Podman: A tool for managing OCI containers and pods.
APACHE-2.0 License
Bot releases are hidden (Show)
Published by mheon over 5 years ago
--restart-policy
flag on podman create
and podman run
allows containers to be restarted after they exit. Please note that Podman cannot restart containers after a system reboot - for that, see our next featurepodman generate systemd
command was added to generate systemd unit files for managing Podman containerspodman runlabel
command now allows a $GLOBAL_OPTS
variable, which will be populated by global options passed to the podman runlabel
command, allowing custom storage configurations to be passed into containers run with runlabel
([#2399](https://github.com/containers/l\podman play kube
command now allows File
and FileOrCreate
volumespodman pod prune
command was added to prune unused podspodman system migrate
command to migrate containers using older configurations to allow their use by newer Libpod versions (#2935)--http-proxy
flag (enabled by default)/tmp
, /var/tmp
, and /run
with the --read-only-tmpfs
flag (enabled by default)podman init
command was added, performing all container pre-start tasks without starting the container to allow pre-run debuggingpodman cp
would not copy folders (#2836)podman rmi
sometimes did not produce an event when images were deletedpodman images
would not print a header if no images were present (#2877)podman images
command with --filter dangling=false
would incorrectly print dangling images instead of images which are not dangling (#2884)/sys/kernel
podman create
would panic when trying to create a container whose name already existedpodman pull
would exit 0 on failing to pull an image (#2785)podman pull
would not properly print the cause of errors that occurred (#2710)ctrl-z
in a shell (#2775)/sys/
were cleaned up already by the closing of the mount namespacepodman play kube
was not including environment variables from the image run (#2930)podman play kube
would not properly clean up partially-created pods when encountering an errorpodman commit
with the --change
flag improperly set CMD
when a multipart value was provided (#2951)--mount
flag to podman create
and podman run
did not properly validate its arguments, causing Podman to panic--mount
, --volume
, and --tmpfs
flags were not properly reported--mount
flag could not be used with named volumes--mount
flag did not properly set options for created tmpfs filesystemspodman logout
would not print an error when the login was established by docker login
(#2735)podman stop
would error when not all containers were running (#2993)podman pull
would fail to pull images by shortname if they were not present in the docker.io
registrypodman login
would error when credentials were not present if a credential helper was configured (#1675)podman system renumber
command and Podman post-reboot state refreshes would not create eventspodman top
command was not compatible with docker top
syntaxregistries.conf
config filepodman run
, podman create
, podman start
, podman restart
, podman attach
, podman stop
, podman port
, podman rm
, podman top
, podman image tree
, podman generate kube
, podman umount
, podman container checkpoint
, and podman container restore
commands arepodman volume
command was performed. There should be no major user-facing changes, but downgrading from Podman 1.3 to previous versions may render some volumes unable to be removed.podman events
command now logs events to journald by default. The old behavior (log to file) can be configured in podman.conf via the events_logger
optionpodman commit
command, in versions 1.2 and earlier, included all volumes mounted into the container as image volumes in the committed image. This behavior was incorrect and has been disabled by default; it can be reenabled with the --include-volumes
flagPublished by mheon over 5 years ago
podman healthcheck run
command was added to manually run healthchecks, and the status of a running healthcheck can be viewed via podman inspect
podman events
command was added to show a stream of significant eventspodman ps
command now supports a --watch
flag that will refresh its output on a given intervalpodman image tree
command was added to show a tree representation of an image's layerspodman logs
command can now display logs for multiple containers at the same time (#2219)podman exec
command can now pass file descriptors to the process being executed in the container via the --preserve-fds
option (#2372)podman images
command can now filter images by reference (#2266)podman system df
command was added to show disk usage by Podman--add-host
option can now be used by containers sharing a network namespace (#2504)podman cp
command now has an --extract
option to extract the contents of a Tar archive and copy them into the container, instead of copying the archive itself (#2520)slirp4netns
binary for rootless networking via the --network-cmd-path
flag (#2506)/etc/subuid
and /etc/subgid
(#1651)podman runlabel
command now supports the --replace
option to replace containers using the name requestedCMD
and ENTRYPOINT
instead of a fixed command (#2182)podman play kube
command now supports the HostPath
and VolumeMounts
YAML fields (#2536)resolv.conf
or /etc/hosts
in containers by specifying --dns=none
and --no-hosts
, respectively, to podman run
and podman create
(#2744)podman version
command now supports the {{ json . }}
template (which outputs JSON)podman run --device
(#2380)--config
flag specified would not use appropriate defaults (#2510)--net=host
) would show SELinux as enabled in the container when there were no privileges to use itSTDIN
could cause Podman to run out of memorypodman play kube
would sometimes segfault (#2209)podman runlabel
did not respect the $PWD
variable (#2171)podman build
could not access DNS servers when slirp4netns
