supports swap memory, then the **-m** memory setting can be larger than physical
RAM. If a limit of 0 is specified (not using **-m**), the container's memory is
not limited. The actual limit may be rounded up to a multiple of the operating
system's page size (the value would be very large, that's millions of trillions).
**--memory-swap**=*LIMIT*
A limit value equal to memory plus swap. Must be used with the **-m**
(**--memory**) flag. The swap `LIMIT` should always be larger than **-m**
(**--memory**) value. By default, the swap `LIMIT` will be set to double
the value of --memory.
The format of `LIMIT` is `<number>[<unit>]`. Unit can be `b` (bytes),
`k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you don't specify a
unit, `b` is used. Set LIMIT to `-1` to enable unlimited swap.
**--net**, **--network**=*string*
Sets the configuration for network namespaces when handling `RUN` instructions.
The configured value can be "" (the empty string) or "container" to indicate
that a new network namespace should be created, or it can be "host" to indicate
that the network namespace in which `podman` itself is being run should be
reused, or it can be the path to a network namespace which is already in use by
another process.
**--no-cache**
Do not use existing cached images for the container build. Build from the start with a new set of cached layers.
**--pid**=*pid*
Sets the configuration for PID namespaces when handling `RUN` instructions.
The configured value can be "" (the empty string) or "container" to indicate
that a new PID namespace should be created, or it can be "host" to indicate
that the PID namespace in which `podman` itself is being run should be reused,
or it can be the path to a PID namespace which is already in use by another
process.
**--platform**="Linux"
This option has no effect on the build. Other container engines use this option
to control the execution platform for the build (e.g., Windows, Linux) which is
not required for Buildah as it supports only Linux.
**--pull**
When the flag is enabled, attempt to pull the latest image from the registries
listed in registries.conf if a local image does not exist or the image is newer
than the one in storage. Raise an error if the image is not in any listed
registry and is not present locally.
If the flag is disabled (with *--pull=false*), do not pull the image from the
registry, use only the local version. Raise an error if the image is not
present locally.
Defaults to *true*.
**--pull-always**
Pull the image from the first registry it is found in as listed in registries.conf.
Raise an error if not found in the registries, even if the image is present locally.
**--quiet**, **-q**
Suppress output messages which indicate which instruction is being processed,
and of progress when pulling images from a registry, and when writing the
output image.
**--rm**=*true|false*
Remove intermediate containers after a successful build (default true).
**--runtime**=*path*
The *path* to an alternate OCI-compatible runtime, which will be used to run
commands specified by the **RUN** instruction.
Note: You can also override the default runtime by setting the BUILDAH\_RUNTIME
environment variable. `export BUILDAH_RUNTIME=/usr/local/bin/runc`
**--runtime-flag**=*flag*
Adds global flags for the container runtime. To list the supported flags, please
consult the manpages of the selected container runtime (`runc` is the default
runtime, the manpage to consult is `runc(8)`. When the machine is configured
for cgroup V2, the default runtime is `crun`, the manpage to consult is `crun(8)`.).
Note: Do not pass the leading `--` to the flag. To pass the runc flag `--log-format json`
to podman build, the option given would be `--runtime-flag log-format=json`.
**--security-opt**=*option*
Security Options
- `apparmor=unconfined` : Turn off apparmor confinement for the container
- `apparmor=your-profile` : Set the apparmor confinement profile for the container
- `label=user:USER` : Set the label user for the container processes
- `label=role:ROLE` : Set the label role for the container processes
- `label=type:TYPE` : Set the label process type for the container processes
- `label=level:LEVEL` : Set the label level for the container processes
- `label=filetype:TYPE` : Set the label file type for the container files
- `label=disable` : Turn off label separation for the container
- `seccomp=unconfined` : Turn off seccomp confinement for the container
- `seccomp=profile.json` : White listed syscalls seccomp Json file to be used as a seccomp filter
**--shm-size**=*size*
Size of `/dev/shm`. The format is `<number><unit>`. `number` must be greater than `0`.
Unit is optional and can be `b` (bytes), `k` (kilobytes), `m`(megabytes), or `g` (gigabytes).
If you omit the unit, the system uses bytes. If you omit the size entirely, the system uses `64m`.
**--squash**
Squash all of the image's new layers into a single new layer; any preexisting layers
are not squashed.
**--squash-all**
Squash all of the new image's layers (including those inherited from a base image) into a single new layer.
**--tag**, **-t**=*imageName*
Specifies the name which will be assigned to the resulting image if the build
process completes successfully.
If _imageName_ does not include a registry name, the registry name *localhost* will be prepended to the image name.
**--target**=*stageName*
Set the target build stage to build. When building a Containerfile with multiple build stages, --target
can be used to specify an intermediate build stage by name as the final stage for the resulting image.
Commands after the target stage will be skipped.
**--tls-verify**=*true|false*
Require HTTPS and verify certificates when talking to container registries (defaults to true). (Not available for remote commands)
**--ulimit**=*type*=*soft-limit*[:*hard-limit*]
Specifies resource limits to apply to processes launched when processing `RUN` instructions.
This option can be specified multiple times. Recognized resource types
include:
"core": maximum core dump size (ulimit -c)
"cpu": maximum CPU time (ulimit -t)
"data": maximum size of a process's data segment (ulimit -d)
"fsize": maximum size of new files (ulimit -f)
"locks": maximum number of file locks (ulimit -x)
"memlock": maximum amount of locked memory (ulimit -l)
"msgqueue": maximum amount of data in message queues (ulimit -q)
"nice": niceness adjustment (nice -n, ulimit -e)
"nofile": maximum number of open files (ulimit -n)
"nproc": maximum number of processes (ulimit -u)
"rss": maximum size of a process's (ulimit -m)
"rtprio": maximum real-time scheduling priority (ulimit -r)
"rttime": maximum amount of real-time execution between blocking syscalls
"sigpending": maximum number of pending signals (ulimit -i)
"stack": maximum stack size (ulimit -s)
**--userns**=*how*
Sets the configuration for user namespaces when handling `RUN` instructions.
The configured value can be "" (the empty string) or "container" to indicate
that a new user namespace should be created, it can be "host" to indicate that
the user namespace in which `podman` itself is being run should be reused, or
it can be the path to an user namespace which is already in use by another
process.
**--userns-uid-map**=*mapping*
Directly specifies a UID mapping which should be used to set ownership, at the
filesystem level, on the working container's contents.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
Entries in this map take the form of one or more triples of a starting
in-container UID, a corresponding starting host-level UID, and the number of
consecutive IDs which the map entry represents.
This option overrides the *remap-uids* setting in the *options* section of
/etc/containers/storage.conf.
If this option is not specified, but a global --userns-uid-map setting is
supplied, settings from the global option will be used.
If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-uid-map
are specified, but --userns-gid-map is specified, the UID map will be set to
use the same numeric values as the GID map.
**--userns-gid-map**=*mapping*
Directly specifies a GID mapping which should be used to set ownership, at the
filesystem level, on the working container's contents.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
Entries in this map take the form of one or more triples of a starting
in-container GID, a corresponding starting host-level GID, and the number of
consecutive IDs which the map entry represents.
This option overrides the *remap-gids* setting in the *options* section of
/etc/containers/storage.conf.
If this option is not specified, but a global --userns-gid-map setting is
supplied, settings from the global option will be used.
If none of --userns-uid-map-user, --userns-gid-map-group, or --userns-gid-map
are specified, but --userns-uid-map is specified, the GID map will be set to
use the same numeric values as the UID map.
**--userns-uid-map-user**=*user*
Specifies that a UID mapping which should be used to set ownership, at the
filesystem level, on the working container's contents, can be found in entries
in the `/etc/subuid` file which correspond to the specified user.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
If --userns-gid-map-group is specified, but --userns-uid-map-user is not
specified, `podman` will assume that the specified group name is also a
suitable user name to use as the default setting for this option.
**--userns-gid-map-group**=*group*
Specifies that a GID mapping which should be used to set ownership, at the
filesystem level, on the working container's contents, can be found in entries
in the `/etc/subgid` file which correspond to the specified group.
Commands run when handling `RUN` instructions will default to being run in
their own user namespaces, configured using the UID and GID maps.
If --userns-uid-map-user is specified, but --userns-gid-map-group is not
specified, `podman` will assume that the specified user name is also a
suitable group name to use as the default setting for this option.
**--uts**=*how*
Sets the configuration for UTS namespaces when the handling `RUN` instructions.
The configured value can be "" (the empty string) or "container" to indicate
that a new UTS namespace should be created, or it can be "host" to indicate
that the UTS namespace in which `podman` itself is being run should be reused,
or it can be the path to a UTS namespace which is already in use by another
process.
**--volume**, **-v**[=*[HOST-DIR:CONTAINER-DIR[:OPTIONS]]*]
Create a bind mount. If you specify, ` -v /HOST-DIR:/CONTAINER-DIR`, Podman
bind mounts `/HOST-DIR` in the host to `/CONTAINER-DIR` in the Podman
container. The `OPTIONS` are a comma delimited list and can be:
* [rw|ro]
* [z|Z|O]
* [`[r]shared`|`[r]slave`|`[r]private`]
The `CONTAINER-DIR` must be an absolute path such as `/src/docs`. The `HOST-DIR`
must be an absolute path as well. Podman bind-mounts the `HOST-DIR` to the
path you specify. For example, if you supply `/foo` as the host path,
Podman copies the contents of `/foo` to the container filesystem on the host
and bind mounts that into the container.
You can specify multiple **-v** options to mount one or more mounts to a
container.
You can add the `:ro` or `:rw` suffix to a volume to mount it read-only or
read-write mode, respectively. By default, the volumes are mounted read-write.
See examples.
`Labeling Volume Mounts`
Labeling systems like SELinux require that proper labels are placed on volume
content mounted into a container. Without a label, the security system might
prevent the processes running inside the container from using the content. By
default, Podman does not change the labels set by the OS.
To change a label in the container context, you can add either of two suffixes
`:z` or `:Z` to the volume mount. These suffixes tell Podman to relabel file
objects on the shared volumes. The `z` option tells Podman that two containers
share the volume content. As a result, Podman labels the content with a shared
content label. Shared volume labels allow all containers to read/write content.
The `Z` option tells Podman to label the content with a private unshared label.
Only the current container can use a private volume.
`Overlay Volume Mounts`
The `:O` flag tells Podman to mount the directory from the host as a temporary storage using the Overlay file system. The `RUN` command containers are allowed to modify contents within the mountpoint and are stored in the container storage in a separate directory. In Overlay FS terms the source directory will be the lower, and the container storage directory will be the upper. Modifications to the mount point are destroyed when the `RUN` command finishes executing, similar to a tmpfs mount point.
Any subsequent execution of `RUN` commands sees the original source directory content, any changes from previous RUN commands no longer exists.
One use case of the `overlay` mount is sharing the package cache from the host into the container to allow speeding up builds.
Note:
- Overlay mounts are not currently supported in rootless mode.
- The `O` flag is not allowed to be specified with the `Z` or `z` flags. Content mounted into the container is labeled with the private label.
On SELinux systems, labels in the source directory needs to be readable by the container label. If not, SELinux container separation must be disabled for the container to work.
- Modification of the directory volume mounted into the container with an overlay mount can cause unexpected failures. It is recommended that you do not modify the directory until the container finishes running.
By default bind mounted volumes are `private`. That means any mounts done
inside container will not be visible on the host and vice versa. This behavior can
be changed by specifying a volume mount propagation property.
When the mount propagation policy is set to `shared`, any mounts completed inside
the container on that volume will be visible to both the host and container. When
the mount propagation policy is set to `slave`, one way mount propagation is enabled
and any mounts completed on the host for that volume will be visible only inside of the container.
To control the mount propagation property of volume use the `:[r]shared`,
`:[r]slave` or `:[r]private` propagation flag. The propagation property can
be specified only for bind mounted volumes and not for internal volumes or
named volumes. For mount propagation to work on the source mount point (mount point
where source dir is mounted on) has to have the right propagation properties. For
shared volumes, the source mount point has to be shared. And for slave volumes,
the source mount has to be either shared or slave.
Use `df <source-dir>` to determine the source mount and then use
`findmnt -o TARGET,PROPAGATION <source-mount-dir>` to determine propagation
properties of source mount, if `findmnt` utility is not available, the source mount point
can be determined by looking at the mount entry in `/proc/self/mountinfo`. Look
at `optional fields` and see if any propagation properties are specified.
`shared:X` means the mount is `shared`, `master:X` means the mount is `slave` and if
nothing is there that means the mount is `private`.
To change propagation properties of a mount point use the `mount` command. For
example, to bind mount the source directory `/foo` do
`mount --bind /foo /foo` and `mount --make-private --make-shared /foo`. This
will convert /foo into a `shared` mount point. The propagation properties of the source
mount can be changed directly. For instance if `/` is the source mount for
`/foo`, then use `mount --make-shared /` to convert `/` into a `shared` mount.
## EXAMPLES
### Build an image using local Containerfiles
```
$ podman build .
$ podman build -f Containerfile.simple .
$ cat ~/Dockerfile | podman build -f - .
$ podman build -f Dockerfile.simple -f Containerfile.notsosimple .
$ podman build -f Dockerfile.in ~
$ podman build -t imageName .
$ podman build --tls-verify=true -t imageName -f Dockerfile.simple .
$ podman build --tls-verify=false -t imageName .
$ podman build --runtime-flag log-format=json .
$ podman build --runtime-flag debug .
$ podman build --authfile /tmp/auths/myauths.json --cert-dir ~/auth --tls-verify=true --creds=username:password -t imageName -f Dockerfile.simple .
$ podman build --memory 40m --cpu-period 10000 --cpu-quota 50000 --ulimit nofile=1024:1028 -t imageName .
$ podman build --security-opt label=level:s0:c100,c200 --cgroup-parent /path/to/cgroup/parent -t imageName .
$ podman build --volume /home/test:/myvol:ro,Z -t imageName .
$ podman build -v /var/lib/yum:/var/lib/yum:O -t imageName .
$ podman build --layers -t imageName .
$ podman build --no-cache -t imageName .
$ podman build --layers --force-rm -t imageName .
$ podman build --no-cache --rm=false -t imageName .
```
### Building an image using a URL, Git repo, or archive
The build context directory can be specified as a URL to a Containerfile, a Git repository, or URL to an archive. If the URL is a Containerfile, it is downloaded to a temporary location and used as the context. When a Git repository is set as the URL, the repository is cloned locally to a temporary location and then used as the context. Lastly, if the URL is an archive, it is downloaded to a temporary location and extracted before being used as the context.
#### Building an image using a URL to a Containerfile
Podman will download the Containerfile to a temporary location and then use it as the build context.
```
$ podman build https://10.10.10.1/podman/Containerfile
```
#### Building an image using a Git repository
Podman will clone the specified GitHub repository to a temporary location and use it as the context. The Containerfile at the root of the repository will be used and it only works if the GitHub repository is a dedicated repository.
```
$ podman build git://github.com/scollier/purpletest
```
#### Building an image using a URL to an archive
Podman will fetch the archive file, decompress it, and use its contents as the build context. The Containerfile at the root of the archive and the rest of the archive will get used as the context of the build. If you pass `-f PATH/Containerfile` option as well, the system will look for that file inside the contents of the archive.
```
$ podman build -f dev/Containerfile https://10.10.10.1/podman/context.tar.gz
```
Note: supported compression formats are 'xz', 'bzip2', 'gzip' and 'identity' (no compression).
## Files
**registries.conf** (`/etc/containers/registries.conf`)
registries.conf is the configuration file which specifies which container registries should be consulted when completing image names which do not include a registry or domain portion.
## Troubleshooting
If you are using a useradd command within a Containerfile with a large UID/GID, it will create a large sparse file `/var/log/lastlog`. This can cause the build to hang forever. Go language does not support sparse files correctly, which can lead to some huge files being created in your container image.
### Solution
If you are using `useradd` within your build script, you should pass the `--no-log-init or -l` option to the `useradd` command. This option tells useradd to stop creating the lastlog file.
## SEE ALSO
podman(1), buildah(1), containers-registries.conf(5), crun(8), runc(8), useradd(8)
## HISTORY
May 2018, Minor revisions added by Joe Doss <joe@solidadmin.com>
December 2017, Originally compiled by Tom Sweeney <tsweeney@redhat.com>

