Update man pages and config files

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
Daniel J Walsh 2022-01-26 11:51:28 -05:00
parent 8f21e603b4
commit 0fa32dbfde
No known key found for this signature in database
GPG Key ID: A2DF901DABE2C028
5 changed files with 42 additions and 24 deletions

1
.containerfile.5 Normal file
View File

@ -0,0 +1 @@
.so man5/containerfile.5

View File

@ -114,7 +114,7 @@ Current supported mount TYPES are bind, cache, secret and tmpfs.
Common Options: Common Options:
· src, source: mount source spec for bind and volume. Mandatory for bind. · src, source: mount source spec for bind and volume. Mandatory for bind. If `from` is specified, `src` is the subpath in the `from` field.
· dst, destination, target: mount destination spec. · dst, destination, target: mount destination spec.
@ -126,6 +126,8 @@ Current supported mount TYPES are bind, cache, secret and tmpfs.
. bind-nonrecursive: do not setup a recursive bind mount. By default it is recursive. . bind-nonrecursive: do not setup a recursive bind mount. By default it is recursive.
· from: stage or image name for the root of the source. Defaults to the build context.
Options specific to tmpfs: Options specific to tmpfs:
· tmpfs-size: Size of the tmpfs mount in bytes. Unlimited by default in Linux. · tmpfs-size: Size of the tmpfs mount in bytes. Unlimited by default in Linux.
@ -146,6 +148,8 @@ Current supported mount TYPES are bind, cache, secret and tmpfs.
· gid: gid for cache directory. · gid: gid for cache directory.
· from: stage name for the root of the source. Defaults to host cache directory.
**RUN Secrets** **RUN Secrets**

View File

@ -11,7 +11,7 @@ on Windows and macOS, at `$HOME/.config/containers/auth.json`.
When searching for the credential for a registry, the following files will be read in sequence until the valid credential is found: When searching for the credential for a registry, the following files will be read in sequence until the valid credential is found:
first reading the primary (read/write) file, or the explicit override using an option of the calling application. first reading the primary (read/write) file, or the explicit override using an option of the calling application.
If credentials are not present, search in `${XDG\_CONFIG\_HOME}/containers/auth.json`, `$HOME/.docker/config.json`, `$HOME/.dockercfg`. If credentials are not present, search in `${XDG_CONFIG_HOME}/containers/auth.json` (usually `~/.config/containers/auth.json`), `$HOME/.docker/config.json`, `$HOME/.dockercfg`.
Except the primary (read/write) file, other files are read-only, unless the user use an option of the calling application explicitly points at it as an override. Except the primary (read/write) file, other files are read-only, unless the user use an option of the calling application explicitly points at it as an override.

View File

@ -197,10 +197,6 @@ log_driver = "journald"
# #
#prepare_volume_on_create = false #prepare_volume_on_create = false
# Indicates the networking to be used for rootless containers
#
#rootless_networking = "slirp4netns"
# Path to the seccomp.json profile which is used as the default seccomp profile # Path to the seccomp.json profile which is used as the default seccomp profile
# for the runtime. # for the runtime.
# #
@ -249,9 +245,6 @@ log_driver = "journald"
# #
#volumes = [] #volumes = []
# The network table contains settings pertaining to the management of
# CNI plugins.
[secrets] [secrets]
#driver = "file" #driver = "file"
@ -260,9 +253,15 @@ log_driver = "journald"
[network] [network]
# Network backend to use. Default "CNI". # Network backend determines what network driver will be used to set up and tear down container networks.
# Valid values are "cni" and "netavark".
# The default value is empty which means that it will automatically choose CNI or netavark. If there are
# already containers/images or CNI networks preset it will choose CNI.
# #
#network_backend = "cni" # Before changing this value all containers must be stopped otherwise it is likely that
# iptables rules and network interfaces might leak on the host. A reboot will fix this.
#
#network_backend = ""
# Path to directory where CNI plugin binaries are located. # Path to directory where CNI plugin binaries are located.
# #
@ -274,18 +273,22 @@ log_driver = "journald"
# "/opt/cni/bin", # "/opt/cni/bin",
#] #]
# The network name of the default CNI network to attach pods to. # The network name of the default network to attach pods to.
# #
#default_network = "podman" #default_network = "podman"
# The default subnet for the default CNI network given in default_network. # The default subnet for the default network given in default_network.
# If a network with that name does not exist, a new network using that name and # If a network with that name does not exist, a new network using that name and
# this subnet will be created. # this subnet will be created.
# Must be a valid IPv4 CIDR prefix. # Must be a valid IPv4 CIDR prefix.
# #
#default_subnet = "10.88.0.0/16" #default_subnet = "10.88.0.0/16"
# Path to the directory where CNI configuration files are located. # Path to the directory where network configuration files are located.
# For the CNI backend the default is "/etc/cni/net.d" as root
# and "$HOME/.config/cni/net.d" as rootless.
# For the netavark backend "/etc/containers/networks" is used as root
# and "$graphroot/networks" as rootless.
# #
#network_config_dir = "/etc/cni/net.d/" #network_config_dir = "/etc/cni/net.d/"
@ -351,6 +354,9 @@ log_driver = "journald"
# #
#env = [] #env = []
# Define where event logs will be stored, when events_logger is "file".
#events_logfile_path=""
# Selects which logging mechanism to use for container engine events. # Selects which logging mechanism to use for container engine events.
# Valid values are `journald`, `file` and `none`. # Valid values are `journald`, `file` and `none`.
# #

