add information about pasta and how its behaviour changes the way a user needs to think about inter-container connections, as without configuration they aren't able to reach each other (assuming single interface)
Signed-off-by: marinmo <bugzilla@marinmo.org>
Update rootless.md
Co-authored-by: Paul Holzinger <45212748+Luap99@users.noreply.github.com>
Signed-off-by: marinmo <bugzilla@marinmo.org>
Update rootless.md
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: marinmo <bugzilla@marinmo.org>
Update rootless.md
Co-authored-by: Tom Sweeney <tsweeney@redhat.com>
Signed-off-by: marinmo <bugzilla@marinmo.org>
`redir` is a really useful tool for rootless networking! But I hardly ever see it mentioned and see e.g. SO answers involving complex iptables rules.So have added a quick line in here mentioning options for port forwarding to a rootless setup.
`redir` lets you start a simple service (as root) that forwards traffic from e.g. a port 443 to a higher port, meaning you can just start podman normally on 8443, and leave redir running in the background as long as the system is up.
Not sure if any other docs would benefit from addition too.
Signed-off-by: stellarpower <stellarpower@googlemail.com>
* Replace "setup", "lookup", "cleanup", "backup" with
"set up", "look up", "clean up", "back up"
when used as verbs. Replace also variations of those.
* Improve language in a few places.
Signed-off-by: Erik Sjölund <erik.sjolund@gmail.com>
This reverts commit cc3790f332d989440eb1720e24e3619fc97c74ee.
We can't change rootful to rootfull because `rootful` is written into the machine config. Changing this will break json unmarshalling, which will break existing machines.
[NO NEW TESTS NEEDED]
Signed-off-by: Ashley Cui <acui@redhat.com>
We are inconsistent on the name, we should stick with rootfull.
[NO NEW TESTS NEEDED] Existing tests should handle this and no tests for
machines exists yet.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Usage:
```
$ podman network create foo
$ podman run -d --name web --hostname web --network foo nginx:alpine
$ podman run --rm --network foo alpine wget -O - http://web.dns.podman
Connecting to web.dns.podman (10.88.4.6:80)
...
<h1>Welcome to nginx!</h1>
...
```
See contrib/rootless-cni-infra for the design.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Podman is committed to inclusivity, a core value of open source. Historically, there have been technology terms that are problematic and divisive, and should be changed. We are currently taking time to audit our repository in order to eliminate such terminology, and replace it with more inclusive terms. We are starting where we can, with our own code, comments, and documentation. However, such terms may be used in dependencies, and must be used in our repositories at the current moment for compatibility. Podman will change these terms in our repo as soon as new and better terminology is available to us via our dependencies.
For more information: https://www.redhat.com/en/blog/making-open-source-more-inclusive-eradicating-problematic-language?sc_cid=701600000011gf0AAA
Signed-off-by: Ashley Cui <acui@redhat.com>
add a quick note in the rootless.md about usage of --net=host as rootless and subsequent podman execs.
Fixes: #4473
Signed-off-by: Brent Baude <bbaude@redhat.com>
Update documentation to show Kata Containers support is no longer
a limitation with merging of commit 486a5b9
Signed-off-by: gabi beyer <gabrielle.n.beyer@intel.com>
Document that it is expected for some of the systemd API's to not work
correctly/at all in rootless containers.
Fixes: #3957
Signed-off-by: Michal Sekletar <msekleta@redhat.com>
After my last update for the 'Shortcomings of Rootless Podman' was merged,
I spotted a few grammatical nits that this corrects.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Per @rhatdan's request in #3478, this commit makes a note of supporting
General Parallel File System by IBM since it shares the same root issue
as NFS for rootless containers.
Signed-off-by: Justin W. Flory <git@jwf.io>