93
docs/source/markdown/podman-commit.1.md Normal file
View File

@ -0,0 +1,93 @@
% podman-commit(1)
## NAME
podman\-commit - Create new image based on the changed container
## SYNOPSIS
**podman commit** [*options*] *container* *image*
**podman container commit** [*options*] *container* *image*
## DESCRIPTION
**podman commit** creates an image based on a changed container. The author of the
image can be set using the `--author` flag. Various image instructions can be
configured with the `--change` flag and a commit message can be set using the
`--message` flag. The container and its processes are paused while the image is
committed. This minimizes the likelihood of data corruption when creating the new
image. If this is not desired, the `--pause` flag can be set to false. When the commit
is complete, Podman will print out the ID of the new image.
If *image* does not begin with a registry name component, `localhost` will be added to the name.
## OPTIONS
**--author**, **-a**=*author*
Set the author for the committed image
**--change**, **-c**=*instruction*
Apply the following possible instructions to the created image:
**CMD** | **ENTRYPOINT** | **ENV** | **EXPOSE** | **LABEL** | **ONBUILD** | **STOPSIGNAL** | **USER** | **VOLUME** | **WORKDIR**
Can be set multiple times
**--format**, **-f**=*format*
Set the format of the image manifest and metadata. The currently supported formats are _oci_ and _docker_. If
not specifically set, the default format used is _oci_.
**--iidfile**=*ImageIDfile*
Write the image ID to the file.
**--include-volumes**
Include in the committed image any volumes added to the container by the `--volume` or `--mount` options to the `podman create` and `podman run` commands.
**--message**, **-m**=*message*
Set commit message for committed image. The message field is not supported in _oci_ format.
**--pause**, **-p**
Pause the container when creating an image
**--quiet**, **-q**
Suppress output
## EXAMPLES
```
$ podman commit --change CMD=/bin/bash --change ENTRYPOINT=/bin/sh --change LABEL=blue=image reverent_golick image-committed
Getting image source signatures
Copying blob sha256:b41deda5a2feb1f03a5c1bb38c598cbc12c9ccd675f438edc6acd815f7585b86
25.80 MB / 25.80 MB [======================================================] 0s
Copying config sha256:c16a6d30f3782288ec4e7521c754acc29d37155629cb39149756f486dae2d4cd
448 B / 448 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
e3ce4d93051ceea088d1c242624d659be32cf1667ef62f1d16d6b60193e2c7a8
```
```
$ podman commit -q --message "committing container to image" reverent_golick image-committed
e3ce4d93051ceea088d1c242624d659be32cf1667ef62f1d16d6b60193e2c7a8
```
```
$ podman commit -q --author "firstName lastName" reverent_golick image-committed
e3ce4d93051ceea088d1c242624d659be32cf1667ef62f1d16d6b60193e2c7a8
```
```
$ podman commit -q --pause=false containerID image-committed
e3ce4d93051ceea088d1c242624d659be32cf1667ef62f1d16d6b60193e2c7a8
```
## SEE ALSO
podman(1), podman-run(1), podman-create(1)
## HISTORY
December 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

65
docs/source/markdown/podman-container-checkpoint.1.md Normal file
View File

@ -0,0 +1,65 @@
% podman-container-checkpoint(1)
## NAME
podman\-container\-checkpoint - Checkpoints one or more running containers
## SYNOPSIS
**podman container checkpoint** [*options*] *container* ...
## DESCRIPTION
Checkpoints all the processes in one or more containers. You may use container IDs or names as input.
## OPTIONS
**--keep**, **-k**
Keep all temporary log and statistics files created by CRIU during checkpointing. These files
are not deleted if checkpointing fails for further debugging. If checkpointing succeeds these
files are theoretically not needed, but if these files are needed Podman can keep the files
for further analysis.
**--all**, **-a**
Checkpoint all running containers.
**--latest**, **-l**
Instead of providing the container name or ID, checkpoint the last created container.
The latest option is not supported on the remote client.
**--leave-running**, **-R**
Leave the container running after checkpointing instead of stopping it.
**--tcp-established**
Checkpoint a container with established TCP connections. If the checkpoint
image contains established TCP connections, this options is required during
restore. Defaults to not checkpointing containers with established TCP
connections.
**--export, -e**
Export the checkpoint to a tar.gz file. The exported checkpoint can be used
to import the container on another system and thus enabling container live
migration. This checkpoint archive also includes all changes to the container's
root file-system, if not explicitly disabled using **--ignore-rootfs**
**--ignore-rootfs**
This only works in combination with **--export, -e**. If a checkpoint is
exported to a tar.gz file it is possible with the help of **--ignore-rootfs**
to explicitly disable including changes to the root file-system into
the checkpoint archive file.
## EXAMPLE
podman container checkpoint mywebserver
podman container checkpoint 860a4b23
## SEE ALSO
podman(1), podman-container-restore(1)
## HISTORY
September 2018, Originally compiled by Adrian Reber <areber@redhat.com>

41
docs/source/markdown/podman-container-cleanup.1.md Normal file
View File

@ -0,0 +1,41 @@
% podman-container-cleanup(1)
## NAME
podman\-container\-cleanup - Cleanup the container's network and mountpoints
## SYNOPSIS
**podman container cleanup** [*options*] *container*
## DESCRIPTION
**podman container cleanup** cleans up exited containers by removing all mountpoints and network configuration from the host. The container name or ID can be used. The cleanup command does not remove the containers. Running containers will not be cleaned up.
Sometimes container's mount points and network stacks can remain if the podman command was killed or the container ran in daemon mode. This command is automatically executed when you run containers in daemon mode by the conmon process when the container exits.
## OPTIONS
**--all**, **a**
Cleanup all containers.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
## EXAMPLE
`podman container cleanup mywebserver`
`podman container cleanup mywebserver myflaskserver 860a4b23`
`podman container cleanup 860a4b23`
`podman container cleanup -a`
`podman container cleanup --latest`
## SEE ALSO
podman(1), podman-container(1)
## HISTORY
Jun 2018, Originally compiled by Dan Walsh <dwalsh@redhat.com>

42
docs/source/markdown/podman-container-exists.1.md Normal file
View File

@ -0,0 +1,42 @@
% podman-container-exists(1)
## NAME
podman-container-exists - Check if a container exists in local storage
## SYNOPSIS
**podman container exists** [*options*] *container*
## DESCRIPTION
**podman container exists** checks if a container exists in local storage. The **ID** or **Name**
of the container may be used as input. Podman will return an exit code
of `0` when the container is found. A `1` will be returned otherwise. An exit code of `125` indicates there
was an issue accessing the local storage.
## OPTIONS
**-h**, **--help**
Print usage statement
## Examples
Check if an container called `webclient` exists in local storage (the container does actually exist).
```
$ sudo podman container exists webclient
$ echo $?
0
$
```
Check if an container called `webbackend` exists in local storage (the container does not actually exist).
```
$ sudo podman container exists webbackend
$ echo $?
1
$
```
## SEE ALSO
podman(1)
## HISTORY
November 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

35
docs/source/markdown/podman-container-prune.1.md Normal file
View File

@ -0,0 +1,35 @@
% podman-container-prune(1)
## NAME
podman-container-prune - Remove all stopped containers from local storage
## SYNOPSIS
**podman container prune** [*options*]
## DESCRIPTION
**podman container prune** removes all stopped containers from local storage.
## OPTIONS
**-h**, **--help**
Print usage statement
## Examples
Remove all stopped containers from local storage
```
$ sudo podman container prune
878392adf2e6c5c9bb1fc19b69d37d2e98c8abf9d539c0bce4b15b46bbcce471
37664467fbe3618bf9479c34393ac29c02696675addf1750f9e346581636cde7
ed0c6468b8e1cb641b4621d1fe30cb477e1fefc5c0bceb66feaf2f7cb50e5962
6ac6c8f0067b7a4682e6b8e18902665b57d1a0e07e885d9abcd382232a543ccd
fff1c5b6c3631746055ec40598ce8ecaa4b82aef122f9e3a85b03b55c0d06c23
602d343cd47e7cb3dfc808282a9900a3e4555747787ec6723bb68cedab8384d5
```
## SEE ALSO
podman(1), podman-ps
## HISTORY
December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

89
docs/source/markdown/podman-container-restore.1.md Normal file
View File

@ -0,0 +1,89 @@
% podman-container-restore(1)
## NAME
podman\-container\-restore - Restores one or more containers from a checkpoint
## SYNOPSIS
**podman container restore** [*options*] *container* ...
## DESCRIPTION
Restores a container from a checkpoint. You may use container IDs or names as input.
## OPTIONS
**--keep**, **-k**
Keep all temporary log and statistics files created by CRIU during
checkpointing as well as restoring. These files are not deleted if restoring
fails for further debugging. If restoring succeeds these files are
theoretically not needed, but if these files are needed Podman can keep the
files for further analysis. This includes the checkpoint directory with all
files created during checkpointing. The size required by the checkpoint
directory is roughly the same as the amount of memory required by the
processes in the checkpointed container.
Without the **-k**, **--keep** option the checkpoint will be consumed and cannot be used
again.
**--all**, **-a**
Restore all checkpointed containers.
**--latest**, **-l**
Instead of providing the container name or ID, restore the last created container.
The latest option is not supported on the remote client.
**--tcp-established**
Restore a container with established TCP connections. If the checkpoint image
contains established TCP connections, this option is required during restore.
If the checkpoint image does not contain established TCP connections this
option is ignored. Defaults to not restoring containers with established TCP
connections.
**--import, -i**
Import a checkpoint tar.gz file, which was exported by Podman. This can be used
to import a checkpointed container from another host. Do not specify a *container*
argument when using this option.
**--name, -n**
This is only available in combination with **--import, -i**. If a container is restored
from a checkpoint tar.gz file it is possible to rename it with **--name, -n**. This
way it is possible to restore a container from a checkpoint multiple times with different
names.
If the **--name, -n** option is used, Podman will not attempt to assign the same IP
address to the container it was using before checkpointing as each IP address can only
be used once and the restored container will have another IP address. This also means
that **--name, -n** cannot be used in combination with **--tcp-established**.
**--ignore-rootfs**
This is only available in combination with **--import, -i**. If a container is restored
from a checkpoint tar.gz file it is possible that it also contains all root file-system
changes. With **--ignore-rootfs** it is possible to explicitly disable applying these
root file-system changes to the restored container.
**--ignore-static-ip**
If the container was started with **--ip** the restored container also tries to use that
IP address and restore fails if that IP address is already in use. This can happen, if
a container is restored multiple times from an exported checkpoint with **--name, -n**.
Using **--ignore-static-ip** tells Podman to ignore the IP address if it was configured
with **--ip** during container creation.
## EXAMPLE
podman container restore mywebserver
podman container restore 860a4b23
## SEE ALSO
podman(1), podman-container-checkpoint(1)
## HISTORY
September 2018, Originally compiled by Adrian Reber <areber@redhat.com>

122
docs/source/markdown/podman-container-runlabel.1.md Normal file
View File

@ -0,0 +1,122 @@
% podman-container-runlabel(1)
## NAME
podman-container-runlabel - Executes a command as described by a container image label
## SYNOPSIS
**podman container runlabel** [*options*] *label* *image* [*arg...*]
## DESCRIPTION
**podman container runlabel** reads the provided `LABEL` field in the container
IMAGE and executes the provided value for the label as a command. If this field does not
exist, `podman container runlabel` will just exit.
If the container image has a LABEL INSTALL instruction like the following:
`LABEL INSTALL /usr/bin/podman run -t -i --rm \${OPT1} --privileged -v /:/host --net=host --ipc=host --pid=host -e HOST=/host -e NAME=\${NAME} -e IMAGE=\${IMAGE} -e CONFDIR=\/etc/${NAME} -e LOGDIR=/var/log/\${NAME} -e DATADIR=/var/lib/\${NAME} \${IMAGE} \${OPT2} /bin/install.sh \${OPT3}`
`podman container runlabel` will set the following environment variables for use in the command:
If the container image does not have the desired label, an error message will be displayed along with a non-zero
return code. If the image is not found in local storage, Podman will attempt to pull it first.
**LABEL**
The label name specified via the command.
**IMAGE**
Image name specified via the command.
**SUDO_UID**
The `SUDO_UID` environment variable. This is useful with the podman
`-u` option for user space tools. If the environment variable is
not available, the value of `/proc/self/loginuid` is used.
**SUDO_GID**
The `SUDO_GID` environment variable. This is useful with the podman
`-u` option for user space tools. If the environment variable is
not available, the default GID of the value for `SUDO_UID` is used.
If this value is not available, the value of `/proc/self/loginuid`
is used.
Any additional arguments will be appended to the command.
## OPTIONS:
**--authfile**=*path*
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. (Not available for remote commands)
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--display**
Display the label's value of the image having populated its environment variables.
The runlabel command will not execute if --display is specified.
**--cert-dir**=*path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
**--creds**=*[username[:password]]*
The [username[:password]] to use to authenticate with the registry if required.
If one or both values are not supplied, a command line prompt will appear and the
value can be entered. The password is entered without echo.
**--help**, **-h**
Print usage statement
**--name**, **-n**=*name*
Use this name for creating content for the container. NAME will default to the IMAGENAME if it is not specified.
**--quiet**, **-q**
Suppress output information when pulling images
**--replace**
If a container exists of the default or given name, as needed it will be stopped, deleted and a new container will be
created from this image.
**--rootfs**=*ROOTFS*
Set rootfs
**--set**=*NAME*=*VALUE*
Set name & value
**--storage**
Use storage
**--tls-verify**
Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true,
then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified,
TLS verification will be used unless the target registry is listed as an insecure registry in registries.conf (Not available for remote commands)
## Examples
Execute the run label of an image called foobar.
```
$ sudo podman container runlabel run foobar
```
Execute the install label of an image called foobar with additional arguments.
```
$ sudo podman container runlabel install foobar apples oranges
```
Display the command that would be executed by runlabel.
```
$ sudo podman container runlabel --display run foobar
```
## SEE ALSO
podman(1)
## HISTORY
September 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

49
docs/source/markdown/podman-container.1.md Normal file
View File

@ -0,0 +1,49 @@
% podman-container(1)
## NAME
podman\-container - Manage containers
## SYNOPSIS
**podman container** *subcommand*
## DESCRIPTION
The container command allows you to manage containers
## COMMANDS
| Command | Man Page | Description |
| --------- | --------------------------------------------------- | ---------------------------------------------------------------------------- |
| attach | [podman-attach(1)](podman-attach.1.md) | Attach to a running container. |
| checkpoint | [podman-container-checkpoint(1)](podman-container-checkpoint.1.md) | Checkpoints one or more running containers. |
| cleanup | [podman-container-cleanup(1)](podman-container-cleanup.1.md) | Cleanup the container's network and mountpoints. |
| commit | [podman-commit(1)](podman-commit.1.md) | Create new image based on the changed container. |
| cp | [podman-cp(1)](podman-cp.1.md) | Copy files/folders between a container and the local filesystem. |
| create | [podman-create(1)](podman-create.1.md) | Create a new container. |
| diff | [podman-diff(1)](podman-diff.1.md) | Inspect changes on a container or image's filesystem. |
| exec | [podman-exec(1)](podman-exec.1.md) | Execute a command in a running container. |
| exists | [podman-container-exists(1)](podman-container-exists.1.md) | Check if a container exists in local storage |
| export | [podman-export(1)](podman-export.1.md) | Export a container's filesystem contents as a tar archive. |
| init | [podman-init(1)](podman-init.1.md) | Initialize a container |
| inspect | [podman-inspect(1)](podman-inspect.1.md) | Display a container or image's configuration. |
| kill | [podman-kill(1)](podman-kill.1.md) | Kill the main process in one or more containers. |
| list | [podman-ps(1)](podman-ps.1.md) | List the containers on the system.(alias ls) |
| logs | [podman-logs(1)](podman-logs.1.md) | Display the logs of a container. |
| mount | [podman-mount(1)](podman-mount.1.md) | Mount a working container's root filesystem. |
| pause | [podman-pause(1)](podman-pause.1.md) | Pause one or more containers. |
| port | [podman-port(1)](podman-port.1.md) | List port mappings for the container. |
| prune | [podman-container-prune(1)](podman-container-prune.1.md)| Remove all stopped containers from local storage. |
| restart | [podman-restart(1)](podman-restart.1.md) | Restart one or more containers. |
| restore | [podman-container-restore(1)](podman-container-restore.1.md) | Restores one or more containers from a checkpoint. |
| rm | [podman-rm(1)](podman-rm.1.md) | Remove one or more containers. |
| run | [podman-run(1)](podman-run.1.md) | Run a command in a container. |
| runlabel | [podman-container-runlabel(1)](podman-container-runlabel.1.md) | Executes a command as described by a container image label. |
| start | [podman-start(1)](podman-start.1.md) | Starts one or more containers. |
| stats | [podman-stats(1)](podman-stats.1.md) | Display a live stream of one or more container's resource usage statistics. |
| stop | [podman-stop(1)](podman-stop.1.md) | Stop one or more running containers. |
| top | [podman-top(1)](podman-top.1.md) | Display the running processes of a container. |
| umount | [podman-umount(1)](podman-umount.1.md) | Unmount a working container's root filesystem.(Alias unmount) |
| unpause | [podman-unpause(1)](podman-unpause.1.md) | Unpause one or more containers. |
| wait | [podman-wait(1)](podman-wait.1.md) | Wait on one or more containers to stop and print their exit codes. |
## SEE ALSO
podman, podman-exec, podman-run