was in use (#2572)podman stop
and podman rm
would not work on containers which specified a non-root user (#2577)podman exec
would fail when --user
was specified (#2566)podman pod create
would fail if a pod shared no namespaces but created an infra containerpodman rm
would exit 0 if no containers specified were found (#2539)podman run
would fail to enable networking for containers with additional CNI networks specified (#2795)podman images
command on the remote client was not displaying digests (#2756)podman image save
would, when told to save to a path that exists, return an error, but still delete the file at the given path--env
would cause parsing errors (#2712)podman umount
would not error if called with no argumentspodman create kube
was being ignored (#2665)podman pod inspect
command would segfault if not given an argument (#2681)podman pod top
would fail (#2682)podman load
command would not error if an input file is not specified and a file was not redirected to STDIN
podman
could fail if global configuration was altered via flag (for example, --root
, --runroot
, --storage-driver
)podman ps
, as opposed to together as a range (#1358)podman run --rootfs
could panic (#2654)podman build
would fail if options were specified after the directory to build (#2636)podman create
and podman run
would have incorrect permissions (#2634)podman image inspect
command incorrectly allowed the --latest
, --type
, and --size
optionspsgo
library to v1.2, featuring greatly improved safety during concurrent usepodman events
command may not show all activity regarding images, as only Podman was instrumented; images created, deleted, or pulled by CRI-O or Buildah will not be shown in podman events
podman pod top
and podman pod stats
commands are now usable with the Podman remote clientpodman kill
and podman wait
commands are now usable with the Podman remote clientrestarting
state and mapped stopped
(also unused) to exited
in podman ps --filter status
.
(period) characterPublished by mheon over 5 years ago
podman image list
, podman image rm
, and podman container list
had broken global storage options--label
option to podman create
and podman run
was missing the -l
alias--config
flag would not set an appropriate default value for tmp_dir
(#2408)podman logs
command with the --timestamps
flag produced unreadable output (#2500)podman cp
command would automatically extract .tar
files copied into the container (#2509)podman container stop
command is now usable with the Podman remote clientPublished by mheon over 5 years ago
podman container restore
was erroneously available as podman restore
(#2191)volume_path
option in libpod.conf
was not being respectedvarlink
tag was not present (#2459)podman image load
command was listed twice in help textpodman image sign
command was also listed as podman sign
podman image list
command incorrectly had an image
aliaspodman images
command incorrectly had ls
and list
aliasespodman image rm
command was being displayed as podman image rmi
podman create
command would attempt to parse arguments meant for the container--time
alias for --timeout
for the podman restart
and podman stop
commands did not functionpodman stop
)podman port
was incorrect, printing full container ID instead of truncated IDpodman container list
command did not existpodman build
could not build a container from images tagged locally that did not exist in a registry (#2469)podman play kube
could not handle cases where a pod and a container shared a namenewuidmap
and newgidmap
binaries fail when using rootless Podman-s
alias for the global --storage-driver
option has been removedpodman container refresh
command has been deprecated, as its intended use case is no longer relevant. The command has been hidden and manpages deleted. It will be removed in a future releasepodman container runlabel
command will now pull images not available locally even without the --pull
option. The --pull
option has been deprecatedpodman container checkpoint
and podman container restore
commands are now only available on OCI runtimes where they are supported (e.g. runc
)Published by mheon over 5 years ago
--latest
and --all
flags to podman mount
and podman umount
-p
and -P
flags as root Podman)libpod.conf
if they are not explicitly set in the user's own libpod.conf
(#2174)-f
for the --format
flag of the podman info
and podman version
commands-s
for the --size
flag of the podman inspect
commandpodman system info
and podman system prune
commandspodman cp
command to copy files between containers and the host (#613)--password-stdin
flag to podman login
--all-tags
flag to podman pull
--rm
and --detach
flags can now be used together with podman run
podman start
and podman run
commands for containers in pods will now start dependency containers if they are stoppedpodman system renumber
command to handle lock changes--net=host
and --dns
flags for podman run
and podman create
no longer conflictip netns add
when they are passed in via podman run --net=ns:
podman inspect
where different information would be returned when the container was running versus when it was stoppedpodman inspect
were silently ignored instead of reported to the user (#2159)--pid=host
containers was incorrectly masking paths in /proc
Podman
were not reported when a refresh was requestedpodman prune
would prune all images not in use by a container, as opposed to only untagged images, by default (#2192)podman create --quiet
and podman run --quiet
were not properly suppressing outputtable
keyword in Go template output of podman ps
was not working (#2221)podman inspect
on images pulled by digest would double-print @sha256
in output when printing digests (#2086)podman container runlabel
will return a non-0 exit code if the label does not exist/dev/pts
was unconditionally overridden in rootless Podman, which was unnecessary except in very specific cases/etc/containers/storage.conf