View File

@ -222,11 +222,6 @@ is imposed.
Copy the content from the underlying image into the newly created volume when the container is created instead of when it is started. If `false`, the container engine will not copy the content until the container is started. Setting it to `true` may have negative performance implications. Copy the content from the underlying image into the newly created volume when the container is created instead of when it is started. If `false`, the container engine will not copy the content until the container is started. Setting it to `true` may have negative performance implications.
**rootless_networking**="slirp4netns"
Set type of networking rootless containers should use. Valid options are `slirp4netns`
or `cni`.
**seccomp_profile**="/usr/share/containers/seccomp.json" **seccomp_profile**="/usr/share/containers/seccomp.json"
Path to the seccomp.json profile which is used as the default seccomp profile Path to the seccomp.json profile which is used as the default seccomp profile
@ -278,11 +273,15 @@ Options are:
The `network` table contains settings pertaining to the management of CNI The `network` table contains settings pertaining to the management of CNI
plugins. plugins.
**network_backend**="cni" **network_backend**=""
Network backend determines what network driver will be used to set up and tear down container networks. Network backend determines what network driver will be used to set up and tear down container networks.
Valid values are "cni" and "netavark". Valid values are "cni" and "netavark".
Changing this value may require restarting all running containers. The default value is empty which means that it will automatically choose CNI or netavark. If there are
already containers/images or CNI networks preset it will choose CNI.
Before changing this value all containers must be stopped otherwise it is likely that
iptables rules and network interfaces might leak on the host. A reboot will fix this.
**cni_plugin_dirs**=[] **cni_plugin_dirs**=[]
@ -301,16 +300,20 @@ cni_plugin_dirs = [
**default_network**="podman" **default_network**="podman"
The network name of the default CNI network to attach pods to. The network name of the default network to attach pods to.
**default_subnet**="10.88.0.0/16" **default_subnet**="10.88.0.0/16"
The subnet to use for the default CNI network (named above in **default_network**). The subnet to use for the default network (named above in **default_network**).
If the default network does not exist, it will be automatically created the first time a tool is run using this subnet. If the default network does not exist, it will be automatically created the first time a tool is run using this subnet.
**network_config_dir**="/etc/cni/net.d/" **network_config_dir**="/etc/cni/net.d/"
Path to the directory where CNI configuration files are located. Path to the directory where network configuration files are located.
For the CNI backend the default is "/etc/cni/net.d" as root
and "$HOME/.config/cni/net.d" as rootless.
For the netavark backend "/etc/containers/networks" is used as root
and "$graphroot/networks" as rootless.
**volumes**=[] **volumes**=[]
@ -378,6 +381,10 @@ Environment variables to be used when running the container engine (e.g., Podman
Note these environment variables will not be used within the container. Set the env section under [containers] table, Note these environment variables will not be used within the container. Set the env section under [containers] table,
if you want to set environment variables for the container. if you want to set environment variables for the container.
**events_logfile_path**=""
Define where event logs will be stored, when events_logger is "file".
**events_logger**="journald" **events_logger**="journald"
Default method to use when logging events. Default method to use when logging events.