120
docs/source/markdown/podman-cp.1.md Normal file
View File

@ -0,0 +1,120 @@
% podman-cp(1)
## NAME
podman\-cp - Copy files/folders between a container and the local filesystem
## SYNOPSIS
**podman cp** [*options*] [*container*:]*src_path* [*container*:]*dest_path*
**podman container cp** [*options*] [*container*:]*src_path* [*container*:]*dest_path*
## DESCRIPTION
Copies the contents of **src_path** to the **dest_path**. You can copy from the container's filesystem to the local machine or the reverse, from the local filesystem to the container.
If - is specified for either the SRC_PATH or DEST_PATH, you can also stream a tar archive from STDIN or to STDOUT.
The CONTAINER can be a running or stopped container. The **src_path** or **dest_path** can be a file or directory.
The **podman cp** command assumes container paths are relative to the container's / (root) directory.
This means supplying the initial forward slash is optional;
The command sees **compassionate_darwin:/tmp/foo/myfile.txt** and **compassionate_darwin:tmp/foo/myfile.txt** as identical.
Local machine paths can be an absolute or relative value.
The command interprets a local machine's relative paths as relative to the current working directory where **podman cp** is run.
Assuming a path separator of /, a first argument of **src_path** and second argument of **dest_path**, the behavior is as follows:
**src_path** specifies a file
- **dest_path** does not exist
- the file is saved to a file created at **dest_path**
- **dest_path** does not exist and ends with /
- Error condition: the destination directory must exist.
- **dest_path** exists and is a file
- the destination is overwritten with the source file's contents
- **dest_path** exists and is a directory
- the file is copied into this directory using the basename from **src_path**
**src_path** specifies a directory
- **dest_path** does not exist
- **dest_path** is created as a directory and the contents of the source directory are copied into this directory
- **dest_path** exists and is a file
- Error condition: cannot copy a directory to a file
- **dest_path** exists and is a directory
- **src_path** ends with /
- the source directory is copied into this directory
- **src_path** ends with /. (that is: slash followed by dot)
- the content of the source directory is copied into this directory
The command requires **src_path** and **dest_path** to exist according to the above rules.
If **src_path** is local and is a symbolic link, the symbolic target, is copied by default.
A colon (:) is used as a delimiter between CONTAINER and its path.
You can also use : when specifying paths to a **src_path** or **dest_path** on a local machine, for example, `file:name.txt`.
If you use a : in a local machine path, you must be explicit with a relative or absolute path, for example:
`/path/to/file:name.txt` or `./file:name.txt`
## OPTIONS
**--extract**
Extract the tar file into the destination directory. If the destination directory is not provided, extract the tar file into the root directory.
**--pause**
Pause the container while copying into it to avoid potential security issues around symlinks. Defaults to *true*. On rootless containers with cgroups V1, defaults to false.
## ALTERNATIVES
Podman has much stronger capabilities than just `podman cp` to achieve copy files between host and container.
Using standard podman-mount and podman-umount takes advantage of the entire linux tool chain, rather
then just cp.
If a user wants to copy contents out of a container or into a container, they can execute a few simple commands.
You can copy from the container's file system to the local machine or the reverse, from the local filesystem to the container.
If you want to copy the /etc/foobar directory out of a container and onto /tmp on the host, you could execute the following commands:
mnt=$(podman mount CONTAINERID)
cp -R ${mnt}/etc/foobar /tmp
podman umount CONTAINERID
If you want to untar a tar ball into a container, you can execute these commands:
mnt=$(podman mount CONTAINERID)
tar xf content.tgz -C ${mnt}
podman umount CONTAINERID
One last example, if you want to install a package into a container that
does not have dnf installed, you could execute something like:
mnt=$(podman mount CONTAINERID)
dnf install --installroot=${mnt} httpd
chroot ${mnt} rm -rf /var/log/dnf /var/cache/dnf
podman umount CONTAINERID
This shows that using `podman mount` and `podman umount` you can use all of the
standard linux tools for moving files into and out of containers, not just
the cp command.
## EXAMPLE
podman cp /myapp/app.conf containerID:/myapp/app.conf
podman cp /home/myuser/myfiles.tar containerID:/tmp
podman cp containerID:/myapp/ /myapp/
podman cp containerID:/home/myuser/. /home/myuser/
podman cp --extract /home/myuser/myfiles.tar.gz containerID:/myfiles
podman cp - containerID:/myfiles.tar.gz < myfiles.tar.gz
## SEE ALSO
podman(1), podman-mount(1), podman-umount(1)

1010
docs/source/markdown/podman-create.1.md Normal file
View File

File diff suppressed because it is too large Load Diff

55
docs/source/markdown/podman-diff.1.md Normal file
View File

@ -0,0 +1,55 @@
% podman-diff(1)
## NAME
podman\-diff - Inspect changes on a container or image's filesystem
## SYNOPSIS
**podman diff** [*options*] *name*
**podman container diff** [*options*] *name*
## DESCRIPTION
Displays changes on a container or image's filesystem. The container or image will be compared to its parent layer
## OPTIONS
**--format**
Alter the output into a different format. The only valid format for diff is `json`.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
## EXAMPLE
```
# podman diff redis:alpine
C /usr
C /usr/local
C /usr/local/bin
A /usr/local/bin/docker-entrypoint.sh
```
```
# podman diff --format json redis:alpine
{
"changed": [
"/usr",
"/usr/local",
"/usr/local/bin"
],
"added": [
"/usr/local/bin/docker-entrypoint.sh"
]
}
```
## SEE ALSO
podman(1)
## HISTORY
August 2017, Originally compiled by Ryan Cole <rycole@redhat.com>

154
docs/source/markdown/podman-events.1.md Normal file
View File

@ -0,0 +1,154 @@
% podman-events(1)
## NAME
podman\-events - Monitor Podman events
## SYNOPSIS
**podman events** [*options*]
## DESCRIPTION
Monitor and print events that occur in Podman. Each event will include a timestamp,
a type, a status, name (if applicable), and image (if applicable). The default logging
mechanism is *journald*. This can be changed in libpod.conf by changing the `events_logger`
value to `file`. Only `file` and `journald` are accepted. A `none` logger is also
available but this logging mechanism completely disables events; nothing will be reported by
`podman events`.
The *container* event type will report the follow statuses:
* attach
* checkpoint
* cleanup
* commit
* create
* exec
* export
* import
* init
* kill
* mount
* pause
* prune
* remove
* restart
* restore
* start
* stop
* sync
* unmount
* unpause
The *pod* event type will report the follow statuses:
* create
* kill
* pause
* remove
* start
* stop
* unpause
The *image* event type will report the following statuses:
* prune
* pull
* push
* remove
* save
* tag
* untag
The *system* type will report the following statuses:
* refresh
* renumber
The *volume* type will report the following statuses:
* create
* prune
* remove
## OPTIONS
**--help**
Print usage statement.
**--format**
Format the output to JSON Lines or using the given Go template.
**--filter**=*filter*
Filter events that are displayed. They must be in the format of "filter=value". The following
filters are supported:
* container=name_or_id
* event=event_status (described above)
* image=name_or_id
* pod=name_or_id
* volume=name_or_id
* type=event_type (described above)
In the case where an ID is used, the ID may be in its full or shortened form.
**--since**=*timestamp*
Show all events created since the given timestamp
**--until**=*timestamp*
Show all events created until the given timestamp
The *since* and *until* values can be RFC3339Nano time stamps or a Go duration string such as 10m, 5h. If no
*since* or *until* values are provided, only new events will be shown.
## EXAMPLES
Showing Podman events
```
$ podman events
2019-03-02 10:33:42.312377447 -0600 CST container create 34503c192940 (image=docker.io/library/alpine:latest, name=friendly_allen)
2019-03-02 10:33:46.958768077 -0600 CST container init 34503c192940 (image=docker.io/library/alpine:latest, name=friendly_allen)
2019-03-02 10:33:46.973661968 -0600 CST container start 34503c192940 (image=docker.io/library/alpine:latest, name=friendly_allen)
2019-03-02 10:33:50.833761479 -0600 CST container stop 34503c192940 (image=docker.io/library/alpine:latest, name=friendly_allen)
2019-03-02 10:33:51.047104966 -0600 CST container cleanup 34503c192940 (image=docker.io/library/alpine:latest, name=friendly_allen)
```
Show only Podman create events
```
$ podman events --filter event=create
2019-03-02 10:36:01.375685062 -0600 CST container create 20dc581f6fbf (image=docker.io/library/alpine:latest, name=sharp_morse)
2019-03-02 10:36:08.561188337 -0600 CST container create 58e7e002344c (image=k8s.gcr.io/pause:3.1, name=3e701f270d54-infra)
2019-03-02 10:36:13.146899437 -0600 CST volume create cad6dc50e087 (image=, name=cad6dc50e0879568e7d656bd004bd343d6035e7fc4024e1711506fe2fd459e6f)
2019-03-02 10:36:29.978806894 -0600 CST container create d81e30f1310f (image=docker.io/library/busybox:latest, name=musing_newton)
```
Show only Podman pod create events
```
$ podman events --filter event=create --filter type=pod
2019-03-02 10:44:29.601746633 -0600 CST pod create 1df5ebca7b44 (image=, name=confident_hawking)
2019-03-02 10:44:42.374637304 -0600 CST pod create ca731231718e (image=, name=webapp)
2019-03-02 10:44:47.486759133 -0600 CST pod create 71e807fc3a8e (image=, name=reverent_swanson)
```
Show only Podman events created in the last five minutes:
```
$ sudo podman events --since 5m
2019-03-02 10:44:29.598835409 -0600 CST container create b629d10d3831 (image=k8s.gcr.io/pause:3.1, name=1df5ebca7b44-infra)
2019-03-02 10:44:29.601746633 -0600 CST pod create 1df5ebca7b44 (image=, name=confident_hawking)
2019-03-02 10:44:42.371100253 -0600 CST container create 170a0f457d00 (image=k8s.gcr.io/pause:3.1, name=ca731231718e-infra)
2019-03-02 10:44:42.374637304 -0600 CST pod create ca731231718e (image=, name=webapp)
```
Show Podman events in JSON Lines format
```
events --format json
{"ID":"683b0909d556a9c02fa8cd2b61c3531a965db42158627622d1a67b391964d519","Image":"localhost/myshdemo:latest","Name":"agitated_diffie","Status":"cleanup","Time":"2019-04-27T22:47:00.849932843-04:00","Type":"container"}
{"ID":"a0f8ab051bfd43f9c5141a8a2502139707e4b38d98ac0872e57c5315381e88ad","Image":"docker.io/library/alpine:latest","Name":"friendly_tereshkova","Status":"unmount","Time":"2019-04-28T13:43:38.063017276-04:00","Type":"container"}
```
## SEE ALSO
podman(1)
## HISTORY
March 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

100
docs/source/markdown/podman-exec.1.md Normal file
View File

@ -0,0 +1,100 @@
% podman-exec(1)
## NAME
podman\-exec - Execute a command in a running container
## SYNOPSIS
**podman exec** [*options*] *container* [*command* [*arg* ...]]
**podman container exec** [*options*] *container* [*command* [*arg* ...]]
## DESCRIPTION
**podman exec** executes a command in a running container.
## OPTIONS
**--detach-keys**=*sequence*
Override the key sequence for detaching a container. Format is a single character `[a-Z]` or `ctrl-<value>` where `<value>` is one of: `a-z`, `@`, `^`, `[`, `,` or `_`.
**--env**, **-e**
You may specify arbitrary environment variables that are available for the
command to be executed.
**--interactive**, **-i**=*true|false*
When set to true, keep stdin open even if not attached. The default is *false*.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
**--preserve-fds**=*N*
Pass down to the process N additional file descriptors (in addition to 0, 1, 2). The total FDs will be 3+N.
**--privileged**
Give the process extended Linux capabilities when running the command in container.
**--tty**, **-t**
Allocate a pseudo-TTY.
**--user**, **-u**
Sets the username or UID used and optionally the groupname or GID for the specified command.
The following examples are all valid:
--user [user | user:group | uid | uid:gid | user:gid | uid:group ]
**--workdir**, **-w**=*path*
Working directory inside the container
The default working directory for running binaries within a container is the root directory (/).
The image developer can set a different default with the WORKDIR instruction, which can be overridden
when creating the container.
## Exit Status
The exit code from `podman exec` gives information about why the command within the container failed to run or why it exited. When `podman exec` exits with a
non-zero code, the exit codes follow the `chroot` standard, see below:
**_125_** if the error is with Podman **_itself_**
$ podman exec --foo ctrID /bin/sh; echo $?
Error: unknown flag: --foo
125
**_126_** if the **_contained command_** cannot be invoked
$ podman exec ctrID /etc; echo $?
Error: container_linux.go:346: starting container process caused "exec: \"/etc\": permission denied": OCI runtime error
126
**_127_** if the **_contained command_** cannot be found
$ podman exec ctrID foo; echo $?
Error: container_linux.go:346: starting container process caused "exec: \"foo\": executable file not found in $PATH": OCI runtime error
127
**_Exit code_** of **_contained command_** otherwise
$ podman exec ctrID /bin/sh -c 'exit 3'
# 3
## EXAMPLES
$ podman exec -it ctrID ls
$ podman exec -it -w /tmp myCtr pwd
$ podman exec --user root ctrID ls
## SEE ALSO
podman(1), podman-run(1)
## HISTORY
December 2017, Originally compiled by Brent Baude<bbaude@redhat.com>