(#2217)podman images --filter dangling=true
would crash if no dangling images were present (#2246)podman ps --format "{{.Mounts}}"
would not display a container's mounts (#2238)podman pod stats
was ignoring Go templates specified by --format
(#2258)podman generate kube
would fail on containers with --user
specified (#2304)podman images
displayed incorrect output for images pulled by digest (#2175)podman port
and podman ps
did not properly display ports if the container joined a network namespace from a pod or another container (#846)podman create --rm
did not work with podman start --attach
podman create
and podman run
could cause segfaults (#2301)runtime
field in libpod.conf
was being ignored. runtime
is legacy and deprecated, but will continue to be respected for the forseeable futurepodman login
would sometimes report it logged in successfully when it did notpodman pod create
would not error on receiving unused CLI argumentpodman run
with the --pod
argument would fail if the pod was stoppedpodman images
did not print a trailing newline when not invoked on a TTY (#2388)--runtime
option was sometimes not overriding libpod.conf
podman pull
and podman runlabel
would sometimes exit with 0 when they should have exited with an error (#2405)podman export -o
would fail (#2381)nosuid
, nodev
, or noexec
(#2312)--net=container:
), you should run the podman system renumber
command to migrate your containers to the new model - pleaspodman-system-renumber(1)
man page for further details:z
and :Z
options, preventing users from accidentally performing an SELinux relabel of their entire home directorypodman container runlabel
command will not pull an image if it does not contain the requested labelpodman rm
can now delete containers in containers/storage, which can be used to resolve some situations where Podman fails to remove a containerpodman search
command now searches multiple registries in parallel for improved performancepodman build
command now defaults --pull-always
to truepodman rm
and podman rmi
commands now return 1 (instead of 127) when all specified container or images are missingPublished by mheon almost 6 years ago
podman exec
command now includes a --workdir
option to set working directory for the executed commandpodman create
and podman run
commands now support the --init
flag to use a minimal init process in the containerpodman image sign
command to GPG sign imagespodman run --device
flag now accepts directories, and will added any device nodes in the directory to the containerpodman play kube
command to create pods and containers from Kubernetes pod YAMLpodman create
or podman run
volumes with an empty host or container path could cause a segfaultstorage.conf
was sometimes ignored for rootless containerspodman login
would use existing login credentials even if new credentials were providedpodman runlabel
was not properly setting container names when the --name
was specifiedpodman runlabel
sometimes included extra spaces in command outputpodman commit
was including invalid port numbers in created images when committing containers with published portspodman exec
was not honoring the container's environment variablespodman run --device
would fail when a symlink to a device was specifiedpodman build
was not properly picking up OCI runtime paths specified in libpod.conf
/dev/shm
into the container read-only for read-only containers (/dev/shm
should always be read-write)/dev/shm
podman export
did not work with the default fuse-overlayfs
storage driverpodman inspect -f '{{ json .Config }}'
on images would not output anything (it now prints the image's config)podman rmi -fa
displayed the wrong error message when trying to remove images used by pod infra containerspodman build
, featuring improved build speed and numerous bugfixespodman start --attach
command now defaults the sig-proxy
option to true
, matching podman create
and podman run
podman info
command now prints the path of the configuration file controlling container storagepodman list
and podman ls
as aliases for podman ps
, and podman container ps
and podman container list
as aliases for podman container ls
podman generate kube
to generate Kubernetes service YAML in the same file as pod YAML, generating a single file instead of twopodman inspect -f '{{ json .ContainerConfig }}'
on images is no longer valid; please use podman inspect -f '{{ json .Config }}'
insteadPublished by mheon almost 6 years ago
--rm
which failed to start were not removed/etc/passwd
inside containersPublished by mheon almost 6 years ago
podman generate kube
command to generate Kubernetes Pod and Service YAML for Podman containers and podspodman pod stop
flag now accepts a --timeout
flag to set the timeout for stopping containers in the podPublished by mheon almost 6 years ago
~/.config/containers/
for ease of reconfigurationpodman pod create
command can expose ports in the pod's network namespace, allowing public services to be created in podspodman container checkpoint
command can now keep containers running after they are checkpointed with the --leave-running
flagpodman container checkpoint
and podman container restore
commands now support the --tcp-established
flag to checkpoint and restore containers with active TCP connectionspodman version
command now has a --format
flag to produce machine-readable outputpodman container exists
, podman pod exists
, and podman image exists
commands to easily check for a container/pod/image, respectively, by name or IDpodman ps --pod
flag now has a short alias, -p
podman rmi
and podman rm
commands now have a --prune
flag to prune unused images and containers, respectivelypodman ps
command now has a --sync
flag to force a sync of Podman's state against the OCI runtime, resolving some state desync errorspodman volume