45
docs/source/markdown/podman-export.1.md Normal file
View File

@ -0,0 +1,45 @@
% podman-export(1)
## NAME
podman\-export - Export a container's filesystem contents as a tar archive
## SYNOPSIS
**podman export** [*options*] *container*
**podman container export** [*options*] *container*
## DESCRIPTION
**podman export** exports the filesystem of a container and saves it as a tarball
on the local machine. **podman export** writes to STDOUT by default and can be
redirected to a file using the `--output` flag.
Note: `:` is a restricted character and cannot be part of the file name.
**podman [GLOBAL OPTIONS]**
**podman export [GLOBAL OPTIONS]**
**podman export [OPTIONS] CONTAINER**
## OPTIONS
**--output**, **-o**
Write to a file, default is STDOUT
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman export -o redis-container.tar 883504668ec465463bc0fe7e63d53154ac3b696ea8d7b233748918664ea90e57
$ podman export 883504668ec465463bc0fe7e63d53154ac3b696ea8d7b233748918664ea90e57 > redis-container.tar
```
## SEE ALSO
podman(1), podman-import(1)
## HISTORY
August 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

150
docs/source/markdown/podman-generate-kube.1.md Normal file
View File

@ -0,0 +1,150 @@
% podman-generate-kube(1)
## NAME
podman-generate-kube - Generate Kubernetes YAML based on a pod or container
## SYNOPSIS
**podman generate kube** [*options*] *container* | *pod*
## DESCRIPTION
**podman generate kube** will generate Kubernetes Pod YAML (v1 specification) from a Podman container or pod. Whether
the input is for a container or pod, Podman will always generate the specification as a Pod. The input may be in the form
of a pod or container name or ID.
Note that the generated Kubernetes YAML file can be used to re-run the deployment via podman-play-kube(1).
## OPTIONS:
**--filename**, **-f**=**filename**
Output to the given file, instead of STDOUT. If the file already exists, `generate kube` will refuse to replace it and return an error.
**--service**, **-s**
Generate a Kubernetes service object in addition to the Pods. Used to generate a Service specification for the corresponding Pod output. In particular, if the object has portmap bindings, the service specification will include a NodePort declaration to expose the service. A
random port is assigned by Podman in the specification.
## Examples
Create Kubernetes Pod YAML for a container called `some-mariadb` .
```
$ sudo podman generate kube some-mariadb
# Generation of Kubenetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-0.11.2-dev
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2018-12-03T19:07:59Z
labels:
app: some-mariadb
name: some-mariadb-libpod
spec:
containers:
- command:
- docker-entrypoint.sh
- mysqld
env:
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- name: TERM
value: xterm
- name: HOSTNAME
- name: container
value: podman
- name: GOSU_VERSION
value: "1.10"
- name: GPG_KEYS
value: "199369E5404BD5FC7D2FE43BCBCB082A1BB943DB \t177F4010FE56CA3336300305F1656F24C74CD1D8
\t430BDF5C56E7C94E848EE60C1C4CBDCDCD2EFD2A \t4D1BB29D63D98E422B2113B19334A25F8507EFA5"
- name: MARIADB_MAJOR
value: "10.3"
- name: MARIADB_VERSION
value: 1:10.3.10+maria~bionic
- name: MYSQL_ROOT_PASSWORD
value: x
image: quay.io/baude/demodb:latest
name: some-mariadb
ports:
- containerPort: 3306
hostPort: 36533
protocol: TCP
resources: {}
securityContext:
allowPrivilegeEscalation: true
privileged: false
readOnlyRootFilesystem: false
tty: true
workingDir: /
status: {}
```
Create Kubernetes Pod YAML for a pod called `demoweb` and include a service.
```
$ sudo podman generate kube -s demoweb
# Generation of Kubernetes YAML is still under development!
#
# Save the output of this file and use kubectl create -f to import
# it into Kubernetes.
#
# Created with podman-0.12.2-dev
apiVersion: v1
kind: Pod
metadata:
creationTimestamp: 2018-12-18T15:16:06Z
labels:
app: demoweb
name: demoweb-libpod
spec:
containers:
- command:
- python3
- /root/code/graph.py
env:
- name: PATH
value: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
- name: TERM
value: xterm
- name: HOSTNAME
- name: container
value: podman
image: quay.io/baude/demoweb:latest
name: practicalarchimedes
resources: {}
securityContext:
allowPrivilegeEscalation: true
capabilities: {}
privileged: false
readOnlyRootFilesystem: false
tty: true
workingDir: /root/code
status: {}
---
apiVersion: v1
kind: Service
metadata:
creationTimestamp: 2018-12-18T15:16:06Z
labels:
app: demoweb
name: demoweb-libpod
spec:
ports:
- name: "8050"
nodePort: 31269
port: 8050
protocol: TCP
targetPort: 0
selector:
app: demoweb
type: NodePort
status:
loadBalancer: {}
```
## SEE ALSO
podman(1), podman-container(1), podman-pod(1), podman-play-kube(1)
## HISTORY
December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

96
docs/source/markdown/podman-generate-systemd.1.md Normal file
View File

@ -0,0 +1,96 @@
% podman-generate-systemd(1)
## NAME
podman\-generate\-systemd - Generate systemd unit file(s) for a container. Not supported for the remote client
## SYNOPSIS
**podman generate systemd** [*options*] *container|pod*
## DESCRIPTION
**podman generate systemd** will create a systemd unit file that can be used to control a container or pod.
By default, the command will print the content of the unit files to stdout.
Note that this command is not supported for the remote client.
## OPTIONS:
**--files**, **-f**
Generate files instead of printing to stdout. The generated files are named {container,pod}-{ID,name}.service and will be placed in the current working directory.
**--name**, **-n**
Use the name of the container for the start, stop, and description in the unit file
**--timeout**, **-t**=*value*
Override the default stop timeout for the container with the given value.
**--restart-policy**=*policy*
Set the systemd restart policy. The restart-policy must be one of: "no", "on-success", "on-failure", "on-abnormal",
"on-watchdog", "on-abort", or "always". The default policy is *on-failure*.
## Examples
Create and print a systemd unit file for a container running nginx with an *always* restart policy and 1-second timeout to stdout.
```
$ podman create --name nginx nginx:latest
$ podman generate systemd --restart-policy=always -t 1 nginx
# container-de1e3223b1b888bc02d0962dd6cb5855eb00734061013ffdd3479d225abacdc6.service
# autogenerated by Podman 1.5.2
# Wed Aug 21 09:46:45 CEST 2019
[Unit]
Description=Podman container-de1e3223b1b888bc02d0962dd6cb5855eb00734061013ffdd3479d225abacdc6.service
Documentation=man:podman-generate-systemd(1)
[Service]
Restart=always
ExecStart=/usr/bin/podman start de1e3223b1b888bc02d0962dd6cb5855eb00734061013ffdd3479d225abacdc6
ExecStop=/usr/bin/podman stop -t 1 de1e3223b1b888bc02d0962dd6cb5855eb00734061013ffdd3479d225abacdc6
KillMode=none
Type=forking
PIDFile=/run/user/1000/overlay-containers/de1e3223b1b888bc02d0962dd6cb5855eb00734061013ffdd3479d225abacdc6/userdata/conmon.pid
[Install]
WantedBy=multi-user.target
```
Create systemd unit files for a pod with two simple alpine containers. Note that these container services cannot be started or stopped individually via `systemctl`; they are managed by the pod service. You can still use `systemctl status` or journalctl to examine them.
```
$ podman pod create --name systemd-pod
$ podman create --pod systemd-pod alpine top
$ podman create --pod systemd-pod alpine top
$ podman generate systemd --files --name systemd-pod
/home/user/pod-systemd-pod.service
/home/user/container-amazing_chandrasekhar.service
/home/user/container-jolly_shtern.service
$ cat pod-systemd-pod.service
# pod-systemd-pod.service
# autogenerated by Podman 1.5.2
# Wed Aug 21 09:52:37 CEST 2019
[Unit]
Description=Podman pod-systemd-pod.service
Documentation=man:podman-generate-systemd(1)
Requires=container-amazing_chandrasekhar.service container-jolly_shtern.service
Before=container-amazing_chandrasekhar.service container-jolly_shtern.service
[Service]
Restart=on-failure
ExecStart=/usr/bin/podman start 77a818221650-infra
ExecStop=/usr/bin/podman stop -t 10 77a818221650-infra
KillMode=none
Type=forking
PIDFile=/run/user/1000/overlay-containers/ccfd5c71a088768774ca7bd05888d55cc287698dde06f475c8b02f696a25adcd/userdata/conmon.pid
[Install]
WantedBy=multi-user.target
```
## SEE ALSO
podman(1), podman-container(1), systemctl(1), systemd.unit(5), systemd.service(5)
## HISTORY
August 2019, Updated with pod support by Valentin Rothberg (rothberg at redhat dot com)
April 2019, Originally compiled by Brent Baude (bbaude at redhat dot com)

21
docs/source/markdown/podman-generate.1.md Normal file
View File

@ -0,0 +1,21 @@
% podman-generate(1)
## NAME
podman\-generate - Generate structured data based for a containers and pods
## SYNOPSIS
**podman generate** *subcommand*
## DESCRIPTION
The generate command will create structured output (like YAML) based on a container or pod.
## COMMANDS
| Command | Man Page | Description |
|---------|------------------------------------------------------------|-------------------------------------------------------------------------------------|
| kube | [podman-generate-kube(1)](podman-generate-kube.1.md) | Generate Kubernetes YAML based on a pod or container. |
| systemd | [podman-generate-systemd(1)](podman-generate-systemd.1.md) | Generate systemd unit file(s) for a container. Not supported for the remote client. |
## SEE ALSO
podman, podman-pod, podman-container

39
docs/source/markdown/podman-healthcheck-run.1.md Normal file
View File

@ -0,0 +1,39 @@
% podman-healthcheck-run(1)
## NAME
podman\-healthcheck\-run - Run a container healthcheck
## SYNOPSIS
**podman healthcheck run** [*options*] *container*
## DESCRIPTION
Runs the healthcheck command defined in a running container manually. The resulting error codes are defined
as follows:
* 0 = healthcheck command succeeded
* 1 = healthcheck command failed
* 125 = an error has occurred
Possible errors that can occur during the healthcheck are:
* unable to find the container
* container has no defined healthcheck
* container is not running
## OPTIONS
**--help**
Print usage statement
## EXAMPLES
```
$ podman healthcheck run mywebapp
```
## SEE ALSO
podman-healthcheck(1)
## HISTORY
Feb 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

22
docs/source/markdown/podman-healthcheck.1.md Normal file
View File

@ -0,0 +1,22 @@
% podman-healthcheck(1)
## NAME
podman\-healthcheck - Manage healthchecks for containers
## SYNOPSIS
**podman healthcheck** *subcommand*
## DESCRIPTION
podman healthcheck is a set of subcommands that manage container healthchecks
## SUBCOMMANDS
| Command | Man Page | Description |
| ------- | ------------------------------------------------- | ------------------------------------------------------------------------------ |
| run | [podman-healthcheck-run(1)](podman-healthcheck-run.1.md) | Run a container healthcheck |
## SEE ALSO
podman(1)
## HISTORY
Feb 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

98
docs/source/markdown/podman-history.1.md Normal file
View File

@ -0,0 +1,98 @@
% podman-history(1)
## NAME
podman\-history - Show the history of an image
## SYNOPSIS
**podman history** [*options*] *image*[:*tag*|@*digest*]
**podman image history** [*options*] *image*[:*tag*|@*digest*]
## DESCRIPTION
**podman history** displays the history of an image by printing out information
about each layer used in the image. The information printed out for each layer
include Created (time and date), Created By, Size, and Comment. The output can
be truncated or not using the **--no-trunc** flag. If the **--human** flag is
set, the time of creation and size are printed out in a human readable format.
The **--quiet** flag displays the ID of the image only when set and the **--format**
flag is used to print the information using the Go template provided by the user.
Valid placeholders for the Go template are listed below:
| **Placeholder** | **Description** |
| --------------- | ----------------------------------------------------------------------------- |
| .ID | Image ID |
| .Created | if **--human**, time elapsed since creation, otherwise time stamp of creation |
| .CreatedBy | Command used to create the layer |
| .Size | Size of layer on disk |
| .Comment | Comment for the layer |
## OPTIONS
**--human**, **-H**
Display sizes and dates in human readable format
**--no-trunc**
Do not truncate the output
**--quiet**, **-q**
Print the numeric IDs only
**--format**=*format*
Alter the output for a format like 'json' or a Go template.
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman history debian
ID CREATED CREATED BY SIZE COMMENT
b676ca55e4f2c 9 weeks ago /bin/sh -c #(nop) CMD ["bash"] 0 B
<missing> 9 weeks ago /bin/sh -c #(nop) ADD file:ebba725fb97cea4... 45.14 MB
```
```
$ podman history --no-trunc=true --human=false debian
ID CREATED CREATED BY SIZE COMMENT
b676ca55e4f2c 2017-07-24T16:52:55Z /bin/sh -c #(nop) CMD ["bash"] 0
<missing> 2017-07-24T16:52:54Z /bin/sh -c #(nop) ADD file:ebba725fb97cea4... 45142935
```
```
$ podman history --format "{{.ID}} {{.Created}}" debian
b676ca55e4f2c 9 weeks ago
<missing> 9 weeks ago
```
```
$ podman history --format json debian
[
{
"id": "b676ca55e4f2c0ce53d0636438c5372d3efeb5ae99b676fa5a5d1581bad46060",
"created": "2017-07-24T16:52:55.195062314Z",
"createdBy": "/bin/sh -c #(nop) CMD [\"bash\"]",
"size": 0,
"comment": ""
},
{
"id": "b676ca55e4f2c0ce53d0636438c5372d3efeb5ae99b676fa5a5d1581bad46060",
"created": "2017-07-24T16:52:54.898893387Z",
"createdBy": "/bin/sh -c #(nop) ADD file:ebba725fb97cea45d0b1b35ccc8144e766fcfc9a78530465c23b0c4674b14042 in / ",
"size": 45142935,
"comment": ""
}
]
```
## SEE ALSO
podman(1)
## HISTORY
July 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

43
docs/source/markdown/podman-image-exists.1.md Normal file
View File

@ -0,0 +1,43 @@
% podman-image-exists(1)
## NAME
podman-image-exists - Check if an image exists in local storage
## SYNOPSIS
**podman image exists** [*options*] *image*
## DESCRIPTION
**podman image exists** checks if an image exists in local storage. The **ID** or **Name**
of the image may be used as input. Podman will return an exit code
of `0` when the image is found. A `1` will be returned otherwise. An exit code of `125` indicates there
was an issue accessing the local storage.
## OPTIONS
**--help**, **-h**
Print usage statement
## Examples
Check if an image called `webclient` exists in local storage (the image does actually exist).
```
$ sudo podman image exists webclient
$ echo $?
0
$
```
Check if an image called `webbackend` exists in local storage (the image does not actually exist).
```
$ sudo podman image exists webbackend
$ echo $?
1
$
```
## SEE ALSO
podman(1)
## HISTORY
November 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

48
docs/source/markdown/podman-image-prune.1.md Normal file
View File

@ -0,0 +1,48 @@
% podman-image-prune(1)
## NAME
podman-image-prune - Remove all unused images from the local store
## SYNOPSIS
**podman image prune** [*options*]
## DESCRIPTION
**podman image prune** removes all dangling images from local storage. With the `all` option,
you can delete all unused images. Unused images are dangling images as well as any image that
does not have any containers based on it.
## OPTIONS
**--all**, **-a**
Remove dangling images and images that have no associated containers.
**--help**, **-h**
Print usage statement
## Examples ##
Remove all dangling images from local storage
```
$ sudo podman image prune
f3e20dc537fb04cb51672a5cb6fdf2292e61d411315549391a0d1f64e4e3097e
324a7a3b2e0135f4226ffdd473e4099fd9e477a74230cdc35de69e84c0f9d907
```
Remove all unused images from local storage
```
$ sudo podman image prune -a
f3e20dc537fb04cb51672a5cb6fdf2292e61d411315549391a0d1f64e4e3097e
324a7a3b2e0135f4226ffdd473e4099fd9e477a74230cdc35de69e84c0f9d907
6125002719feb1ddf3030acab1df6156da7ce0e78e571e9b6e9c250424d6220c
91e732da5657264c6f4641b8d0c4001c218ae6c1adb9dcef33ad00cafd37d8b6
e4e5109420323221f170627c138817770fb64832da7d8fe2babd863148287fca
77a57fa8285e9656dbb7b23d9efa837a106957409ddd702f995605af27a45ebe
```
## SEE ALSO
podman(1), podman-images
## HISTORY
December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

57
docs/source/markdown/podman-image-sign.1.md Normal file
View File

@ -0,0 +1,57 @@
% podman-image-sign(1)
## NAME
podman-image-sign - Create a signature for an image
## SYNOPSIS
**podman image sign** [*options*] *image* [*image* ...]
## DESCRIPTION
**podman image sign** will create a local signature for one or more local images that have
been pulled from a registry. The signature will be written to a directory
derived from the registry configuration files in /etc/containers/registries.d. By default, the signature will be written into /var/lib/containers/sigstore directory.
## OPTIONS
**--help**, **-h**
Print usage statement.
**--cert-dir**=*path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
**--directory**, **-d**=*dir*
Store the signatures in the specified directory. Default: /var/lib/containers/sigstore
**--sign-by**=*identity*
Override the default identity of the signature.
## EXAMPLES
Sign the busybox image with the identify of foo@bar.com with a user's keyring and save the signature in /tmp/signatures/.
sudo podman image sign --sign-by foo@bar.com --directory /tmp/signatures docker://privateregistry.example.com/foobar
## RELATED CONFIGURATION
The write (and read) location for signatures is defined in YAML-based
configuration files in /etc/containers/registries.d/. When you sign
an image, Podman will use those configuration files to determine
where to write the signature based on the the name of the originating
registry or a default storage value unless overriden with the --directory
option. For example, consider the following configuration file.
docker:
privateregistry.example.com:
sigstore: file:///var/lib/containers/sigstore
When signing an image preceded with the registry name 'privateregistry.example.com',
the signature will be written into sub-directories of
/var/lib/containers/sigstore/privateregistry.example.com. The use of 'sigstore' also means
the signature will be 'read' from that same location on a pull-related function.
## HISTORY
November 2018, Originally compiled by Qi Wang (qiwan at redhat dot com)

88
docs/source/markdown/podman-image-tree.1.md Normal file
View File

@ -0,0 +1,88 @@
% podman-image-tree(1)
## NAME
podman\-image\-tree - Prints layer hierarchy of an image in a tree format
## SYNOPSIS
**podman image tree** [*options*] *image:tag*|*image-id*
## DESCRIPTION
Prints layer hierarchy of an image in a tree format.
If you do not provide a *tag*, Podman will default to `latest` for the *image*.
Layers are indicated with image tags as `Top Layer of`, when the tag is known locally.
## OPTIONS
**--help**, **-h**
Print usage statement
**--whatrequires**
Show all child images and layers of the specified image
## EXAMPLES
```
$ podman pull docker.io/library/wordpress
$ podman pull docker.io/library/php:7.2-apache
$ podman image tree docker.io/library/wordpress
Image ID: 6e880d17852f
Tags: [docker.io/library/wordpress:latest]
Size: 429.9MB
Image Layers
├── ID: 3c816b4ead84 Size: 58.47MB
├── ID: e39dad2af72e Size: 3.584kB
├── ID: b2d6a702383c Size: 213.6MB
├── ID: 94609408badd Size: 3.584kB
├── ID: f4dddbf86725 Size: 43.04MB
├── ID: 8f695df43a4c Size: 11.78kB
├── ID: c29d67bf8461 Size: 9.728kB
├── ID: 23f4315918f8 Size: 7.68kB
├── ID: d082f93a18b3 Size: 13.51MB
├── ID: 7ea8bedcac69 Size: 4.096kB
├── ID: dc3bbf7b3dc0 Size: 57.53MB
├── ID: fdbbc6404531 Size: 11.78kB
├── ID: 8d24785437c6 Size: 4.608kB
├── ID: 80715f9e8880 Size: 4.608kB Top Layer of: [docker.io/library/php:7.2-apache]
├── ID: c93cbcd6437e Size: 3.573MB
├── ID: dece674f3cd1 Size: 4.608kB
├── ID: 834f4497afda Size: 7.168kB
├── ID: bfe2ce1263f8 Size: 40.06MB
└── ID: 748e99b214cf Size: 11.78kB Top Layer of: [docker.io/library/wordpress:latest]
$ podman pull docker.io/circleci/ruby:latest
$ podman pull docker.io/library/ruby:latest
$ podman image tree ae96a4ad4f3f --whatrequires
Image ID: ae96a4ad4f3f
Tags: [docker.io/library/ruby:latest]
Size: 894.2MB
Image Layers
└── ID: 9c92106221c7 Size: 2.56kB Top Layer of: [docker.io/library/ruby:latest]
├── ID: 1b90f2b80ba0 Size: 3.584kB
│ ├── ID: 42b7d43ae61c Size: 169.5MB
│ ├── ID: 26dc8ba99ec3 Size: 2.048kB
│ ├── ID: b4f822db8d95 Size: 3.957MB
│ ├── ID: 044e9616ef8a Size: 164.7MB
│ ├── ID: bf94b940200d Size: 11.75MB
│ ├── ID: 4938e71bfb3b Size: 8.532MB
│ └── ID: f513034bf553 Size: 1.141MB
├── ID: 1e55901c3ea9 Size: 3.584kB
├── ID: b62835a63f51 Size: 169.5MB
├── ID: 9f4e8857f3fd Size: 2.048kB
├── ID: c3b392020e8f Size: 3.957MB
├── ID: 880163026a0a Size: 164.8MB
├── ID: 8c78b2b14643 Size: 11.75MB
├── ID: 830370cfa182 Size: 8.532MB
└── ID: 567fd7b7bd38 Size: 1.141MB Top Layer of: [docker.io/circleci/ruby:latest]
```
## SEE ALSO
podman(1)
## HISTORY
Feb 2019, Originally compiled by Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>

93
docs/source/markdown/podman-image-trust.1.md Normal file
View File

@ -0,0 +1,93 @@
% podman-image-trust(1)
## NAME
podman\-image\-trust - Manage container registry image trust policy
## SYNOPSIS
**podman image trust** set|show [*options*] *registry[/repository]*
## DESCRIPTION
Manages which registries you trust as a source of container images based on its location. (Not available for remote commands)
The location is determined
by the transport and the registry host of the image. Using this container image `docker://docker.io/library/busybox`
as an example, `docker` is the transport and `docker.io` is the registry host.
Trust is defined in **/etc/containers/policy.json** and is enforced when a user attempts to pull
a remote image from a registry. The trust policy in policy.json describes a registry scope (registry and/or repository) for the trust. This trust can use public keys for signed images.
The scope of the trust is evaluated from most specific to the least specific. In other words, a policy may be defined for an entire registry. Or it could be defined for a particular repository in that registry. Or it could be defined down to a specific signed image inside of the registry.
For example, the following list includes valid scope values that could be used in policy.json from most specific to the least specific:
docker.io/library/busybox:notlatest
docker.io/library/busybox
docker.io/library
docker.io
If no configuration is found for any of these scopes, the default value (specified by using "default" instead of REGISTRY[/REPOSITORY]) is used.
Trust **type** provides a way to:
Whitelist ("accept") or
Blacklist ("reject") registries or
Require signature (“signedBy”).
Trust may be updated using the command **podman image trust set** for an existing trust scope.
## OPTIONS
**-h**, **--help**
Print usage statement.
**-f**, **--pubkeysfile**=*KEY1*
A path to an exported public key on the local system. Key paths
will be referenced in policy.json. Any path to a file may be used but locating the file in **/etc/pki/containers** is recommended. Options may be used multiple times to
require an image be signed by multiple keys. The **--pubkeysfile** option is required for the **signedBy** type.
**-t**, **--type**=*value*
The trust type for this policy entry.
Accepted values:
**signedBy** (default): Require signatures with corresponding list of
public keys
**accept**: do not require any signatures for this
registry scope
**reject**: do not accept images for this registry scope
## show OPTIONS
**--raw**
Output trust policy file as raw JSON
**-j**, **--json**
Output trust as JSON for machine parsing
## EXAMPLES
Accept all unsigned images from a registry
sudo podman image trust set --type accept docker.io
Modify default trust policy
sudo podman image trust set -t reject default
Display system trust policy
sudo podman image trust show
Display trust policy file
sudo podman image trust show --raw
Display trust as JSON
sudo podman image trust show --json
## SEE ALSO
policy-json(5)
## HISTORY
January 2019, updated by Tom Sweeney (tsweeney at redhat dot com)
December 2018, originally compiled by Qi Wang (qiwan at redhat dot com)

34
docs/source/markdown/podman-image.1.md Normal file
View File

@ -0,0 +1,34 @@
% podman-image(1)
## NAME
podman\-image - Manage images
## SYNOPSIS
**podman image** *subcommand*
## DESCRIPTION
The image command allows you to manage images
## COMMANDS
| Command | Man Page | Description |
| -------- | ----------------------------------------------- | --------------------------------------------------------------------------- |
| build | [podman-build(1)](podman-build.1.md) | Build a container using a Dockerfile. |
| exists | [podman-image-exists(1)](podman-image-exists.1.md) | Check if an image exists in local storage. |
| history | [podman-history(1)](podman-history.1.md) | Show the history of an image. |
| import | [podman-import(1)](podman-import.1.md) | Import a tarball and save it as a filesystem image. |
| inspect | [podman-inspect(1)](podman-inspect.1.md) | Display a image or image's configuration. |
| list | [podman-images(1)](podman-images.1.md) | List the container images on the system.(alias ls) |
| load | [podman-load(1)](podman-load.1.md) | Load an image from the docker archive. |
| prune | [podman-image-prune(1)](podman-image-prune.1.md)| Remove all unused images from the local store. |
| pull | [podman-pull(1)](podman-pull.1.md) | Pull an image from a registry. |
| push | [podman-push(1)](podman-push.1.md) | Push an image from local storage to elsewhere. |
| rm | [podman-rmi(1)](podman-rmi.1.md) | Removes one or more locally stored images. |
| save | [podman-save(1)](podman-save.1.md) | Save an image to docker-archive or oci. |
| sign | [podman-image-sign(1)](podman-image-sign.1.md) | Create a signature for an image. |
| tag | [podman-tag(1)](podman-tag.1.md) | Add an additional name to a local image. |
| tree | [podman-image-tree(1)](podman-image-tree.1.md) | Prints layer hierarchy of an image in a tree format. |
| trust | [podman-image-trust(1)](podman-image-trust.1.md)| Manage container registry image trust policy. |
## SEE ALSO
podman

178
docs/source/markdown/podman-images.1.md Normal file
View File

@ -0,0 +1,178 @@
% podman-images(1)
## NAME
podman\-images - List images in local storage
## SYNOPSIS
**podman images** [*options*]
**podman image list** [*options*]
**podman image ls** [*options*]
## DESCRIPTION
Displays locally stored images, their names, and their IDs.
## OPTIONS
**-a**, **--all**
Show all images (by default filter out the intermediate image layers). The default is false.
**--digests**
Show image digests
**-f**, **--filter**=*filter*
Filter output based on conditions provided
Filters:
**after==TIMESTRING**
Filter on images created after the given time.Time.
**before==TIMESTRING**
Filter on images created before the given time.Time.
**dangling=true|false**
Show dangling images. Dangling images are a file system layer that was used in a previous build of an image and is no longer referenced by any active images. They are denoted with the <none> tag, consume disk space and serve no active purpose.
**label**
Filter by images labels key and/or value.
**readonly=true|false**
Show only read only images or Read/Write images. The default is to show both. Read/Only images can be configured by modifying the "additionalimagestores" in the /etc/containers/storage.conf file.
**reference=**
Filter by image name, specified as regular expressions.
**--format**=*format*
Change the default output format. This can be of a supported type like 'json'
or a Go template.
**--noheading**, **-n**
Omit the table headings from the listing of images.
**--no-trunc**, **--notruncate**
Do not truncate output.
**--quiet**, **-q**
Lists only the image IDs.
**--sort**=*sort*
Sort by created, id, repository, size or tag (default: created)
## EXAMPLE
```
# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/kubernetes/pause latest e3d42bcaf643 3 years ago 251 kB
<none> <none> ebb91b73692b 4 weeks ago 27.2 MB
docker.io/library/ubuntu latest 4526339ae51c 6 weeks ago 126 MB
```
```
# podman images --quiet
e3d42bcaf643
ebb91b73692b
4526339ae51c
```
```
# podman images --noheading
docker.io/kubernetes/pause latest e3d42bcaf643 3 years ago 251 kB
<none> <none> ebb91b73692b 4 weeks ago 27.2 MB
docker.io/library/ubuntu latest 4526339ae51c 6 weeks ago 126 MB
```
```
# podman images --no-trunc
REPOSITORY TAG IMAGE ID CREATED SIZE
docker.io/kubernetes/pause latest sha256:e3d42bcaf643097dd1bb0385658ae8cbe100a80f773555c44690d22c25d16b27 3 years ago 251 kB
<none> <none> sha256:ebb91b73692bd27890685846412ae338d13552165eacf7fcd5f139bfa9c2d6d9 4 weeks ago 27.2 MB
docker.io/library/ubuntu latest sha256:4526339ae51c3cdc97956a7a961c193c39dfc6bd9733b0d762a36c6881b5583a 6 weeks ago 126 MB
```
```
# podman images --format "table {{.ID}} {{.Repository}} {{.Tag}}"
IMAGE ID REPOSITORY TAG
e3d42bcaf643 docker.io/kubernetes/pause latest
ebb91b73692b <none> <none>
4526339ae51c docker.io/library/ubuntu latest
```
```
# podman images --filter dangling=true
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> ebb91b73692b 4 weeks ago 27.2 MB
```
```
# podman images --format json
[
{
"id": "e3d42bcaf643097dd1bb0385658ae8cbe100a80f773555c44690d22c25d16b27",
"names": [
"docker.io/kubernetes/pause:latest"
],
"digest": "sha256:0aecf73ff86844324847883f2e916d3f6984c5fae3c2f23e91d66f549fe7d423",
"created": "2014-07-19T07:02:32.267701596Z",
"size": 250665
},
{
"id": "ebb91b73692bd27890685846412ae338d13552165eacf7fcd5f139bfa9c2d6d9",
"names": [
"\u003cnone\u003e"
],
"digest": "sha256:ba7e4091d27e8114a205003ca6a768905c3395d961624a2c78873d9526461032",
"created": "2017-10-26T03:07:22.796184288Z",
"size": 27170520
},
{
"id": "4526339ae51c3cdc97956a7a961c193c39dfc6bd9733b0d762a36c6881b5583a",
"names": [
"docker.io/library/ubuntu:latest"
],
"digest": "sha256:193f7734ddd68e0fb24ba9af8c2b673aecb0227b026871f8e932dab45add7753",
"created": "2017-10-10T20:59:05.10196344Z",
"size": 126085200
}
]
```
```
# podman images --sort repository
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 2460217d76fc About a minute ago 4.41 MB
docker.io/library/alpine latest 3fd9065eaf02 5 months ago 4.41 MB
localhost/myapp latest b2e0ad03474a About a minute ago 4.41 MB
registry.access.redhat.com/rhel7 latest 7a840db7f020 2 weeks ago 211 MB
registry.fedoraproject.org/fedora 27 801894bc0e43 6 weeks ago 246 MB
```
```
# podman images
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/test latest 18f0c080cd72 4 seconds ago 4.42 MB
docker.io/library/alpine latest 3fd9065eaf02 5 months ago 4.41 MB
# podman images -a
REPOSITORY TAG IMAGE ID CREATED SIZE
localhost/test latest 18f0c080cd72 6 seconds ago 4.42 MB
<none> <none> 270e70dc54c0 7 seconds ago 4.42 MB
<none> <none> 4ed6fbe43414 8 seconds ago 4.41 MB
<none> <none> 6b0df8e71508 8 seconds ago 4.41 MB
docker.io/library/alpine latest 3fd9065eaf02 5 months ago 4.41 MB
```
## SEE ALSO
podman(1), containers-storage.conf(5)
## HISTORY
March 2017, Originally compiled by Dan Walsh <dwalsh@redhat.com>