set of commands for creating and managing local-only named volumespodman exec
without -t
would still use a terminal if the container was created with -t
podman exec
could hold the container lock longer than necessary waiting for an exited containerslirp4netns
for networking were reporting using bridge
networking in podman inspect
podman container restore -a
was attempting to restore all containers, including created and running ones. It will now only attempt to restore stopped and exited containersnodev
podman stop
would throw an error attempting to stop a container that had already stoppedNOTIFY_SOCKET
was not properly being passed into Podman containers/dev/shm
was not properly mounted in rootless containersinotify
related errors/etc/group
--net=container
were not mounting /etc/resolv.conf
and /etc/hosts
podman build
now defaults the --force-rm
flag to true
podman runlabel
support for labels featuring arguments with whitespaceresolv.conf
slirp4netns
network mode can now be used with containers running as root. It may be useful for container-in-container scenarios where the outer container does not have host networking setinotify
to wait for container exit files to be created, instead of polling. If inotify
cannot be used, Podman will fall back to polling to check if the file has been createdpodman logs
command now uses improved short-options handling, allowing its flags to be combined if desired (for example, podman logs -lf
instead of podman logs -l -f
)libpod.conf
configuration file. They can be specified as an array via hooks_dir
Published by mheon almost 6 years ago
podman exec
could time out on slower systems by increasing the relevant timeoutpodman rm -f
now removes paused containers. As such, podman rm -af
completing successfully guarantees all Podman containers have been removedpodman info
to show if Podman is being run as rootlesspodman images
- image sizes now feature a space between number and unit (e.g. 123 MB
now instead of 123MB
)containers/storage
to fix several bugs reported upstreamPublished by mheon almost 6 years ago
--all
and --latest
flags to podman checkpoint
and podman restore
--max-workers
flag to all Podman commands that support operating in parallel, allowing the maximum number of parallel workers used to be specified--all
flag to podman restart
podman port -l
would segfault if no containers were presentpodman stats -a
would error if containers were present but not runningcriu
is being used-e FOO
) caused errors (they are now added as empty)--cid-file
was specified to podman run
podman unmount
would refuse to unmount a container if it was running (the unmount will now be deferred until the container stops)podman attach
would fail to attach due to a too-long path namepodman info
was not properly reporting the Git commit Podman was built frompodman run --interactive
was not holding STDIN open when -a
flag was specifiedcgroupfs
CGroup driver was sometimes not successfully removing pod CGroupspodman run
with the --user
flag would fail if the container image did not contain /etc/passwd
or /etc/group
podman rm
, podman restart
, podman kill
, podman pause
, and podman unpause
now operate in parallel, greatly improving speed when multiple containers are specifiedpodman create
, podman run
, and podman ps
have a number of improvements which should greatly increase their speedpodman runlabel
to run commands that are not Podman/etc/hosts
Published by mheon about 6 years ago
podman build
would not work while any containers were runningPublished by mheon about 6 years ago
Published by mheon about 6 years ago
push
, pull
, login
, logout
, runlabel
, and search
commandspodman build
Published by mheon about 6 years ago
podman container checkpoint
and podman container restore
commands to checkpoint and restore containerspodman container runlabel
command to run containers based on commands contained in their imagespodman create --ip
and podman run --ip
flags to allow setting static IPs for containerspodman kill --all
flag to send a signal to all running containers--syslog
flag is specifiedpodman create
and podman run
to document existing --net
flag as an alias for --network
resolv.conf
in container would unconditionally forward nameservers into the container, even localhost--security-opt label=disable
to assign the correct labelpodman stop
to work in parallel when multiple containers are specified, greatly speeding up stop for containers that do not stop after SIGINTpodman build
podman info
to better debug issuesPublished by mheon about 6 years ago
Published by mheon about 6 years ago
libpod.conf
, label
, to globally enable/disable SELinux labelling for libpod--mount
flag to podman create
and podman run
as a new, more explicit way of specifying volume mounts/proc
in containers/etc/hosts
) in read-only containers/dev/shm
in --ipc=container
and --ipc=host
containers to use the correct SHMpodman diff
to not display some default changes that will not be committedPublished by mheon about 6 years ago
podman build
Published by mheon about 6 years ago
--interval
flag to podman wait
to determine the interval between checks for container statuslibpod.conf
to disable reserving ports for running containers. This lowers the safety of port allocations, but can significantly reduce memory usage.podman search
podman create
with no command specified throwing an errorpodman rm --volumes
flag for compatability with Docker. As Podman does not presently support named volumes, this does nothing for now, but provides improved compatability with the Docker command line.podman pull
Published by mheon about 6 years ago
It is recommended that you restart your system firewall after installing this release to clear any firewall rules created by older Podman versions. If port forwarding to containers does not work, it is recommended that you restart your system.