111
docs/source/markdown/podman-import.1.md Normal file
View File

@ -0,0 +1,111 @@
% podman-import(1)
## NAME
podman\-import - Import a tarball and save it as a filesystem image
## SYNOPSIS
**podman import** [*options*] *path* [*reference*]
**podman image import** [*options*] *path* [*reference*]
## DESCRIPTION
**podman import** imports a tarball (.tar, .tar.gz, .tgz, .bzip, .tar.xz, .txz)
and saves it as a filesystem image. Remote tarballs can be specified using a URL.
Various image instructions can be configured with the **--change** flag and
a commit message can be set using the **--message** flag.
**reference**, if present, is a tag to assign to the image.
Note: `:` is a restricted character and cannot be part of the file name.
## OPTIONS
**-c**, **--change**=*instruction*
Apply the following possible instructions to the created image:
**CMD** | **ENTRYPOINT** | **ENV** | **EXPOSE** | **LABEL** | **STOPSIGNAL** | **USER** | **VOLUME** | **WORKDIR**
Can be set multiple times
**--message**, **-m**=*message*
Set commit message for imported image
**--quiet**, **-q**
Shows progress on the import
**-verbose**
Print additional debugging information
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman import --change CMD=/bin/bash --change ENTRYPOINT=/bin/sh --change LABEL=blue=image ctr.tar image-imported
Getting image source signatures
Copying blob sha256:b41deda5a2feb1f03a5c1bb38c598cbc12c9ccd675f438edc6acd815f7585b86
25.80 MB / 25.80 MB [======================================================] 0s
Copying config sha256:c16a6d30f3782288ec4e7521c754acc29d37155629cb39149756f486dae2d4cd
448 B / 448 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
db65d991f3bbf7f31ed1064db9a6ced7652e3f8166c4736aa9133dadd3c7acb3
```
```
$ podman import --change "ENTRYPOINT ["/bin/sh","-c","test-image"]" --change LABEL=blue=image test-image.tar image-imported
Getting image source signatures
Copying blob e3b0c44298fc skipped: already exists
Copying config 1105523502 done
Writing manifest to image destination
Storing signatures
110552350206337183ceadc0bdd646dc356e06514c548b69a8917b4182414b
```
```
$ podman import --change "CMD /bin/sh" --change LABEL=blue=image test-image.tar image-imported
Getting image source signatures
Copying blob e3b0c44298fc skipped: already exists
Copying config ae9a27e249 done
Writing manifest to image destination
Storing signatures
ae9a27e249f801aff11a4ba54a81751ea9fbc9db45a6df3f1bfd63fc2437bb9c
```
```
$ cat ctr.tar | podman -q import --message "importing the ctr.tar tarball" - image-imported
db65d991f3bbf7f31ed1064db9a6ced7652e3f8166c4736aa9133dadd3c7acb3
```
```
$ cat ctr.tar | podman import -
Getting image source signatures
Copying blob sha256:b41deda5a2feb1f03a5c1bb38c598cbc12c9ccd675f438edc6acd815f7585b86
25.80 MB / 25.80 MB [======================================================] 0s
Copying config sha256:d61387b4d5edf65edee5353e2340783703074ffeaaac529cde97a8357eea7645
378 B / 378 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
db65d991f3bbf7f31ed1064db9a6ced7652e3f8166c4736aa9133dadd3c7acb3
```
```
$ podman import http://example.com/ctr.tar url-image
Downloading from "http://example.com/ctr.tar"
Getting image source signatures
Copying blob sha256:b41deda5a2feb1f03a5c1bb38c598cbc12c9ccd675f438edc6acd815f7585b86
25.80 MB / 25.80 MB [======================================================] 0s
Copying config sha256:5813fe8a3b18696089fd09957a12e88bda43dc1745b5240879ffffe93240d29a
419 B / 419 B [============================================================] 0s
Writing manifest to image destination
Storing signatures
db65d991f3bbf7f31ed1064db9a6ced7652e3f8166c4736aa9133dadd3c7acb3
```
## SEE ALSO
podman(1), podman-export(1)
## HISTORY
November 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

151
docs/source/markdown/podman-info.1.md Normal file
View File

@ -0,0 +1,151 @@
% podman-info(1)
## NAME
podman\-info - Displays Podman related system information
## SYNOPSIS
**podman info** [*options*]
**podman system info** [*options*]
## DESCRIPTION
Displays information pertinent to the host, current storage stats, configured container registries, and build of podman.
## OPTIONS
**-D**, **--debug**
Show additional information
**-f**, **--format**=*format*
Change output format to "json" or a Go template.
## EXAMPLE
Run podman info with plain text response:
```
$ podman info
host:
BuildahVersion: 1.4-dev
Conmon:
package: Unknown
path: /usr/libexec/podman/conmon
version: 'conmon version 1.12.0-dev, commit: d724f3d54ad2d95b6de741085d4990190ebfd7ff'
Distribution:
distribution: fedora
version: "28"
MemFree: 1271083008
MemTotal: 33074233344
OCIRuntime:
package: runc-1.0.0-51.dev.gitfdd8055.fc28.x86_64
path: /usr/bin/runc
version: 'runc version spec: 1.0.0'
SwapFree: 34309664768
SwapTotal: 34359734272
arch: amd64
cpus: 8
hostname: localhost.localdomain
kernel: 4.18.7-200.fc28.x86_64
os: linux
uptime: 218h 49m 33.66s (Approximately 9.08 days)
registries:
blocked: null
insecure: null
search:
- quay.io
- registry.fedoraproject.org
- docker.io
- registry.redhat.io
store:
ConfigFile: /etc/containers/storage.conf
ContainerStore:
number: 37
GraphDriverName: overlay
GraphOptions:
- overlay.mountopt=nodev
- overlay.override_kernel_check=true
GraphRoot: /var/lib/containers/storage
GraphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "true"
Supports d_type: "true"
ImageStore:
number: 17
RunRoot: /var/run/containers/storage
```
Run podman info with JSON formatted response:
```
{
"host": {
"BuildahVersion": "1.4-dev",
"Conmon": {
"package": "Unknown",
"path": "/usr/libexec/podman/conmon",
"version": "conmon version 1.12.0-dev, commit: d724f3d54ad2d95b6de741085d4990190ebfd7ff"
},
"Distribution": {
"distribution": "fedora",
"version": "28"
},
"MemFree": 1204109312,
"MemTotal": 33074233344,
"OCIRuntime": {
"package": "runc-1.0.0-51.dev.gitfdd8055.fc28.x86_64",
"path": "/usr/bin/runc",
"version": "runc version spec: 1.0.0"
},
"SwapFree": 34309664768,
"SwapTotal": 34359734272,
"arch": "amd64",
"cpus": 8,
"hostname": "localhost.localdomain",
"kernel": "4.18.7-200.fc28.x86_64",
"os": "linux",
"uptime": "218h 50m 35.02s (Approximately 9.08 days)"
},
"insecure registries": {
"registries": []
},
"registries": {
"registries": [
"quay.io",
"registry.fedoraproject.org",
"docker.io",
"registry.access.redhat.com"
]
},
"store": {
"ContainerStore": {
"number": 37
},
"GraphDriverName": "overlay",
"GraphOptions": [
"overlay.mountopt=nodev",
"overlay.override_kernel_check=true"
],
"GraphRoot": "/var/lib/containers/storage",
"GraphStatus": {
"Backing Filesystem": "extfs",
"Native Overlay Diff": "true",
"Supports d_type": "true"
},
"ImageStore": {
"number": 17
},
"RunRoot": "/var/run/containers/storage"
}
}
```
Run podman info and only get the registries information.
```
$ podman info --format={{".registries"}}
map[registries:[docker.io quay.io registry.fedoraproject.org registry.access.redhat.com]]
```
## SEE ALSO
podman(1), containers-registries.conf(5), containers-storage.conf(5)

44
docs/source/markdown/podman-init.1.md Normal file
View File

@ -0,0 +1,44 @@
% podman-init(1)
## NAME
podman\-init - Initialize one or more containers
## SYNOPSIS
**podman init** [*options*] *container* [*container*...]
**podman container init** [*options*] *container* [*container*...]
## DESCRIPTION
Initialize one or more containers.
You may use container IDs or names as input.
Initializing a container performs all tasks necessary for starting the container (mounting filesystems, creating an OCI spec, initializing the container network) but does not start the container.
If a container is not initialized, the `podman start` and `podman run` commands will do so automatically prior to starting it.
This command is intended to be used for inspecting or modifying the container's filesystem or OCI spec prior to starting it.
This can be used to inspect the container before it runs, or debug why a container is failing to run.
## OPTIONS
**--all**, **-a**
Initialize all containers. Containers that have already initialized (including containers that have been started and are running) are ignored.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
## EXAMPLE
podman init 35480fc9d568
podman init test1
podman init --latest
## SEE ALSO
podman(1), podman-start(1)
## HISTORY
April 2019, Originally compiled by Matthew Heon <mheon@redhat.com>

115
docs/source/markdown/podman-inspect.1.md Normal file
View File

@ -0,0 +1,115 @@
% podman-inspect(1)
## NAME
podman\-inspect - Display a container or image's configuration
## SYNOPSIS
**podman inspect** [*options*] *name* [...]
**podman image inspect** [*options*] *image*
**podman container inspect** [*options*] *container*
## DESCRIPTION
This displays the low-level information on containers and images identified by name or ID. By default, this will render
all results in a JSON array. If the container and image have the same name, this will return container JSON for
unspecified type. If a format is specified, the given template will be executed for each result.
## OPTIONS
**--type**, **-t**=*type*
Return JSON for the specified type. Type can be 'container', 'image' or 'all' (default: all)
(Only meaningful when invoked as *podman inspect*)
**--format**, **-f**=*format*
Format the output using the given Go template.
The keys of the returned JSON can be used as the values for the --format flag (see examples below).
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client or when invoked as *podman image inspect*.
**--size**, **-s**
Display the total file size if the type is a container
## EXAMPLE
```
# podman inspect fedora
{
"Id": "422dc563ca3260ad9ef5c47a1c246f5065d7f177ce51f4dd208efd82967ff182",
"Digest": "sha256:1b9bfb4e634dc1e5c19d0fa1eb2e5a28a5c2b498e3d3e4ac742bd7f5dae08611",
"RepoTags": [
"docker.io/library/fedora:latest"
],
"RepoDigests": [
"docker.io/library/fedora@sha256:1b9bfb4e634dc1e5c19d0fa1eb2e5a28a5c2b498e3d3e4ac742bd7f5dae08611"
],
"Parent": "",
"Comment": "",
"Created": "2017-11-14T21:07:08.475840838Z",
"Config": {
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"DISTTAG=f27container",
"FGC=f27",
"FBR=f27"
]
},
"Version": "17.06.2-ce",
"Author": "[Adam Miller \u003cmaxamillion@fedoraproject.org\u003e] [Patrick Uiterwijk \u003cpatrick@puiterwijk.org\u003e]",
"Architecture": "amd64",
"Os": "linux",
"Size": 251722732,
"VirtualSize": 514895140,
"GraphDriver": {
"Name": "overlay",
"Data": {
"MergedDir": "/var/lib/containers/storage/overlay/d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516/merged",
"UpperDir": "/var/lib/containers/storage/overlay/d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516/diff",
"WorkDir": "/var/lib/containers/storage/overlay/d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516/work"
}
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:d32459d9ce237564fb93573b85cbc707600d43fbe5e46e8eeef22cad914bb516"
]
},
"Labels": null,
"Annotations": {}
}
```
```
# podman inspect a04 --format "{{.ImageName}}"
fedora
```
```
# podman inspect a04 --format "{{.GraphDriver.Name}}"
overlay
```
```
# podman image inspect --format "size: {{.Size}}" alpine
size: 4405240
```
```
podman container inspect --latest --format {{.EffectiveCaps}}
[CAP_CHOWN CAP_DAC_OVERRIDE CAP_FSETID CAP_FOWNER CAP_MKNOD CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SETFCAP CAP_SETPCAP CAP_NET_BIND_SERVICE CAP_SYS_CHROOT CAP_KILL CAP_AUDIT_WRITE]
```
## SEE ALSO
podman(1)
## HISTORY
July 2017, Originally compiled by Dan Walsh <dwalsh@redhat.com>

47
docs/source/markdown/podman-kill.1.md Normal file
View File

@ -0,0 +1,47 @@
% podman-kill(1)
## NAME
podman\-kill - Kill the main process in one or more containers
## SYNOPSIS
**podman kill** [*options*] [*container* ...]
**podman container kill** [*options*] [*container* ...]
## DESCRIPTION
The main process inside each container specified will be sent SIGKILL, or any signal specified with option --signal.
## OPTIONS
**--all**, **-a**
Signal all running containers. This does not include paused containers.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
**--signal**, **s**
Signal to send to the container. For more information on Linux signals, refer to *man signal(7)*.
## EXAMPLE
podman kill mywebserver
podman kill 860a4b23
podman kill --signal TERM 860a4b23
podman kill --latest
podman kill --signal KILL -a
## SEE ALSO
podman(1), podman-stop(1)
## HISTORY
September 2017, Originally compiled by Brent Baude <bbaude@redhat.com>

79
docs/source/markdown/podman-load.1.md Normal file
View File

@ -0,0 +1,79 @@
% podman-load(1)
## NAME
podman\-load - Load an image from a container image archive into container storage
## SYNOPSIS
**podman load** [*options*] [*name*[:*tag*]]
**podman image load** [*options*] [*name*[:*tag*]]
## DESCRIPTION
**podman load** loads an image from either an **oci-archive** or **docker-archive** stored on the local machine into container storage. **podman load** reads from stdin by default or a file if the **input** option is set.
You can also specify a name for the image if the archive does not contain a named reference, of if you want an additional name for the local image.
The **quiet** option suppresses the progress output when set.
Note: `:` is a restricted character and cannot be part of the file name.
**podman [GLOBAL OPTIONS]**
**podman load [GLOBAL OPTIONS]**
**podman load [OPTIONS] NAME[:TAG]**
## OPTIONS
**--input**, **-i**=*input*
Read from archive file, default is STDIN.
The remote client requires the use of this option.
**--quiet**, **-q**
Suppress the progress output
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman load --quiet -i fedora.tar
```
```
$ podman load -q -i fedora.tar
```
```
$ podman load < fedora.tar
Getting image source signatures
Copying blob sha256:5bef08742407efd622d243692b79ba0055383bbce12900324f75e56f589aedb0
0 B / 4.03 MB [---------------------------------------------------------------]
Copying config sha256:7328f6f8b41890597575cbaadc884e7386ae0acc53b747401ebce5cf0d624560
0 B / 1.48 KB [---------------------------------------------------------------]
Writing manifest to image destination
Storing signatures
Loaded image: registry.fedoraproject.org/fedora:latest
```
```
$ cat fedora.tar | podman load
Getting image source signatures
Copying blob sha256:5bef08742407efd622d243692b79ba0055383bbce12900324f75e56f589aedb0
0 B / 4.03 MB [---------------------------------------------------------------]
Copying config sha256:7328f6f8b41890597575cbaadc884e7386ae0acc53b747401ebce5cf0d624560
0 B / 1.48 KB [---------------------------------------------------------------]
Writing manifest to image destination
Storing signatures
Loaded image: registry.fedoraproject.org/fedora:latest
```
## SEE ALSO
podman(1), podman-save(1), podman-tag(1)
## HISTORY
July 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

107
docs/source/markdown/podman-login.1.md Normal file
View File

@ -0,0 +1,107 @@
% podman-login(1)
## NAME
podman\-login - Login to a container registry
## SYNOPSIS
**podman login** [*options*] *registry*
## DESCRIPTION
**podman login** logs into a specified registry server with the correct username
and password. **podman login** reads in the username and password from STDIN.
The username and password can also be set using the **username** and **password** flags.
The path of the authentication file can be specified by the user by setting the **authfile**
flag. The default path used is **${XDG\_RUNTIME\_DIR}/containers/auth.json**.
**podman [GLOBAL OPTIONS]**
**podman login [GLOBAL OPTIONS]**
**podman login [OPTIONS] REGISTRY [GLOBAL OPTIONS]**
## OPTIONS
**--password**, **-p**=*password*
Password for registry
**--password-stdin**
Take the password from stdin
**--username**, **-u=***username*
Username for registry
**--authfile**=*path*
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json (Not available for remote commands)
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--get-login**
Return the logged-in user for the registry. Return error if no login is found.
**--cert-dir**=*path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
**--tls-verify**=*true|false*
Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true,
then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified,
TLS verification will be used unless the target registry is listed as an insecure registry in registries.conf. (Not available for remote commands)
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman login docker.io
Username: umohnani
Password:
Login Succeeded!
```
```
$ podman login -u testuser -p testpassword localhost:5000
Login Succeeded!
```
```
$ podman login --authfile authdir/myauths.json docker.io
Username: umohnani
Password:
Login Succeeded!
```
```
$ podman login --tls-verify=false -u test -p test localhost:5000
Login Succeeded!
```
```
$ podman login --cert-dir /etc/containers/certs.d/ -u foo -p bar localhost:5000
Login Succeeded!
```
```
$ podman login -u testuser --password-stdin < testpassword.txt docker.io
Login Succeeded!
```
```
$ echo $testpassword | podman login -u testuser --password-stdin docker.io
Login Succeeded!
```
## SEE ALSO
podman(1), podman-logout(1)
## HISTORY
August 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

59
docs/source/markdown/podman-logout.1.md Normal file
View File

@ -0,0 +1,59 @@
% podman-logout(1)
## NAME
podman\-logout - Logout of a container registry
## SYNOPSIS
**podman logout** [*options*] *registry*
## DESCRIPTION
**podman logout** logs out of a specified registry server by deleting the cached credentials
stored in the **auth.json** file. The path of the authentication file can be overridden by the user by setting the **authfile** flag.
The default path used is **${XDG\_RUNTIME\_DIR}/containers/auth.json**.
All the cached credentials can be removed by setting the **all** flag.
**podman [GLOBAL OPTIONS]**
**podman logout [GLOBAL OPTIONS]**
**podman logout [OPTIONS] REGISTRY [GLOBAL OPTIONS]**
## OPTIONS
**--authfile**=*path*
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json (Not available for remote commands)
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--all**, **-a**
Remove the cached credentials for all registries in the auth file
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman logout docker.io
Remove login credentials for https://registry-1.docker.io/v2/
```
```
$ podman logout --authfile authdir/myauths.json docker.io
Remove login credentials for https://registry-1.docker.io/v2/
```
```
$ podman logout --all
Remove login credentials for all registries
```
## SEE ALSO
podman(1), podman-login(1)
## HISTORY
August 2017, Originally compiled by Urvashi Mohnani <umohnani@redhat.com>

100
docs/source/markdown/podman-logs.1.md Normal file
View File

@ -0,0 +1,100 @@
% podman-logs(1)
## NAME
podman\-logs - Display the logs of one or more containers
## SYNOPSIS
**podman logs** [*options*] *container* [*container...*]
**podman container logs** [*options*] *container* [*container...*]
## DESCRIPTION
The podman logs command batch-retrieves whatever logs are present for one or more containers at the time of execution.
This does not guarantee execution order when combined with podman run (i.e. your run may not have generated
any logs at the time you execute podman logs
## OPTIONS
**--follow**, **-f**
Follow log output. Default is false.
Note: If you are following a container which is removed `podman container rm`
or removed on exit `podman run --rm ...`, then there is a chance the the log
file will be removed before `podman logs` reads the final content.
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container. If you use methods other than Podman
to run containers such as CRI-O, the last started container could be from either of those methods.
The latest option is not supported on the remote client.
**--since**=*TIMESTAMP*
Show logs since TIMESTAMP. The --since option can be Unix timestamps, date formatted timestamps, or Go duration
strings (e.g. 10m, 1h30m) computed relative to the client machine's time. Supported formats for date formatted
time stamps include RFC3339Nano, RFC3339, 2006-01-02T15:04:05, 2006-01-02T15:04:05.999999999, 2006-01-02Z07:00,
and 2006-01-02.
**--tail**=*LINES*
Output the specified number of LINES at the end of the logs. LINES must be a positive integer. Defaults to 0,
which prints all lines
**--timestamps**, **-t**
Show timestamps in the log outputs. The default is false
## EXAMPLE
To view a container's logs:
```
podman logs -t b3f2436bdb978c1d33b1387afb5d7ba7e3243ed2ce908db431ac0069da86cb45
2017/08/07 10:16:21 Seeked /var/log/crio/pods/eb296bd56fab164d4d3cc46e5776b54414af3bf543d138746b25832c816b933b/c49f49788da14f776b7aa93fb97a2a71f9912f4e5a3e30397fca7dfe0ee0367b.log - &{Offset:0 Whence:0}
1:C 07 Aug 14:10:09.055 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 07 Aug 14:10:09.055 # Redis version=4.0.1, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 07 Aug 14:10:09.055 # Warning: no config file specified, using the default config. In order to specify a config file use redis-server /path/to/redis.conf
1:M 07 Aug 14:10:09.055 # You requested maxclients of 10000 requiring at least 10032 max file descriptors.
1:M 07 Aug 14:10:09.055 # Server can't set maximum open files to 10032 because of OS error: Operation not permitted.
1:M 07 Aug 14:10:09.055 # Current maximum open files is 4096. maxclients has been reduced to 4064 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'.
1:M 07 Aug 14:10:09.056 * Running mode=standalone, port=6379.
1:M 07 Aug 14:10:09.056 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 07 Aug 14:10:09.056 # Server initialized
```
To view only the last two lines in container's log:
```
podman logs --tail 2 b3f2436bdb97
# WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
# Server initialized
```
To view a containers logs since a certain time:
```
podman logs -t --since 2017-08-07T10:10:09.055837383-04:00 myserver
1:M 07 Aug 14:10:09.055 # Server can't set maximum open files to 10032 because of OS error: Operation not permitted.
1:M 07 Aug 14:10:09.055 # Current maximum open files is 4096. maxclients has been reduced to 4064 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'.
1:M 07 Aug 14:10:09.056 * Running mode=standalone, port=6379.
1:M 07 Aug 14:10:09.056 # WARNING: The TCP backlog setting of 511 cannot be enforced because /proc/sys/net/core/somaxconn is set to the lower value of 128.
1:M 07 Aug 14:10:09.056 # Server initialized
```
To view a container's logs generated in the last 10 minutes:
```
podman logs --since 10m myserver
# Server can't set maximum open files to 10032 because of OS error: Operation not permitted.
# Current maximum open files is 4096. maxclients has been reduced to 4064 to compensate for low ulimit. If you need higher maxclients increase 'ulimit -n'.
```
## SEE ALSO
podman(1), podman-run(1), podman-container-rm(1)
## HISTORY
February 2018, Updated by Brent Baude <bbaude@redhat.com>
August 2017, Originally compiled by Ryan Cole <rycole@redhat.com>

73
docs/source/markdown/podman-mount.1.md Normal file
View File

@ -0,0 +1,73 @@
% podman-mount(1)
## NAME
podman\-mount - Mount a working container's root filesystem
## SYNOPSIS
**podman mount** [*container* ...]
**podman container mount** [*container* ...]
## DESCRIPTION
Mounts the specified containers' root file system in a location which can be
accessed from the host, and returns its location.
If you execute the command without any arguments, the tool will list all of the
currently mounted containers.
## RETURN VALUE
The location of the mounted file system. On error an empty string and errno is
returned.
## OPTIONS
**--all**, **a**
Mount all containers.
**--format**=*format*
Print the mounted containers in specified format (json)
**--latest**, **-l**
Instead of providing the container name or ID, use the last created container.
If you use methods other than Podman to run containers such as CRI-O, the last
started container could be from either of those methods.
The latest option is not supported on the remote client.
**--notruncate**
Do not truncate IDs in output.
## EXAMPLE
```
podman mount c831414b10a3
/var/lib/containers/storage/overlay/f3ac502d97b5681989dff84dfedc8354239bcecbdc2692f9a639f4e080a02364/merged
```
```
podman mount
c831414b10a3 /var/lib/containers/storage/overlay/f3ac502d97b5681989dff84dfedc8354239bcecbdc2692f9a639f4e080a02364/merged
a7060253093b /var/lib/containers/storage/overlay/0ff7d7ca68bed1ace424f9df154d2dd7b5a125c19d887f17653cbcd5b6e30ba1/merged
```
```
podman mount c831414b10a3 a7060253093b
/var/lib/containers/storage/overlay/f3ac502d97b5681989dff84dfedc8354239bcecbdc2692f9a639f4e080a02364/merged
/var/lib/containers/storage/overlay/0ff7d7ca68bed1ace424f9df154d2dd7b5a125c19d887f17653cbcd5b6e30ba1/merged
```
```
podman mount
c831414b10a3 /var/lib/containers/storage/overlay/f3ac502d97b5681989dff84dfedc8354239bcecbdc2692f9a639f4e080a02364/merged
a7060253093b /var/lib/containers/storage/overlay/0ff7d7ca68bed1ace424f9df154d2dd7b5a125c19d887f17653cbcd5b6e30ba1/merged
```
## SEE ALSO
podman(1), podman-umount(1), mount(8)

75
docs/source/markdown/podman-network-create.1.md Normal file
View File

@ -0,0 +1,75 @@
% podman-network-create(1)
## NAME
podman\-network-create - Create a Podman CNI network
## SYNOPSIS
**podman network create** [*options*] name
## DESCRIPTION
Create a CNI-network configuration for use with Podman. At the time of this writing, the only network
type that can be created is a *bridge* network.
If no options are provided, Podman will assign a free subnet and name for your network.
Upon completion of creating the network, Podman will display the path to the newly added network file.
## OPTIONS
**--disable-dns**
Disables the DNS plugin for this network which if enabled, can perform container to container name
resolution.
**-d**, , **--driver**
Driver to manage the network (default "bridge"). Currently on `bridge` is supported.
**--gateway**
Define a gateway for the subnet. If you want to provide a gateway address, you must also provide a
*subnet* option.
**--internal**
Restrict external access of this network
**--ip-range**
Allocate container IP from a range. The range must be a complete subnet and in CIDR notation. The *ip-range* option
must be used with a *subnet* option.
**--subnet**
The subnet in CIDR notation.
## EXAMPLE
Create a network with no options
```
# podman network create
/etc/cni/net.d/cni-podman-4.conflist
```
Create a network named *newnet* that uses *192.5.0.0/16* for its subnet.
```
# podman network create --subnet 192.5.0.0/16 newnet
/etc/cni/net.d/newnet.conflist
```
Create a network named *newnet* that uses *192.168.33.0/24* and defines a gateway as *192.168.133.3*
```
# podman network create --subnet 192.168.33.0/24 --gateway 192.168.33.3 newnet
/etc/cni/net.d/newnet.conflist
```
Create a network that uses a *192.168.55.0/24** subnet and has an IP address range of *192.168.55.129 - 192.168.55.254*.
```
# podman network create --subnet 192.168.55.0/24 --ip-range 192.168.55.128/25
/etc/cni/net.d/cni-podman-5.conflist
```
## SEE ALSO
podman(1), podman-network(1), podman-network-inspect(1)
## HISTORY
August 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

50
docs/source/markdown/podman-network-inspect.1.md Normal file
View File

@ -0,0 +1,50 @@
% podman-network-inspect(1)
## NAME
podman\-network\-inspect - Displays the raw CNI network configuration for one or more networks
## SYNOPSIS
**podman network inspect** [*network* ...]
## DESCRIPTION
Display the raw (JSON format) network configuration. This command is not available for rootless users.
## EXAMPLE
Inspect the default podman network
```
# podman network inspect podman
[{
"cniVersion": "0.3.0",
"name": "podman",
"plugins": [
{
"type": "bridge",
"bridge": "cni0",
"isGateway": true,
"ipMasq": true,
"ipam": {
"type": "host-local",
"subnet": "10.88.1.0/24",
"routes": [
{ "dst": "0.0.0.0/0" }
]
}
},
{
"type": "portmap",
"capabilities": {
"portMappings": true
}
}
]
}
]
```
## SEE ALSO
podman(1), podman-network(1), podman-network-ls(1)
## HISTORY
August 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

43
docs/source/markdown/podman-network-ls.1.md Normal file
View File

@ -0,0 +1,43 @@
% podman-network-ls(1)
## NAME
podman\-network\-ls - Display a summary of CNI networks
## SYNOPSIS
**podman network ls** [*options*]
## DESCRIPTION
Displays a list of existing podman networks. This command is not available for rootless users.
## OPTIONS
**--quiet**, **-q**
The `quiet` option will restrict the output to only the network names
## EXAMPLE
Display networks
```
# podman network ls
NAME VERSION PLUGINS
podman 0.3.0 bridge,portmap
podman2 0.3.0 bridge,portmap
outside 0.3.0 bridge
podman9 0.3.0 bridge,portmap
```
Display only network names
```
# podman network ls -q
podman
podman2
outside
podman9
```
## SEE ALSO
podman(1), podman-network(1), podman-network-inspect(1)
## HISTORY
August 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

38
docs/source/markdown/podman-network-rm.1.md Normal file
View File

@ -0,0 +1,38 @@
% podman-network-rm(1)
## NAME
podman\-network\-rm - Remove one or more CNI networks
## SYNOPSIS
**podman network rm** [*network...*]
## DESCRIPTION
Delete one or more Podman networks.
## OPTIONS
**--force**, **-f**
The `force` option will remove all containers that use the named network. If the container is
running, the container will be stopped and removed.
## EXAMPLE
Delete the `cni-podman9` network
```
# podman network rm cni-podman9
Deleted: cni-podman9
```
Delete the `fred` network and all containers associated with the network.
```
# podman network rm -f fred
Deleted: fred
```
## SEE ALSO
podman(1), podman-network(1), podman-network-inspect(1)
## HISTORY
August 2019, Originally compiled by Brent Baude <bbaude@redhat.com>

22
docs/source/markdown/podman-network.1.md Normal file
View File

@ -0,0 +1,22 @@
% podman-network(1)
## NAME
podman\-network - Manage Podman CNI networks
## SYNOPSIS
**podman network** *subcommand*
## DESCRIPTION
The network command manages CNI networks for Podman. It is not supported for rootless users.
## COMMANDS
| Command | Man Page | Description |
| ------- | --------------------------------------------------- | ---------------------------------------------------------------------------- |
| create | [podman-network-create(1)](podman-network-create.1.md)| Create a Podman CNI network|
| inspect | [podman-network-inspect(1)](podman-network-inspect.1.md)| Displays the raw CNI network configuration for one or more networks|
| ls | [podman-network-ls(1)](podman-network-ls.1.md)| Display a summary of CNI networks |
| rm | [podman-network-rm(1)](podman-network-rm.1.md)| Remove one or more CNI networks |
## SEE ALSO
podman(1)

41
docs/source/markdown/podman-pause.1.md Normal file
View File

@ -0,0 +1,41 @@
% podman-pause(1)
## NAME
podman\-pause - Pause one or more containers
## SYNOPSIS
**podman pause** [*options*] [*container*...]
**podman container pause** [*options*] [*container*...]
## DESCRIPTION
Pauses all the processes in one or more containers. You may use container IDs or names as input.
## OPTIONS
**--all**, **-a**
Pause all running containers.
## EXAMPLE
Pause a container named 'mywebserver'
```
podman pause mywebserver
```
Pause a container by partial container ID.
```
podman pause 860a4b23
```
Pause all **running** containers.
```
podman stop -a
```
## SEE ALSO
podman(1), podman-unpause(1)
## HISTORY
September 2017, Originally compiled by Dan Walsh <dwalsh@redhat.com>

65
docs/source/markdown/podman-play-kube.1.md Normal file
View File

@ -0,0 +1,65 @@
% podman-play-kube(1)
## NAME
podman-play-kube - Create pods and containers based on Kubernetes YAML
## SYNOPSIS
**podman play kube** [*options*] *file*__.yml__
## DESCRIPTION
**podman play kube** will read in a structured file of Kubernetes YAML. It will then recreate
the pod and containers described in the YAML. The containers within the pod are then started and
the ID of the new Pod is output.
Ideally the input file would be one created by Podman (see podman-generate-kube(1)). This would guarantee a smooth import and expected results.
Note: HostPath volume types created by play kube will be given an SELinux private label (Z)
## OPTIONS:
**--authfile**=*path*
Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `podman login`.
If the authorization state is not found there, $HOME/.docker/config.json is checked, which is set using `docker login`. (Not available for remote commands)
Note: You can also override the default path of the authentication file by setting the REGISTRY\_AUTH\_FILE
environment variable. `export REGISTRY_AUTH_FILE=path`
**--cert-dir**=*path*
Use certificates at *path* (\*.crt, \*.cert, \*.key) to connect to the registry.
Default certificates directory is _/etc/containers/certs.d_. (Not available for remote commands)
**--creds**
The [username[:password]] to use to authenticate with the registry if required.
If one or both values are not supplied, a command line prompt will appear and the
value can be entered. The password is entered without echo.
**--quiet**, **-q**
Suppress output information when pulling images
**--tls-verify**=*true|false*
Require HTTPS and verify certificates when contacting registries (default: true). If explicitly set to true,
then TLS verification will be used. If set to false, then TLS verification will not be used. If not specified,
TLS verification will be used unless the target registry is listed as an insecure registry in registries.conf. (Not available for remote commands)
**--help**, **-h**
Print usage statement
## Examples
Recreate the pod and containers as described in a file called `demo.yml`
```
$ podman play kube demo.yml
52182811df2b1e73f36476003a66ec872101ea59034ac0d4d3a7b40903b955a6
```
## SEE ALSO
podman(1), podman-container(1), podman-pod(1), podman-generate-kube(1), podman-play(1)
## HISTORY
December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

20
docs/source/markdown/podman-play.1.md Normal file
View File

@ -0,0 +1,20 @@
% podman-play(1)
## NAME
podman\-play - Play pods and containers based on a structured input file
## SYNOPSIS
**podman play** *subcommand*
## DESCRIPTION
The play command will recreate pods and containers based on the input from a structured (like YAML)
file input. Containers will be automatically started.
## COMMANDS
| Command | Man Page | Description |
| ------- | --------------------------------------------------- | ---------------------------------------------------------------------------- |
| kube | [podman-play-kube(1)](podman-play-kube.1.md) | Create pods and containers based on Kubernetes YAML. |
## SEE ALSO
podman, podman-pod(1), podman-container(1), podman-generate(1), podman-play(1), podman-play-kube(1)

94
docs/source/markdown/podman-pod-create.1.md Normal file
View File

@ -0,0 +1,94 @@
% podman-pod-create(1)
## NAME
podman\-pod\-create - Create a new pod
## SYNOPSIS
**podman pod create** [*options*]
## DESCRIPTION
Creates an empty pod, or unit of multiple containers, and prepares it to have
containers added to it. The pod id is printed to STDOUT. You can then use
**podman create --pod \<pod_id|pod_name\> ...** to add containers to the pod, and
**podman pod start \<pod_id|pod_name\>** to start the pod.
## OPTIONS
**--cgroup-parent**=*path*
Path to cgroups under which the cgroup for the pod will be created. If the path is not absolute, the path is considered to be relative to the cgroups path of the init process. Cgroups will be created if they do not already exist.
**--help**
Print usage statement
**--infra**
Create an infra container and associate it with the pod. An infra container is a lightweight container used to coordinate the shared kernel namespace of a pod. Default: true
**--infra-command**=*command*
The command that will be run to start the infra container. Default: "/pause"
**--infra-image**=*image*
The image that will be created for the infra container. Default: "k8s.gcr.io/pause:3.1"
**-l**, **--label**=*label*
Add metadata to a pod (e.g., --label com.example.key=value)
**--label-file**=*label*
Read in a line delimited file of labels
**-n**, **--name**=*name*
Assign a name to the pod
**--podidfile**=*podid*
Write the pod ID to the file
**-p**, **--publish**=*port*
Publish a port or range of ports from the pod to the host
Format: `ip:hostPort:containerPort | ip::containerPort | hostPort:containerPort | containerPort`
Both hostPort and containerPort can be specified as a range of ports.
When specifying ranges for both, the number of container ports in the range must match the number of host ports in the range.
Use `podman port` to see the actual mapping: `podman port CONTAINER $CONTAINERPORT`
NOTE: This cannot be modified once the pod is created.
**--share**=*namespace*
A comma delimited list of kernel namespaces to share. If none or "" is specified, no namespaces will be shared. The namespaces to choose from are ipc, net, pid, user, uts.
The operator can identify a pod in three ways:
UUID long identifier (“f78375b1c487e03c9438c729345e54db9d20cfa2ac1fc3494b6eb60872e74778”)
UUID short identifier (“f78375b1c487”)
Name (“jonah”)
podman generates a UUID for each pod, and if a name is not assigned
to the container with **--name** then a random string name will be generated
for it. The name is useful any place you need to identify a pod.
## EXAMPLES
```
$ podman pod create --name test
$ podman pod create --infra=false
$ podman pod create --infra-command /top
$ podman pod create --publish 8443:443
```
## SEE ALSO
podman-pod(1)
## HISTORY
July 2018, Originally compiled by Peter Hunt <pehunt@redhat.com>

37
docs/source/markdown/podman-pod-exists.1.md Normal file
View File

@ -0,0 +1,37 @@
% podman-pod-exists(1)
## NAME
podman-pod-exists - Check if a pod exists in local storage
## SYNOPSIS
**podman pod exists** *pod*
## DESCRIPTION
**podman pod exists** checks if a pod exists in local storage. The **ID** or **Name**
of the pod may be used as input. Podman will return an exit code
of `0` when the pod is found. A `1` will be returned otherwise. An exit code of `125` indicates there
was an issue accessing the local storage.
## Examples ##
Check if a pod called `web` exists in local storage (the pod does actually exist).
```
$ sudo podman pod exists web
$ echo $?
0
$
```
Check if a pod called `backend` exists in local storage (the pod does not actually exist).
```
$ sudo podman pod exists backend
$ echo $?
1
$
```
## SEE ALSO
podman-pod(1), podman(1)
## HISTORY
December 2018, Originally compiled by Brent Baude (bbaude at redhat dot com)

49
docs/source/markdown/podman-pod-inspect.1.md Normal file
View File

@ -0,0 +1,49 @@
% podman-pod-inspect(1)
## NAME
podman\-pod\-inspect - Displays information describing a pod
## SYNOPSIS
**podman pod inspect** [*options*] *pod* ...
## DESCRIPTION
Displays configuration and state information about a given pod. It also displays information about containers
that belong to the pod.
## OPTIONS
**--latest**, **-l**
Instead of providing the pod name or ID, use the last created pod. If you use methods other than Podman
to run pods such as CRI-O, the last started pod could be from either of those methods.
The latest option is not supported on the remote client.
## EXAMPLE
```
# podman pod inspect foobar
{
"Config": {
"id": "3513ca70583dd7ef2bac83331350f6b6c47d7b4e526c908e49d89ebf720e4693",
"name": "foobar",
"labels": {},
"cgroupParent": "/libpod_parent",
"UsePodCgroup": true,
"created": "2018-08-08T11:15:18.823115347-05:00"
},
"State": {
"CgroupPath": ""
},
"Containers": [
{
"id": "d53f8bf1e9730281264aac6e6586e327429f62c704abea4b6afb5d8a2b2c9f2c",
"state": "configured"
}
]
}
```
## SEE ALSO
podman-pod(1), podman-pod-ps(1)
## HISTORY
August 2018, Originally compiled by Brent Baude <bbaude@redhat.com>

45
docs/source/markdown/podman-pod-kill.1.md Normal file
View File

@ -0,0 +1,45 @@
% podman-pod-kill(1)
## NAME
podman\-pod\-kill - Kill the main process of each container in one or more pods
## SYNOPSIS
**podman pod kill** [*options*] *pod* ...
## DESCRIPTION
The main process of each container inside the pods specified will be sent SIGKILL, or any signal specified with option --signal.
## OPTIONS
**--all**, **-a**
Sends signal to all containers associated with a pod.
**--latest**, **-l**
Instead of providing the pod name or ID, use the last created pod. If you use methods other than Podman
to run pods such as CRI-O, the last started pod could be from either of those methods.
The latest option is not supported on the remote client.
**--signal**, **-s**
Signal to send to the containers in the pod. For more information on Linux signals, refer to *man signal(7)*.
## EXAMPLE
podman pod kill mywebserver
podman pod kill 860a4b23
podman pod kill --signal TERM 860a4b23
podman pod kill --latest
podman pod kill --all
## SEE ALSO
podman-pod(1), podman-pod-stop(1)
## HISTORY
July 2018, Originally compiled by Peter Hunt <pehunt@redhat.com>

34
docs/source/markdown/podman-pod-pause.1.md Normal file
View File

@ -0,0 +1,34 @@
% podman-pod-pause(1)
## NAME
podman\-pod\-pause - Pause one or more pods
## SYNOPSIS
**podman pod pause** [*options*] *pod* ...
## DESCRIPTION
Pauses all the running processes in the containers of one or more pods. You may use pod IDs or names as input.
## OPTIONS
**--all**, **-a**
Pause all pods.
**--latest**, **-l**
Instead of providing the pod name or ID, pause the last created pod.
The latest option is not supported on the remote client.
## EXAMPLE
podman pod pause mywebserverpod
podman pod pause 860a4b23
## SEE ALSO
podman-pod(1), podman-pod-unpause(1), podman-pause(1)
## HISTORY
July 2018, Originally compiled by Peter Hunt <pehunt@redhat.com>

27
docs/source/markdown/podman-pod-prune.1.md Normal file
View File

@ -0,0 +1,27 @@
% podman-pod-prune(1)
## NAME
podman-pod-prune - Remove all stopped pods
## SYNOPSIS
**podman pod prune**
## DESCRIPTION
**podman pod prune** removes all stopped pods from local storage.
## EXAMPLES
Remove all stopped pods from local storage
```
$ sudo podman pod prune
22b8813332948064b6566370088c5e0230eeaf15a58b1c5646859fd9fc364fe7
2afb26869fe5beab979c234afb75c7506063cd4655b1a73557c9d583ff1aebe9
49161ad2a722cf18722f0e17199a9e840703a17d1158cdeda502b6d54080f674
5ca429f37fb83a9f54eea89e3a9102b7780a6e6ae5f132db0672da551d862c4a
6bb06573787efb8b0675bc88ebf8361f1a56d3ac7922d1a6436d8f59ffd955f1
```
## SEE ALSO
podman-pod(1), podman-pod-ps(1), podman-pod-rm(1)
## HISTORY
April 2019, Originally compiled by Peter Hunt (pehunt at redhat dot com)

167
docs/source/markdown/podman-pod-ps.1.md Normal file
View File

@ -0,0 +1,167 @@
% podman-pod-ps(1)
## NAME
podman\-pod\-ps - Prints out information about pods
## SYNOPSIS
**podman pod ps** [*options*]
## DESCRIPTION
**podman pod ps** lists the pods on the system.
By default it lists:
* pod id
* pod name
* number of containers attached to pod
* status of pod as defined by the following table
| **Status** | **Description** |
| ------------ | ------------------------------------------------|
| Created | No containers running nor stopped |
| Running | at least one container is running |
| Stopped | At least one container stopped and none running |
| Exited | All containers stopped in pod |
| Dead | Error retrieving state |
## OPTIONS
**--ctr-names**
Includes the container names in the container info field
**--ctr-ids**
Includes the container IDs in the container info field
**--ctr-status**
Includes the container statuses in the container info field
**--latest**,**-l**
Show the latest pod created (all states)
The latest option is not supported on the remote client.
**--no-trunc**
Display the extended information
**--quiet**, **-q**
Print the numeric IDs of the pods only
**--format**=*format*
Pretty-print containers to JSON or using a Go template
Valid placeholders for the Go template are listed below:
| **Placeholder** | **Description** |
| ------------------- | ----------------------------------------------------------------------------------------------- |
| .ID | Container ID |
| .Name | Name of pod |
| .Status | Status of pod |
| .Labels | All the labels assigned to the pod |
| .ContainerInfo | Show the names, ids and/or statuses of containers (only shows 9 unless no-trunc is specified) |
| .NumberOfContainers | Show the number of containers attached to pod |
| .Cgroup | Cgroup path of pod |
| .UsePodCgroup | Whether containers use the Cgroup of the pod |
**--sort**
Sort by created, ID, name, status, or number of containers
Default: created
**--filter**, **-f=***filter*
Filter output based on conditions given
Valid filters are listed below:
| **Filter** | **Description** |
| --------------- | ------------------------------------------------------------------- |
| id | [ID] Pod's ID |
| name | [Name] Pod's name |
| label | [Key] or [Key=Value] Label assigned to a container |
| ctr-names | Container name within the pod |
| ctr-ids | Container ID within the pod |
| ctr-status | Container status within the pod |
| ctr-number | Number of containers in the pod |
**--help**, **-h**
Print usage statement
## EXAMPLES
```
$ podman pod ps
POD ID NAME STATUS NUMBER OF CONTAINERS
00dfd6fa02c0 jolly_goldstine Running 1
f4df8692e116 nifty_torvalds Created 2
```
```
$ podman pod ps --ctr-names
POD ID NAME STATUS CONTAINER INFO
00dfd6fa02c0 jolly_goldstine Running [ loving_archimedes ]
f4df8692e116 nifty_torvalds Created [ thirsty_hawking ] [ wizardly_golick ]
```
```
$ podman pod ps --ctr-status --ctr-names --ctr-ids
POD ID NAME STATUS CONTAINER INFO
00dfd6fa02c0 jolly_goldstine Running [ ba465ab0a3a4 loving_archimedes Running ]
f4df8692e116 nifty_torvalds Created [ 331693bff40a thirsty_hawking Created ] [ 8e428daeb89e wizardly_golick Created ]
```
```
$ podman pod ps --format "{{.ID}} {{.ContainerInfo}} {{.Cgroup}}" --ctr-names
00dfd6fa02c0 [ loving_archimedes ] /libpod_parent
f4df8692e116 [ thirsty_hawking ] [ wizardly_golick ] /libpod_parent
```
```
$ podman pod ps --cgroup
POD ID NAME STATUS NUMBER OF CONTAINERS CGROUP USE POD CGROUP
00dfd6fa02c0 jolly_goldstine Running 1 /libpod_parent true
f4df8692e116 nifty_torvalds Created 2 /libpod_parent true
```
```
$ podman pod ps --sort id --filter ctr-number=2
POD ID NAME STATUS NUMBER OF CONTAINERS
f4df8692e116 nifty_torvalds Created 2
```
```
$ podman pod ps --ctr-ids
POD ID NAME STATUS CONTAINER INFO
00dfd6fa02c0 jolly_goldstine Running [ ba465ab0a3a4 ]
f4df8692e116 nifty_torvalds Created [ 331693bff40a ] [ 8e428daeb89e ]
```
```
$ podman pod ps --no-trunc --ctr-ids
POD ID NAME STATUS CONTAINER INFO
00dfd6fa02c0a2daaedfdf8fcecd06f22ad114d46d167d71777224735f701866 jolly_goldstine Running [ ba465ab0a3a4e15e3539a1e79c32d1213a02b0989371e274f98e0f1ae9de7050 ]
f4df8692e116a3e6d1d62572644ed36ca475d933808cc3c93435c45aa139314b nifty_torvalds Created [ 331693bff40a0ef2f05a3aba73ce49e3243108911927fff04d1f7fc44dda8022 ] [ 8e428daeb89e69b71e7916a13accfb87d122889442b5c05c2d99cf94a3230e9d ]
```
```
$ podman pod ps --ctr-names
POD ID NAME STATUS CONTAINER INFO
314f4da82d74 hi Created [ jovial_jackson ] [ hopeful_archimedes ] [ vibrant_ptolemy ] [ heuristic_jennings ] [ keen_raman ] [ hopeful_newton ] [ mystifying_bose ] [ silly_lalande ] [ serene_lichterman ] ...
```
## pod ps
Print a list of pods
## SEE ALSO
podman-pod(1)
## HISTORY
July 2018, Originally compiled by Peter Hunt <pehunt@redhat.com>

52
docs/source/markdown/podman-pod-restart.1.md Normal file
View File

@ -0,0 +1,52 @@
% podman-pod-restart(1)
## NAME
podman\-pod\-restart - Restart one or more pods
## SYNOPSIS
**podman pod restart** [*options*] *pod* ...
## DESCRIPTION
Restart containers in one or more pods. Containers will be stopped if running and then restarted.
Stopped containers will only be started. You may use pod IDs or names as input.
The pod ID will be printed upon successful restart.
When restarting multiple pods, an error from restarting one pod will not effect restarting other pods.
## OPTIONS
**--all**, **-a**
Restarts all pods
**--latest**, **-l**
Instead of providing the pod name or ID, restart the last created pod.
The latest option is not supported on the remote client.
## EXAMPLE
```
podman pod restart mywebserverpod
cc8f0bea67b1a1a11aec1ecd38102a1be4b145577f21fc843c7c83b77fc28907
podman pod restart 490eb 3557fb
490eb241aaf704d4dd2629904410fe4aa31965d9310a735f8755267f4ded1de5
3557fbea6ad61569de0506fe037479bd9896603c31d3069a6677f23833916fab
podman pod restart --latest
3557fbea6ad61569de0506fe037479bd9896603c31d3069a6677f23833916fab
podman pod restart --all
19456b4cd557eaf9629825113a552681a6013f8c8cad258e36ab825ef536e818
3557fbea6ad61569de0506fe037479bd9896603c31d3069a6677f23833916fab
490eb241aaf704d4dd2629904410fe4aa31965d9310a735f8755267f4ded1de5
70c358daecf71ef9be8f62404f926080ca0133277ef7ce4f6aa2d5af6bb2d3e9
cc8f0bea67b1a1a11aec1ecd38102a1be4b145577f21fc843c7c83b77fc28907
```
## SEE ALSO
podman-pod(1), podman-pod-start(1), podman-restart(1)
## HISTORY
July 2018, Originally compiled by Peter Hunt <pehunt@redhat.com>

Some files were not shown because too many files have changed in this diff Show More